Lucene search
K

422 matches found

CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC has a buffer overflow vulnerability that stems from the vobsubgetsubpicduration function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6AI score0.00343EPSS
Exploits1References2
Snyk
Snyk
added 2026/01/13 9:49 p.m.5 views

Improper Validation of Syntactic Correctness of Input

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the email address parameter in the Email Connector. An attacker can cause...

7.1CVSS6.7AI score0.0037EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.5 views

CVE-2021-22760

A CWE-763: Release of invalid pointer or reference vulnerability exists inIGSS Definition Def.exe V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing checks of user-supplied input data, when a malicious CGF file is imported to IGSS Definition...

7.8CVSS7.9AI score0.01172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.6 views

CVE-2021-22531

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0...

6.1CVSS6.2AI score0.00525EPSS
Exploits0References1
Amazon
Amazon
added 2026/01/05 12:0 a.m.7 views

Important: qt5-qtdeclarative

Issue Overview: Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component ...

8.7CVSS6.8AI score0.00273EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.13 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993120)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993120 advisory. In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpinfitctl Syzkaller has reported a warning in...

5.5CVSS6.2AI score0.00185EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/08 4:57 p.m.3 views

CVE-2025-48638

In pkvmloadtracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.7AI score0.00096EPSS
Exploits0References3
CVE
CVE
added 2025/12/01 9:43 p.m.12 views

CVE-2025-66305

Grav vulnerability CVE-2025-66305: DoS caused by improper input handling in the Languages submenu of the Grav admin panel (/admin/config/system). The issue arises from dynamically constructing a regex from the Supported field without proper validation/escaping, leading to a fatal preg_match() err...

6.9CVSS5.8AI score0.00337EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2025/12/01 12:43 p.m.7 views

CVE-2025-12106

Insufficient argument validation in OpenVPN 2.7alpha1 through 2.7rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses...

9.1CVSS8.2AI score0.00538EPSS
Exploits0
OSV
OSV
added 2025/12/01 8:15 a.m.5 views

CVE-2025-61608

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS5.9AI score0.00232EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/11/14 12:24 a.m.5 views

SUSE CVE-2025-40154

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver only shows an error message but leaves as is. This may lead to unepxected results like OOB...

6.4CVSS6.5AI score0.00193EPSS
Exploits0References30
OSV
OSV
added 2025/11/12 10:23 a.m.3 views

CVE-2025-40121 ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcrrt5640 driver just ignores and leaves as is, which may lead to unepxected results like OOB access. This...

6.2AI score0.00211EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an invalid input mapping that could lead to unexpected behavior...

6.1AI score0.00211EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.9 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989527)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989527 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Prevent panic when SDMA is disabled If the hfi1 module is loaded with HFI1CAPSDMA off,...

5.5CVSS6AI score0.00253EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/10/31 12:25 a.m.4 views

SUSE CVE-2025-40099

In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct getdfsreferralrsp - reply with number of referrals smaller than...

6.3CVSS6.5AI score0.00183EPSS
Exploits0References21
EUVD
EUVD
added 2025/10/30 12:31 p.m.5 views

EUVD-2025-36979

In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct getdfsreferralrsp - reply with number of referrals smaller than...

6AI score0.00183EPSS
Exploits0References6
NVD
NVD
added 2025/10/30 10:15 a.m.4 views

CVE-2025-40099

In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct getdfsreferralrsp - reply with number of referrals smaller than...

0.00183EPSS
Exploits0References5
CVE
CVE
added 2025/10/30 9:48 a.m.16 views

CVE-2025-40099

CVE-2025-40099 affects the Linux kernel CIFS code: cifs: parse_dfs_referrals. Malicious SMB server can send malformed FSCTL_DFS_GET_REFERRALS replies (reply smaller than the expected struct or with a smaller NumberOfReferrals), leading to out-of-bounds processing. The issue is mitigated by return...

6.1AI score0.00183EPSS
Exploits0References5
NVD
NVD
added 2025/10/28 12:15 p.m.9 views

CVE-2025-40049

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfsgetparent Syzkaller reports a "KMSAN: uninit-value in squashfsgetparent" bug. This is caused by openbyhandleat being called with a file handle containing an invalid parent inode number. In...

0.00207EPSS
Exploits0References8
NVD
NVD
added 2025/10/09 2:15 p.m.22 views

CVE-2025-36171

IBM Aspera Faspex 5.0.0 through 5.0.13.1 could allow a privileged user to cause a denial of service from improperly validated API input due to excessive resource consumption...

4.9CVSS0.00299EPSS
Exploits0References1
Rows per page
Query Builder