CVE-2025-2581

MEDIUM Year: 2025
CVSS v3 Score
7.5
High
CVSS v2 Score
5.0
Medium
Weakness Type
CWE-189
View all →

Vulnerability Description

A vulnerability has been found in xmedcon 0.25.0 and classified as problematic. Affected by this vulnerability is the function malloc of the component DICOM File Handler. The manipulation leads to integer underflow. The attack can be launched remotely. Upgrading to version 0.25.1 is able to address this issue. It is recommended to upgrade the affected component.

Related Vulnerabilities

CVE-2011-5326

HIGH
CVSS:7.5(High)

imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) by drawing a 2x1 ellipse.

CWE-1892011

CVE-2014-10375

HIGH
CVSS:7.5(High)

handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header.

CWE-1892014

CVE-2014-9763

HIGH
CVSS:7.5(High)

imlib2 before 1.4.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted PNM file.

CWE-1892014

CVE-2015-4626

HIGH
CVSS:7.5(High)

B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to "corrupt the business logic" via a negative value in an overdraft.

CWE-1892015

CVE-2016-10158

HIGH
CVSS:7.5(High)

The exif_convert_any_to_int function in ext/exif/exif.c in PHP before 5.6.30, 7.0.x before 7.0.15, and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (application crash) via c...

CWE-1892016

CVE-2016-2070

HIGH
CVSS:7.5(High)

The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP tr...

CWE-1892016