8CVSS
8.5AI Score
0.001EPSS
8CVSS
8.5AI Score
0.001EPSS
8.8CVSS
9AI Score
0.001EPSS
9.8CVSS
9.2AI Score
0.002EPSS
A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the...
7.8CVSS
7.5AI Score
0.0004EPSS
A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the...
5.3CVSS
5.7AI Score
0.001EPSS
An out-of-bounds read vulnerability was found in Samba due to insufficient length checks in winbindd_pam_auth_crap.c. When performing NTLM authentication, the client replies to cryptographic challenges back to the server. These replies have variable lengths, and Winbind fails to check the lan...
5.9CVSS
6.5AI Score
0.001EPSS
8.8CVSS
9.2AI Score
0.088EPSS
7.8CVSS
8.7AI Score
0.002EPSS
8CVSS
8.7AI Score
0.001EPSS
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code...
7.8CVSS
8.1AI Score
0.0004EPSS
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege elevation on systems where the X server runs...
7.8CVSS
7.9AI Score
0.002EPSS
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption...
7.8CVSS
7.8AI Score
0.001EPSS
7.2CVSS
8.2AI Score
0.016EPSS
8.8CVSS
9.2AI Score
0.575EPSS
8.8CVSS
9.2AI Score
0.008EPSS
8.8CVSS
9.2AI Score
0.012EPSS
8.8CVSS
8.4AI Score
0.002EPSS
7.8CVSS
8AI Score
0.0004EPSS
7.8CVSS
8AI Score
0.0004EPSS
8CVSS
7.5AI Score
0.033EPSS
7.5CVSS
7.7AI Score
0.002EPSS
8CVSS
8AI Score
0.076EPSS
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An...
8.6CVSS
8.7AI Score
0.001EPSS
7.8CVSS
8.4AI Score
0.001EPSS
8CVSS
7.6AI Score
0.045EPSS
8CVSS
7.6AI Score
0.045EPSS
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and...
5.5CVSS
6.3AI Score
0.0004EPSS
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting...
6.5CVSS
6.2AI Score
0.001EPSS
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this...
7.8CVSS
7.6AI Score
0.001EPSS
An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A....
7.8CVSS
7.7AI Score
0.001EPSS
5.3CVSS
6.7AI Score
0.001EPSS
8CVSS
8.5AI Score
0.001EPSS
6.5CVSS
7.4AI Score
0.021EPSS
4.8CVSS
6.5AI Score
0.002EPSS
8CVSS
8.5AI Score
0.001EPSS
8CVSS
8AI Score
0.001EPSS
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...
4.5CVSS
7AI Score
0.0005EPSS
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of...
4.5CVSS
6.8AI Score
0.0005EPSS
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This...
7CVSS
7.6AI Score
0.0004EPSS
8.2CVSS
8.8AI Score
0.0004EPSS
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim, the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to.....
8.8CVSS
8.3AI Score
0.002EPSS
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior....
7.5CVSS
7.3AI Score
0.001EPSS
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine), where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to.....
7.5CVSS
7.2AI Score
0.002EPSS
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges.....
8.8CVSS
9AI Score
0.013EPSS
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the...
7.8CVSS
7.7AI Score
0.0004EPSS