Lucene search
K

616 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-22114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: don't clobber ret in btrfsvalidatesuper Commit 2a9bb78cfd36 btrfs: validate system...

5.5CVSS5.9AI score0.0014EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.5 views

Fedora 42 : chromium (2025-04158e05ef)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04158e05ef advisory. Updated to 139.0.7258.66 CVE-2025-8576: Use after free in Extensions CVE-2025-8578: Use after free in Cast CVE-2025-8579: Inappropriate implementati...

8.8CVSS5.8AI score0.00313EPSS
Exploits0References9
OSV
OSV
added 2025/08/07 2:15 a.m.5 views

CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.3AI score
Exploits0References2
Cvelist
Cvelist
added 2025/08/07 1:30 a.m.10 views

CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00225EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/06 11:25 p.m.2 views

SUSE CVE-2025-8580

Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.5AI score0.00225EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-50205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes...

5.5CVSS6.1AI score0.00204EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2025/08/05 12:0 a.m.5 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 12 security fixes: 414760982 Medium CVE-2025-8576: Use after free in Extensions. Reported by asnine on 2025-04-30 384050903 Medium CVE-2025-8577: Inappropriate implementation in Picture In Picture. Reported by Umar Farooq on 2024-12-14 423387026 Mediu...

8.8CVSS8AI score0.00313EPSS
Exploits0References1
OSV
OSV
added 2025/07/18 9:32 a.m.8 views

USN-7654-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...

9.8CVSS6.5AI score0.01483EPSS
Exploits0References140
RedHat Linux
RedHat Linux
added 2025/07/16 3:30 p.m.5 views

tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation

The fix for CVE-2024-50379 in Apache Tomcat was insufficient to mitigate the issue fully. A Time-of-check Time-of-use TOCTOU race condition occurs during JSP compilation on case-insensitive file systems when the default servlet is enabled for writing. This vulnerability allows an uploaded file to...

9.8CVSS7.6AI score0.43663EPSS
Exploits13References6
OSV
OSV
added 2025/06/24 5:16 p.m.2 views

USN-7596-1 linux-azure, linux-azure-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...

7.8CVSS6.4AI score0.00571EPSS
Exploits1References33
Positive Technologies
Positive Technologies
added 2025/06/22 12:0 a.m.3 views

PT-2025-30757

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.16.0-rc2-WSL2-STABLE and earlier. Description A runtime warning was observed in the truncate folio batch exceptionals function within the Linux kernel's fuse module. This issue was addressed by applying a fix initially...

7.8CVSS6.2AI score0.00155EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2025/06/19 3:39 a.m.2 views

SUSE CVE-2022-50205

In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes per group. Also verify we have at least one block worth of inodes pe...

5.5CVSS6.4AI score0.00204EPSS
Exploits0References3
OSV
OSV
added 2025/06/18 11:15 a.m.2 views

DEBIAN-CVE-2022-50205

In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matches the number computed from number of inodes per group. Also verify we have at least one block worth of inodes pe...

5.5CVSS5.4AI score0.00204EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 11:15 a.m.2 views

DEBIAN-CVE-2022-50090

In the Linux kernel, the following vulnerability has been resolved: btrfs: replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize On zoned filesystem, data write out is limited by maxzoneappendsize, and a large ordered extent is split according the size of a bio. OTOH, the number of extents to be...

7.8CVSS6.2AI score0.00164EPSS
Exploits0References1
CVE
CVE
added 2025/06/18 11:3 a.m.27 views

CVE-2022-50205

The CVE-2022-50205 entry corresponds to a Linux kernel vulnerability in ext2 that adds validity checks for inode counts. The root cause is that inodes stored in the superblock must match the computed value from inodes-per-group, and there must be at least one block worth of inodes per group; thes...

5.5CVSS6.3AI score0.00204EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/06/09 2:50 p.m.10 views

CLSA-2025-1749480611 kernel: Fix of 25 CVEs

rcu-tasks: Fix showrcutaskstracegpkthread buffer overflow CVE-2024-38577 - tcp: fix mptcp DSS corruption due to large pmtu xmit CVE-2024-50083 - vsock: Keep the binding until socket destruction CVE-2025-21756 - memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove CVE-2025-22020 -...

7.8CVSS7.3AI score0.00875EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2025/06/02 10:12 a.m.14 views

kernel: ext4: fix OOB read when checking dotdot dir

A flaw was found in the ext4 module in the Linux kernel. An out-of-bounds read can be triggered when a corrupted ext4 filesystem is mounted due to a missing check, resulting in a denial of service that causes the system to freeze or become unusable...

7.1CVSS6.7AI score0.00226EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 6:50 p.m.10 views

CVE-2021-43395

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle...

5.5CVSS6.2AI score0.00317EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/05/07 2:19 a.m.4 views

SUSE CVE-2022-49831

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: initialize device's zone info for seeding When performing seeding on a zoned filesystem it is necessary to initialize each zoned device's btrfszoneddeviceinfo structure, otherwise mounting the filesystem will cause ...

5.5CVSS6.5AI score0.00164EPSS
Exploits0References3
OSV
OSV
added 2025/04/24 11:18 a.m.8 views

USN-7455-1 linux, linux-aws, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-raspi vulnerabilities

Jann Horn discovered that the watchqueue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or escalate their privileges. CVE-2022-0995 Several security issues were discovered i...

7.8CVSS6.8AI score0.06197EPSS
Exploits13References13
Rows per page
Query Builder