
CVE-2025-47712 – Nbd: nbdkit: integer overflow triggers an assertion resulting in denial of service
https://notcve.org/view.php?id=CVE-2025-47712
20 May 2025 — A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. Existe una falla en el filtro "blocksize" de nbdkit que puede activarse con un tipo específico de solicitud de cliente. Cuando un cliente solicita información sobre el estado del bloque para un rango de datos muy grande, super... • https://access.redhat.com/security/cve/CVE-2025-47712 • CWE-190: Integer Overflow or Wraparound •

CVE-2025-4945 – Libsoup: integer overflow in cookie expiration date handling in libsoup
https://notcve.org/view.php?id=CVE-2025-4945
19 May 2025 — The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. ... The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines. • https://access.redhat.com/security/cve/CVE-2025-4945 • CWE-190: Integer Overflow or Wraparound •

CVE-2025-4948 – Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup
https://notcve.org/view.php?id=CVE-2025-4948
19 May 2025 — Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. ... Fixed off-by-one out-of-bounds read may lead to infoleak. Fixed integer underflow in soup_multipart_new_from_message leading to denial of service. • https://access.redhat.com/security/cve/CVE-2025-4948 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVE-2025-40907 – FCGI versions 0.44 through 0.82, for Perl, include a vulnerable version of the FastCGI fcgi2 (aka fcgi) library
https://notcve.org/view.php?id=CVE-2025-40907
16 May 2025 — The included FastCGI library is affected by CVE-2025-23016, causing an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. ... In affected versions, specially crafted nameLen or valueLen values in data sent to the IPC socket may result in a heap-based buffer overflow, which can cause an application crash or other undefined behavior. • http://www.openwall.com/lists/oss-security/2025/04/23/4 • CWE-1395: Dependency on Vulnerable Third-Party Component •

CVE-2025-48174
https://notcve.org/view.php?id=CVE-2025-48174
16 May 2025 — In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size. • https://github.com/AOMediaCodec/libavif/commit/50a743062938a3828581d725facc9c2b92a1d109 • CWE-190: Integer Overflow or Wraparound •

CVE-2025-48175
https://notcve.org/view.php?id=CVE-2025-48175
16 May 2025 — In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. • https://github.com/AOMediaCodec/libavif/commit/64d956ed5a602f78cebf29da023280944ee92efd • CWE-190: Integer Overflow or Wraparound •

CVE-2025-30668 – Zoom Workplace Apps - NULL Pointer Dereference
https://notcve.org/view.php?id=CVE-2025-30668
14 May 2025 — Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25020 • CWE-476: NULL Pointer Dereference •

CVE-2025-43547 – Bridge | Integer Overflow or Wraparound (CWE-190)
https://notcve.org/view.php?id=CVE-2025-43547
13 May 2025 — Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb25-44.html • CWE-190: Integer Overflow or Wraparound •

CVE-2025-43546 – Bridge | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2025-43546
13 May 2025 — Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb25-44.html • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVE-2025-43556 – Animate | Integer Overflow or Wraparound (CWE-190)
https://notcve.org/view.php?id=CVE-2025-43556
13 May 2025 — Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb25-42.html • CWE-190: Integer Overflow or Wraparound •