Lucene search
K

120932 matches found

RedHat Linux
RedHat Linux
added 2026/01/05 6:18 a.m.3 views

xorg: xmayland: Use-after-free in XPresentNotify structure creation

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

7.3CVSS6.1AI score0.00481EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:39 a.m.3 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:39 a.m.9 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 1:23 a.m.3 views

firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code...

8.1CVSS5.9AI score0.00376EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/05 12:51 a.m.3 views

libtiff: Libtiff Write-What-Where

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

8.8CVSS7.6AI score0.00739EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.5 views

PT-2026-1313

Name of the Vulnerable Software and Affected Versions Coolify versions prior to 4.0.0-beta.420.7 Description Coolify is a self-hostable tool for managing servers, applications, and databases. Versions of Coolify before 4.0.0-beta.420.7 contain a command injection flaw in the Git Repository field...

9.9CVSS7.8AI score0.01798EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/01/04 12:0 a.m.6 views

Debian dsa-6093 : gimp - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6093 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6093-1 [email protected]...

7.8CVSS8.1AI score0.00539EPSS
Exploits1References9
NVD
NVD
added 2026/01/02 4:17 p.m.7 views

CVE-2025-67268

gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...

9.8CVSS0.00534EPSS
Exploits2References9
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.4 views

gpsd 安全漏洞

gpsd is a gpsd open source daemon for receiving GPS data. A security vulnerability exists in previous versions of gpsd dc966aa, which originates from a heap-based out-of-bounds write in the drivers/drivernmea2000.c file, which could lead to memory corruption, denial of service, and execution of...

9.8CVSS7AI score0.00534EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/01/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-67268

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles...

9.8CVSS6.1AI score0.00534EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/01 10:45 a.m.5 views

CVE-2025-15278

A flaw was found in FontForge. This integer overflow vulnerability, located in the parsing of pixels within XBM X BitMap files, allows a remote attacker to execute arbitrary code. The issue arises from insufficient validation of user-supplied data, which can lead to an integer overflow before...

7.8CVSS7.9AI score0.00263EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/01 10:45 a.m.3 views

CVE-2025-15275

A flaw was found in FontForge. A remote attacker could exploit a heap-based buffer overflow vulnerability during SFD file parsing. This issue arises from insufficient validation of user-supplied data length before copying it to a buffer. Successful exploitation requires user interaction, such as...

8.8CVSS7.7AI score0.0058EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/01/01 8:34 a.m.209 views

Exploit for Integer Overflow or Wraparound in Apple Itunes

CVE-2022-26711: Apple ImageIO WebP Integer Overflow An intege...

9.8CVSS8AI score0.035EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2026/01/01 7:3 a.m.4 views

CVE-2025-11157 Arbitrary Code Execution in feast-dev/feast

A high-severity remote code execution vulnerability exists in feast-dev/feast version 0.53.0, specifically in the Kubernetes materializer job located at feast/sdk/python/feast/infra/computeengines/kubernetes/main.py. The vulnerability arises from the use of yaml.load..., Loader=yaml.Loader to...

7.8CVSS8.2AI score0.00256EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/01 6:28 a.m.3 views

Command Injection

Overview blackboard-core is an A Python SDK implementing the Blackboard Pattern for LLM-powered multi-agent systems Affected versions of this package are vulnerable to Command Injection due to unsafe host-level execution being reachable without a hard security gate or explicit acknowledgment. An...

9.8CVSS7.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-1023

Name of the Vulnerable Software and Affected Versions Signal K Server versions prior to 2.19.0 Description Signal K Server is a server application used in marine environments. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API...

8.6CVSS7.6AI score0.00645EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.2 views

PT-2026-26144

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the VARINT and CONST encodings, incomplete validation of the context in which the encodings were...

8.8CVSS6.3AI score0.00409EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-27418

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird ESR versions prior to 140.9 Description The software contains memory safety bugs, some of which demonstrate evidence of memory...

10CVSS6.6AI score0.00417EPSS
Exploits0References259
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.1 views

PT-2026-27419

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions 115.33 through 140.8 Thunderbird versions prior to 149 Thunderbird ESR versions 140.8 through 140.9 Description The software contains memory safety bugs, some of which demonstrate evidence of...

9.8CVSS6.7AI score0.00431EPSS
Exploits0References282
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-26145

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTE ARRAY STOP method, an out-by-one error in the cram byte arra...

8.1CVSS6.3AI score0.00336EPSS
Exploits0References8
Rows per page
Query Builder