Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-2581

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-21 Mar, 2025 | 05:00
Updated At-21 Mar, 2025 | 13:58
Rejected At-
Credits

xmedcon DICOM File malloc integer underflow

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to address this issue. It is recommended to upgrade the affected component.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:21 Mar, 2025 | 05:00
Updated At:21 Mar, 2025 | 13:58
Rejected At:
▼CVE Numbering Authority (CNA)
xmedcon DICOM File malloc integer underflow

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to address this issue. It is recommended to upgrade the affected component.

Affected Products
Vendor
n/a
Product
xmedcon
Modules
  • DICOM File Handler
Versions
Affected
  • 0.25.0
Problem Types
TypeCWE IDDescription
CWECWE-191Integer Underflow
CWECWE-189Numeric Error
Type: CWE
CWE ID: CWE-191
Description: Integer Underflow
Type: CWE
CWE ID: CWE-189
Description: Numeric Error
Metrics
VersionBase scoreBase severityVector
4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
3.04.3MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
2.05.0N/A
AV:N/AC:L/Au:N/C:N/I:N/A:P
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Version: 3.0
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Version: 2.0
Base score: 5.0
Base severity: N/A
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
reporter
0x20z (VulDB User)
Timeline
EventDate
Advisory disclosed2025-03-20 00:00:00
VulDB entry created2025-03-20 01:00:00
VulDB entry last update2025-03-20 23:59:36
Event: Advisory disclosed
Date: 2025-03-20 00:00:00
Event: VulDB entry created
Date: 2025-03-20 01:00:00
Event: VulDB entry last update
Date: 2025-03-20 23:59:36
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.300541
vdb-entry
technical-description
https://vuldb.com/?ctiid.300541
signature
permissions-required
https://vuldb.com/?submit.522216
third-party-advisory
https://xmedcon.sourceforge.io/Main/New
patch
Hyperlink: https://vuldb.com/?id.300541
Resource:
vdb-entry
technical-description
Hyperlink: https://vuldb.com/?ctiid.300541
Resource:
signature
permissions-required
Hyperlink: https://vuldb.com/?submit.522216
Resource:
third-party-advisory
Hyperlink: https://xmedcon.sourceforge.io/Main/New
Resource:
patch
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:21 Mar, 2025 | 05:15
Updated At:27 Mar, 2025 | 13:24

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to address this issue. It is recommended to upgrade the affected component.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.3MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Secondary
Version: 4.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
xmedcon_project
xmedcon_project
>>xmedcon>>0.25.0
cpe:2.3:a:xmedcon_project:xmedcon:0.25.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarycna@vuldb.com
CWE-191Primarycna@vuldb.com
CWE-191Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: cna@vuldb.com
CWE ID: CWE-191
Type: Primary
Source: cna@vuldb.com
CWE ID: CWE-191
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://vuldb.com/?ctiid.300541cna@vuldb.com
Permissions Required
VDB Entry
https://vuldb.com/?id.300541cna@vuldb.com
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.522216cna@vuldb.com
Third Party Advisory
VDB Entry
https://xmedcon.sourceforge.io/Main/Newcna@vuldb.com
Product
VDB Entry
Hyperlink: https://vuldb.com/?ctiid.300541
Source: cna@vuldb.com
Resource:
Permissions Required
VDB Entry
Hyperlink: https://vuldb.com/?id.300541
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://vuldb.com/?submit.522216
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://xmedcon.sourceforge.io/Main/New
Source: cna@vuldb.com
Resource:
Product
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

58Records found
CVE-2019-12678
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.92% / 74.98%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-19 Nov, 2024 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2023-24817
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.68%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 15:50
Updated-10 Jan, 2025 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RIOT-OS vulnerable to Out of Bounds write in routing with SRH

RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer. Triggering the access at the right time will corrupt other packets or the allocator metadata. Corrupting a pointer will lead to denial of service. This issue is fixed in version 2023.04. As a workaround, disable SRH in the network stack.

Action-Not Available
Vendor-riot-osRIOT-OS
Product-riotRIOT
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37301
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.19%
||
7 Day CHG~0.00%
Published-22 Nov, 2022 | 00:00
Updated-28 Apr, 2025 | 14:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)

