How severe is CVE-2025-2849?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2025-2849?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2025-2849

MEDIUM Year: 2025

CVSS v3 Score

5.5

Medium

CVSS v2 Score

1.7

Low

Weakness Type

CWE-119

View all →

Vulnerability Description

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as e0b6ff192412f5bb5364c1948f4f6b27a0cd5ea2. It is recommended to apply a patch to fix this issue.

CVE-2006-3635

MEDIUM

CVSS:5.5(Medium)

The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of in...

CWE-1192006

CVE-2014-125002

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. I...

CWE-1192014

CVE-2014-125003

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The at...

CWE-1192014

CVE-2014-125004

MEDIUM

CVSS:5.5(Medium)

A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corru...

CWE-1192014

CVE-2014-125005

MEDIUM

CVSS:5.5(Medium)

A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corr...

CWE-1192014

CVE-2014-125006

MEDIUM

CVSS:5.5(Medium)

A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory ...

CWE-1192014

CVE-2025-2849

Vulnerability Description

Related Vulnerabilities

CVE-2006-3635

CVE-2014-125002

CVE-2014-125003

CVE-2014-125004

CVE-2014-125005

CVE-2014-125006