Lucene search
K

23145 matches found

Packet Storm News
Packet Storm News
added 2025/04/03 12:0 a.m.1 views

Apple Security Advisory 03-31-2025-9

Apple Security Advisory 03-31-2025-9 - macOS Ventura 13.7.5 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

9.8CVSS7.4AI score0.18668EPSS
Exploits11
Packet Storm News
Packet Storm News
added 2025/04/03 12:0 a.m.2 views

Apple Security Advisory 03-31-2025-8

Apple Security Advisory 03-31-2025-8 - macOS Sonoma 14.7.5 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

9.8CVSS7.4AI score0.18668EPSS
Exploits11
Packet Storm News
Packet Storm News
added 2025/04/03 12:0 a.m.4 views

Apple Security Advisory 03-31-2025-7

Apple Security Advisory 03-31-2025-7 - macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities...

9.8CVSS7.4AI score0.02507EPSS
Exploits9
RedhatCVE
RedhatCVE
added 2025/04/02 11:56 p.m.11 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...

5.5CVSS5.8AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2025/04/02 5:3 p.m.3 views

DRUPAL-CONTRIB-2025-029

This module enables you to obfuscate email addresses, to avoid them being easily available to spammers. The module doesn't sufficiently sanitise input when ROT13 encoding is used. This vulnerability is mitigated by the fact that an attacker must have a role with the ability to enter specific HTML...

5.4CVSS6.6AI score0.00202EPSS
Exploits0References1
OSV
OSV
added 2025/04/02 3:4 p.m.3 views

GHSA-M5QC-5HW7-8VG7 image-size Denial of Service via Infinite Loop during Image Processing

Summary image-size is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in findBox when processing certain images with a box with size 0. Details If the first bytes of the input does not match any bytes in...

8.7CVSS5.9AI score0.00625EPSS
Exploits1References7
GithubExploit
GithubExploit
added 2025/04/02 1:50 a.m.107 views

Exploit for Unrestricted Upload of File with Dangerous Type in Etoilewebdesign Front_End_Users

CVE-2025-2005 WordPress Front End Users Plugin = 3.2.32 i...

9.8CVSS7.1AI score0.17792EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2025/04/02 12:0 a.m.10 views

PT-2025-22199

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the trace event verifier. The verifier checks the formats of trace events to ensure they do not point to memory that is...

5.5CVSS6.6AI score0.0016EPSS
Exploits0
NVD
NVD
added 2025/04/01 4:15 p.m.19 views

CVE-2025-21905

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

7.1CVSS0.00193EPSS
Exploits0References10
OSV
OSV
added 2025/04/01 4:15 p.m.7 views

AZL-60358 CVE-2025-21905 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

7.1CVSS6.4AI score0.00193EPSS
Exploits0References1
OSV
OSV
added 2025/04/01 3:40 p.m.7 views

CVE-2025-21905 wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

7.1CVSS6.3AI score0.00193EPSS
Exploits0References13
OSV
OSV
added 2025/04/01 1:15 p.m.2 views

CVE-2025-1658

A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS6.1AI score0.00197EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/04/01 1:44 a.m.3 views

SUSE CVE-2024-48615

Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function headerpaxextension at rchivereadsupportformattar.c:1844:8...

7.5CVSS7AI score0.00478EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2025/04/01 1:43 a.m.1 views

SUSE CVE-2025-2914

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

4.8CVSS3.7AI score0.00255EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.3 views

PT-2025-14102 · Autodesk · Autodesk Navisworks

Name of the Vulnerable Software and Affected Versions: Autodesk Navisworks affected versions not specified Description: The issue arises from a maliciously crafted DWFX file being parsed through Autodesk Navisworks, leading to a Memory Corruption vulnerability. This can be exploited by a maliciou...

7.8CVSS7.7AI score0.00197EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.1 views

Autodesk Navisworks 缓冲区错误漏洞

Autodesk Navisworks is a 3D model review software for architecture, engineering and construction from Autodesk, Inc. in the United States. A security vulnerability exists in Autodesk Navisworks that originates from parsing a specially crafted DWFX file resulting in memory corruption that could...

7.8CVSS7.1AI score0.00197EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.6 views

The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against internet attacks, the FortiPAM account management system, the FortiWeb network gateway for web applications, and the FortiSRA software for secure remote access, allow attackers to execute arbitrary code or commands.

The vulnerabilities of the FortiOS operating system’s GUI component, the FortiProxy proxy server for protecting against Internet attacks, the FortiPAM account management system, the FortiWeb web application firewall, and the FortiSRA software for secure remote access are related to insufficient...

9CVSS6.2AI score0.00679EPSS
Exploits0References2Affected Software5
NVD
NVD
added 2025/03/31 11:15 p.m.12 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...

5.5CVSS0.00248EPSS
Exploits0References6
OSV
OSV
added 2025/03/31 11:15 p.m.5 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause a denial-of-service...

5.5CVSS5.7AI score0.00248EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/03/31 10:23 p.m.18 views

CVE-2025-24199

An uncontrolled format string issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause a denial-of-service...

0.00248EPSS
Exploits0References3
Rows per page
Query Builder