Lucene search
K

23140 matches found

RedhatCVE
RedhatCVE
added 2025/05/21 8:49 p.m.9 views

CVE-2003-1579

Sun ONE aka iPlanet Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing...

4.3CVSS7AI score0.00898EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:36 p.m.13 views

CVE-2002-2236

Format string vulnerability in the awplog function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code...

10CVSS7.8AI score0.04822EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:30 p.m.7 views

CVE-2002-2022

Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute...

7.2CVSS7.3AI score0.00631EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:24 p.m.7 views

CVE-2002-1789

Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function...

7.2CVSS7.6AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:54 p.m.5 views

CVE-2005-3666

Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 IKEv1 have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original...

10CVSS6.7AI score0.03469EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:37 p.m.7 views

CVE-2009-5141

Format string vulnerability in War FTP Daemon warftpd 1.82 RC 12 allows remote authenticated users to cause a denial of service crash via format string specifiers in a LIST command...

4CVSS6.5AI score0.02795EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:24 p.m.7 views

CVE-1999-0794

Microsoft Excel does not warn a user when a macro is present in a Symbolic Link SYLK format file...

4.6CVSS6.9AI score0.01481EPSS
Exploits0References1
OSV
OSV
added 2025/05/20 4:15 p.m.9 views

AZL-72829 CVE-2025-37938 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

5.5CVSS6.6AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2025/05/20 4:15 p.m.15 views

CVE-2025-37938

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

5.5CVSS0.0016EPSS
Exploits0References7
OSV
OSV
added 2025/05/20 3:34 p.m.12 views

CVE-2025-37938 tracing: Verify event formats that have "%*p.."

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

5.5CVSS6.4AI score0.0016EPSS
Exploits0References10
CVE
CVE
added 2025/05/20 3:34 p.m.109 views

CVE-2025-37938

The CVE-2025-37938 entry affects the Linux kernel tracing subsystem. The issue arises in the trace event verifier when formats like "%*p.." are used; if an event references data that is freed before being read, the verifier may dereference freed memory, risking a kernel crash. The description ind...

5.5CVSS6.5AI score0.0016EPSS
Exploits0References7Affected Software1
Fedora
Fedora
added 2025/05/20 1:46 a.m.13 views

[SECURITY] Fedora 41 Update: woff-0.20091126-47.fc41

Provides the sfnt2woff and woff2sfnt command-line tools for encoding and decoding Web Open Font Format WOFF files...

9.3CVSS6.6AI score0.08816EPSS
Exploits2
Fedora
Fedora
added 2025/05/20 1:13 a.m.8 views

[SECURITY] Fedora 42 Update: woff-0.20091126-47.fc42

Provides the sfnt2woff and woff2sfnt command-line tools for encoding and decoding Web Open Font Format WOFF files...

9.3CVSS6.6AI score0.08816EPSS
Exploits2
Packet Storm News
Packet Storm News
added 2025/05/20 12:0 a.m.2 views

A Private Approximation of the 2nd-Moment Matrix of Any Subsamplable Input

We study the problem of differentially private second moment estimation and present a new algorithm that achieve strong privacy-utility trade-offs even for worst-case inputs under subsamplability assumptions on the data. We call an input $m,α,β$-subsamplable if a random subsample of size $m$ or...

7AI score
Exploits0
Snyk
Snyk
added 2025/05/20 12:0 a.m.1 views

Double Free

Overview Affected versions of this package are vulnerable to Double Free via the archivereadformatrarseekdata function. An attacker can cause memory corruption or potentially execute arbitrary code by triggering a double-free condition through crafted input. Remediation Upgrade libarchive to...

7.8CVSS8AI score0.00326EPSS
Exploits2References3
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unvalidated inclusion of %p... in tracing. 's event format...

5.5CVSS7AI score0.0016EPSS
Exploits0References7
Snyk
Snyk
added 2025/05/20 12:0 a.m.2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the archivereadsupportformatwarc.c process. An attacker can cause memory corruption or unpredictable program behavior by supplying a specially crafted WARC file with an excessively large content length...

5.6CVSS7.1AI score0.00155EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/05/17 12:0 a.m.3 views

Back to Square Roots: an Optimal Bound on the Matrix Factorization Error for Multi-Epoch Differentially Private SGD

Matrix factorization mechanisms for differentially private training have emerged as a promising approach to improve model utility under privacy constraints. In practical settings, models are typically trained over multiple epochs, requiring matrix factorizations that account for repeated...

7AI score
Exploits0
OSV
OSV
added 2025/05/16 1:24 p.m.2 views

OESA-2025-1525 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A flaw was found in GLib. An integer...

3.7CVSS7.4AI score0.00416EPSS
Exploits0References2
OSV
OSV
added 2025/05/16 1:24 p.m.2 views

OESA-2025-1514 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: blk-mq: Fix kmemleak in blkmqinitallocatedqueue There is a kmemleak caused by modprobe nullblk.ko unreferenced object 0xffff8881acb1f000 size 1024: comm...

7.8CVSS6.2AI score0.0018EPSS
Exploits0References5
Rows per page
Query Builder