Total
449 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-57823 | 1 Librdf | 1 Raptor Rdf Syntax Library | 2026-06-17 | N/A | 9.3 CRITICAL |
| In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path(). | |||||
| CVE-2024-56375 | 1 Nicmx | 1 Fort Validator | 2026-06-17 | N/A | 7.5 HIGH |
| An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object containing an empty fileList. Fort dereferences (and, shortly afterwards, writes to) this array during a shuffle attempt, before the validation that would normally reject it when empty. This out-of-bounds access is caused by an integer underflow that causes the surrounding loop to iterate infinitely. Because the product is permanently stuck attempting to overshuffle an array that doesn't actually exist, a crash is nearly guaranteed. | |||||
| CVE-2024-55627 | 1 Oisf | 1 Suricata | 2026-06-17 | N/A | 5.9 MEDIUM |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8. | |||||
| CVE-2024-54095 | 1 Siemens | 1 Solid Edge Se2024 | 2026-06-17 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 10). The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-54028 | 2 Debian, Fossies | 2 Debian Linux, Catdoc | 2026-06-17 | N/A | 8.4 HIGH |
| An integer underflow vulnerability exists in the OLE Document DIFAT Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-53955 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-53954 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-53081 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: media: ar0521: don't overflow when checking PLL values The PLL checks are comparing 64 bit integers with 32 bit ones, as reported by Coverity. Depending on the values of the variables, this may underflow. Fix it ensuring that both sides of the expression are u64. | |||||
| CVE-2024-53061 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word to be less than 2. If this happens, there will be buffer overflows, as reported by smatch. Add extra checks to prevent it. While here, remove an unused word = 0 assignment. | |||||
| CVE-2024-52989 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-52987 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-52986 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-52985 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-52984 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-52558 | 2026-06-17 | N/A | 5.3 MEDIUM | ||
| The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program. | |||||
| CVE-2024-50597 | 1 St | 10 X-cube-azrt-h7rs, X-cube-azrtos-f4, X-cube-azrtos-f7 and 7 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects the NetX Duo Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c | |||||
| CVE-2024-50596 | 1 St | 10 X-cube-azrt-h7rs, X-cube-azrtos-f4, X-cube-azrtos-f7 and 7 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects the NetX Duo Web Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c | |||||
| CVE-2024-50595 | 1 St | 10 X-cube-azrt-h7rs, X-cube-azrtos-f4, X-cube-azrtos-f7 and 7 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\http\nxd_http_server.c | |||||
| CVE-2024-50594 | 1 St | 10 X-cube-azrt-h7rs, X-cube-azrtos-f4, X-cube-azrtos-f7 and 7 more | 2026-06-17 | N/A | 4.3 MEDIUM |
| An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.This vulnerability affects the NetX Duo Web Component HTTP Server implementation which can be found in x-cube-azrtos-f7\Middlewares\ST\netxduo\addons\web\nx_web_http_server.c | |||||
| CVE-2024-50290 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR registers. Prevent that. | |||||