Lucene search
K

894 matches found

CVE
CVE
added 2026/02/15 10:47 a.m.12 views

CVE-2025-32061

The CVE-2025-32061 entry concerns the Bluetooth stack in Bosch Infotainment ECU devices, implemented by Alps Alpine. The vulnerability arises from insufficient boundary validation of user-supplied data, causing a stack-based buffer overflow when processing a specific packet on the L2CAP channel. ...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/15 10:47 a.m.32 views

CVE-2025-32061 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS0.00379EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/15 10:45 a.m.9 views

EUVD-2025-206904

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS7AI score0.00379EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/15 10:45 a.m.6 views

CVE-2025-32059

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/02/15 10:45 a.m.30 views

CVE-2025-32059 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

8.8CVSS0.00379EPSS
Exploits0References3
CVE
CVE
added 2026/02/15 10:45 a.m.233 views

CVE-2025-32059

The CVE-2025-32059 entry concerns the Bluetooth stack in the Bosch Infotainment ECU, implemented by Alps Alpine. The root cause is improper boundary validation of user-supplied data, triggering a stack-based buffer overflow when handling a specific packet on the L2CAP channel. The issue enables r...

8.8CVSS6.9AI score0.00379EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.8 views

ALPS ALPINE HID Monitor Service 代码问题漏洞

ALPS ALPINE HID Monitor Service is a human factors input device management service provided by ALPS ALPINE, a Japanese company. Version 8.1.0.10 of ALPS ALPINE HID Monitor Service contains a code vulnerability. This vulnerability stems from a service path that lacks quotation marks, which may all...

8.5CVSS7.7AI score0.00157EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/05 7:23 p.m.4 views

CVE-2026-25121

apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package e.g., via a compromised or typosquatte...

7.5CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2026/02/05 6:2 p.m.4 views

GHSA-X9P2-77V6-6VHF FrankenPHP has delayed propagation of security fixes in upstream base images

Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...

9.8CVSS8AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/05 6:2 p.m.11 views

FrankenPHP has delayed propagation of security fixes in upstream base images

Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...

9.8CVSS5.5AI score0.47621EPSS
Exploits7References2Affected Software1
CNNVD
CNNVD
added 2026/02/05 12:0 a.m.8 views

ALPS ALPINE Pointing-device Controller 代码问题漏洞

ALPS ALPINE Pointing-device Controller is a control software for a heavy-touch tablet by the Japanese company ALPS ALPINE. Version 8.1202.1711.04 of ALPS ALPINE Pointing-device Controller contains a code vulnerability. This vulnerability stems from a service path in ApHidMonitorService that lacks...

8.5CVSS7.5AI score0.00161EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/01/22 11:35 a.m.310 views

Exploit for Out-of-bounds Read in Libpng

Spring Boot Minimal Images PoC Dummy Spring Boot application...

7.8CVSS6.4AI score0.00299EPSS
Exploits6
OSV
OSV
added 2026/01/22 5:16 a.m.4 views

ALPINE-CVE-2026-24049

wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the...

5.5CVSS7.1AI score0.00311EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.17 views

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

8.8CVSS7.5AI score0.03529EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:15 a.m.9 views

CVE-2022-23554

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

6.5CVSS6.9AI score0.00659EPSS
Exploits0References1
OSV
OSV
added 2026/01/08 2:37 p.m.3 views

OPENSUSE-RU-2026:20010-1 Recommended update for trivy

This update for trivy fixes the following issues: - Update to version 0.68.2: release: v0.68.2 release/v0.68 9950 fixdeps: bump alpine from 3.22.1 to 3.23.0 backport: release/v0.68 9949 ci: enable check-latest for setup-go backport: release/v0.68 9946...

7.5CVSS5.8AI score0.00591EPSS
Exploits2References10
OSV
OSV
added 2026/01/08 10:15 a.m.7 views

ALPINE-CVE-2025-15224

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

3.1CVSS6.1AI score0.00413EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.8 views

CVE-2019-12875

Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key...

6.5CVSS6.8AI score0.01284EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993056)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993056 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpinemsixinitdomains ofirqfindparent returns a node...

5.5CVSS5.2AI score0.00146EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992366 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip/alpine-msi: Fix refcount leak in alpinemsixinitdomains ofirqfindparent returns a node...

5.5CVSS5.2AI score0.00146EPSS
Exploits0References4
Rows per page
Query Builder