Lucene search
K

769 matches found

OSV
OSV
added 2025/08/07 8:15 p.m.2 views

ALPINE-CVE-2025-47807

In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...

5.5CVSS6.9AI score0.00185EPSS
Exploits1References1
OSV
OSV
added 2025/08/07 8:15 p.m.2 views

DEBIAN-CVE-2025-47807

In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...

5.5CVSS6.7AI score0.00185EPSS
Exploits1References1
OSV
OSV
added 2025/08/07 8:15 p.m.3 views

UBUNTU-CVE-2025-47807

In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...

5.5CVSS7.3AI score0.00185EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/08/07 12:0 a.m.2 views

CVE-2025-47807

In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...

5.5CVSS6.7AI score0.00185EPSS
Exploits1
CNNVD
CNNVD
added 2025/08/07 12:0 a.m.3 views

GStreamer 安全漏洞

GStreamer is an open source set of frameworks for processing streaming media from GStreamer. A security vulnerability exists in GStreamer 1.26.1 and earlier versions, which stems from the presence of a null pointer dereference in the subripunescapeformatting function, which could lead to a crash...

5.5CVSS8.4AI score0.00185EPSS
Exploits1References2
Patchstack
Patchstack
added 2025/08/01 6:55 p.m.5 views

WordPress Preserve Code Formatting Plugin <= 4.0.1 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Drew / mcdruid in WordPress Plugin Preserve Code Formatting versions = 4.0.1...

9.8CVSS7.3AI score0.00376EPSS
Exploits0Affected Software1
NCSC
NCSC
added 2025/07/31 11:12 a.m.7 views

Vulnerability fixed in SonicWall SonicOS

SonicWall has fixed a vulnerability in SonicOS. The vulnerability is in how SonicOS' SSL VPN interface handles externally controlled formatting strings. This can be exploited by external, unauthenticated attackers, leading to service disruptions. Attackers can exploit this vulnerability to affect...

9.8CVSS6.9AI score0.00875EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.4 views

SonicWALL SonicOS SSLVPN 格式化字符串错误漏洞

SonicWALL SonicOS SSLVPN is a virtual private network for secure remote access from SonicWALL USA. A Formatting String Error vulnerability exists in SonicWALL SonicOS SSLVPN that originates from an externally controlled formatting string and could result in a service interruption...

9.8CVSS5.9AI score0.00875EPSS
Exploits0References1
OSV
OSV
added 2025/07/17 10:46 a.m.4 views

CLSA-2025-1752749203 jq: Fix of CVE-2025-48060

CVE-2025-48060: fix heap-buffer-overflow in function jvstringvfmt in jqfuzzexecute by adding boundary checks...

8.7CVSS5.8AI score0.00443EPSS
Exploits1References1
OSV
OSV
added 2025/07/11 3:14 p.m.2 views

SUSE-SU-2025:20493-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. - CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc123898...

7.8CVSS6.7AI score0.00369EPSS
Exploits3References168
RedHat Linux
RedHat Linux
added 2025/07/08 12:35 p.m.6 views

jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...

8.7CVSS7.3AI score0.00443EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2025/07/08 12:32 p.m.7 views

jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...

8.7CVSS7.3AI score0.00443EPSS
Exploits1References5
OSV
OSV
added 2025/06/28 6:23 p.m.5 views

CLSA-2025-1751135005 curl: Fix of CVE-2024-7264

CVE-2024-7264: fix out-of-bound read in GTime2str function...

6.5CVSS6.8AI score0.16212EPSS
Exploits1References1
OSV
OSV
added 2025/06/18 11:15 a.m.0 views

UBUNTU-CVE-2022-50051

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: debug: Fix potential buffer overflow by snprintf snprintf returns the would-be-filled size when the string overflows the given buffer size, hence using this value may result in the buffer overflow although it's...

7.8CVSS6.3AI score0.00179EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/06/17 12:43 a.m.13 views

CVE-2025-48993 Group-Office vulnerable to reflected XSS via Look and Feel Formatting input

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web applicatio...

5.3CVSS0.00206EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/06/17 12:43 a.m.4 views

CVE-2025-48993 Group-Office vulnerable to reflected XSS via Look and Feel Formatting input

Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.123 and 25.0.27, a malicious JavaScript payload can be executed via the Look and Feel formatting fields. Any user can update their Look and Feel Formatting input fields, but the web applicatio...

5.3CVSS6AI score0.00206EPSS
Exploits0References3
CVE
CVE
added 2025/06/17 12:43 a.m.32 views

CVE-2025-48993

Group-Office (enterprise CRM/groupware) is affected by a reflected XSS via the Look and Feel Formatting fields. The issue arises because input in these fields is not properly sanitized. Affected versions: before 6.8.123 and before 25.0.27. Patches exist: 6.8.123 and 25.0.27. Remediation: upgrade ...

6.1CVSS5.6AI score0.00206EPSS
Exploits0References3Affected Software1
Fedora
Fedora
added 2025/06/13 1:34 a.m.7 views

[SECURITY] Fedora 41 Update: mingw-icu-74.2-4.fc41

ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...

7CVSS7.3AI score0.00296EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/06/11 2:46 a.m.1 views

SUSE CVE-2025-47807

In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...

5.5CVSS7AI score0.00185EPSS
Exploits1References11
CNVD
CNVD
added 2025/06/11 12:0 a.m.2 views

Freescout String Formatting Vulnerability

FreeScout is an open source helpdesk system built on the PHP Laravel framework, designed to provide users with functionality similar to Zendesk or Help Scout, but without sacrificing privacy or freedom. Freescout suffers from a string formatting vulnerability that stems from insufficient validati...

7CVSS6.9AI score0.00333EPSS
Exploits1References1
Rows per page
Query Builder