Page 5 of 6614 results (0.323 seconds)

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

20 May 2025 — A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. Existe una falla en el filtro "blocksize" de nbdkit que puede activarse con un tipo específico de solicitud de cliente. Cuando un cliente solicita información sobre el estado del bloque para un rango de datos muy grande, super... • https://access.redhat.com/security/cve/CVE-2025-47712 • CWE-190: Integer Overflow or Wraparound

CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0

19 May 2025 — The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. ... The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines. • https://access.redhat.com/security/cve/CVE-2025-4945 • CWE-190: Integer Overflow or Wraparound

CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0

19 May 2025 — Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. ... Fixed off-by-one out-of-bounds read may lead to infoleak. Fixed integer underflow in soup_multipart_new_from_message leading to denial of service. • https://access.redhat.com/security/cve/CVE-2025-4948 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

16 May 2025 — The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. ... In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. • http://www.openwall.com/lists/oss-security/2025/04/23/4 • CWE-1395: Dependency on Vulnerable Third-Party Component •

CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0

16 May 2025 — In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. • https://github.com/AOMediaCodec/libavif/commit/50a743062938a3828581d725facc9c2b92a1d109 • CWE-190: Integer Overflow or Wraparound

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

16 May 2025 — In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. • https://github.com/AOMediaCodec/libavif/commit/64d956ed5a602f78cebf29da023280944ee92efd • CWE-190: Integer Overflow or Wraparound

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

14 May 2025 — Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25020 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

13 May 2025 — Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb25-44.html • CWE-190: Integer Overflow or Wraparound

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

13 May 2025 — Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb25-44.html • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

13 May 2025 — Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb25-42.html • CWE-190: Integer Overflow or Wraparound