How severe is CVE-2025-3408?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2025-3408?

This is classified as CWE-189, which is a common weakness in software security.

CVE-2025-3408 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2015-8872

MEDIUM

CVSS:6.2(Medium)

The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service (invalid memory read and crash) by writing an odd number of clus...

CWE-1892015

CVE-2015-5479

MEDIUM

CVSS:6.5(Medium)

The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafte...

CWE-1892015

CVE-2016-1933

MEDIUM

CVSS:6.5(Medium)

Integer overflow in the image-deinterlacing functionality in Mozilla Firefox before 44.0 allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted GI...

CWE-1892016

CVE-2016-7513

MEDIUM

CVSS:6.5(Medium)

Off-by-one error in magick/cache.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors.

CWE-1892016

CVE-2016-9266

MEDIUM

CVSS:6.5(Medium)

listmp3.c in libming 0.4.7 allows remote attackers to unspecified impact via a crafted mp3 file, which triggers an invalid left shift.

CWE-1892016

CVE-2016-1715

MEDIUM

CVSS:6.6(Medium)

The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Wind...

CWE-1892016