Action-Not Available
Vendor-Schneider Electric SE
Product-modicon_premium_tsxp57_454mmodicon_premium_tsxp57_2834m_firmwaremodicon_premium_tsxp57_6634m_firmwaremodicon_m580_bmep583040_firmwaremodicon_m580_bmeh582040smodicon_quantum_140cpu65160_firmwaremodicon_m580_bmeh584040smodicon_m580_bmep582020h_firmwaremodicon_m580_bmep584040s_firmwaremodicon_m580_bmep584040modicon_mc80_bmkc8020310_firmwaremodicon_m580_bmep585040_firmwaremodicon_m580_bmep582040h_firmwaremodicon_m340_bmx_p34-2030modicon_premium_tsxp57_454m_firmwaremodicon_quantum_140cpu65150modicon_m580_bmep584040_firmwaremodicon_momentum_171cbu78090_firmwaremodicon_m580_bmep584040smodicon_m580_bmeh582040cmodicon_m580_bmep583040modicon_m580_bmep582040modicon_m580_bmep585040modicon_premium_tsxp57_4634mmodicon_m580_bmep584020_firmwaremodicon_m580_bmeh584040modicon_m580_bmep585040c_firmwaremodicon_premium_tsxp57_2634m_firmwaremodicon_m580_bmeh584040_firmwaremodicon_momentum_171cbu78090modicon_premium_tsxp57_5634mmodicon_m580_bmep581020h_firmwaremodicon_m580_bmep584020modicon_mc80_bmkc8020301modicon_quantum_140noc78100modicon_m580_bmeh584040s_firmwaremodicon_m580_bmep582040smodicon_premium_tsxp57_1634m_firmwaremodicon_momentum_171cbu98090_firmwaremodicon_quantum_140noc78100_firmwaremodicon_m580_bmeh586040cmodicon_m580_bmep582020_firmwaremodicon_momentum_171cbu98091modicon_m580_bmep581020hmodicon_m580_bmeh586040_firmwaremodicon_m340_bmx_p34-2010modicon_m580_bmeh584040cmodicon_m580_bmeh586040c_firmwaremodicon_m580_bmep586040_firmwaremodicon_m580_bmeh582040_firmwaremodicon_quantum_140cpu65150c_firmwaremodicon_m340_bmx_p34-2010_firmwaremodicon_m580_bmep582040_firmwaremodicon_quantum_140noe77101_firmwaremodicon_m580_bmeh582040modicon_quantum_140cpu65160c_firmwaremodicon_mc80_bmkc8030311modicon_quantum_140cpu65160modicon_momentum_171cbu98090modicon_quantum_140noe77111_firmwaremodicon_premium_tsxp57_1634mmodicon_m580_bmeh582040c_firmwaremodicon_m580_bmep583020modicon_m580_bmeh586040s_firmwaremodicon_m580_bmeh586040smodicon_m580_bmep586040modicon_premium_tsxp57_2634mmodicon_m580_bmeh586040modicon_mc80_bmkc8020310modicon_m580_bmep583020_firmwaremodicon_premium_tsxp57_5634m_firmwaremodicon_premium_tsxp57_554m_firmwaremodicon_m580_bmep582020modicon_quantum_140cpu65160cmodicon_m580_bmeh584040c_firmwaremodicon_quantum_140cpu65150_firmwaremodicon_momentum_171cbu98091_firmwaremodicon_quantum_140cpu65150cmodicon_m580_bmep585040cmodicon_mc80_bmkc8030311_firmwaremodicon_quantum_140noe77101modicon_m580_bmep582040hmodicon_premium_tsxp57_554mmodicon_m580_bmep582040s_firmwaremodicon_premium_tsxp57_2834mmodicon_m580_bmep581020_firmwaremodicon_mc80_bmkc8020301_firmwaremodicon_m580_bmep581020modicon_m580_bmep586040cmodicon_premium_tsxp57_4634m_firmwaremodicon_quantum_140noe77111modicon_m580_bmep582020hmodicon_m340_bmx_p34-2030_firmwaremodicon_m580_bmep586040c_firmwaremodicon_m580_bmeh582040s_firmwaremodicon_premium_tsxp57_6634mModicon M580 CPU (part numbers BMEP* and BMEH*) Modicon M340 CPU (part numbers BMXP34*)Modicon MC80 (BMKC80)Legacy Modicon Quantum/PremiumModicon Momentum MDI (171CBU*)
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2020-24370
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-2.71% / 85.32%
||
7 Day CHG~0.00%
Published-17 Aug, 2020 | 00:00
Updated-05 May, 2025 | 14:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

Action-Not Available
Vendor-luan/aDebian GNU/LinuxFedora Project
Product-luadebian_linuxfedoran/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2023-22308
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.34%
||
7 Day CHG~0.00%
Published-12 Oct, 2023 | 15:27
Updated-02 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Action-Not Available
Vendor-softetherSoftEther VPN
Product-vpnSoftEther VPN
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-56375
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.25%
||
7 Day CHG+0.03%
Published-22 Dec, 2024 | 00:00
Updated-22 Apr, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a (trusted) Trust Anchor can serve (via rsync or RRDP) a Manifest RPKI object containing an empty fileList. Fort dereferences (and, shortly afterwards, writes to) this array during a shuffle attempt, before the validation that would normally reject it when empty. This out-of-bounds access is caused by an integer underflow that causes the surrounding loop to iterate infinitely. Because the product is permanently stuck attempting to overshuffle an array that doesn't actually exist, a crash is nearly guaranteed.

Action-Not Available
Vendor-nicmxnicmx
Product-fort_validatorfort-validator
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2024-55627
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.06% / 17.91%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 17:50
Updated-31 Mar, 2025 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Suricata segfault on StreamingBufferSlideToOffsetWithRegions

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8.

Action-Not Available
Vendor-oisfOISF
Product-suricatasuricata
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-47546
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.17% / 38.12%
||
7 Day CHG+0.02%
Published-11 Dec, 2024 | 19:01
Updated-18 Dec, 2024 | 21:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read

GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the subtraction atom_length - 8 may result in an underflow if atom_length is less than 8. When that subtraction underflows, *cclen ends up being a large number, and then cclen is passed to g_memdup2 leading to an out-of-bounds (OOB) read. This vulnerability is fixed in 1.24.10.

Action-Not Available
Vendor-gstreamer_projectgstreamer
Product-gstreamergstreamer
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
  • Previous
  • 1
  • 2
  • Next
Details not found