Lucene search
K

1844 matches found

OSV
OSV
added 2025/04/29 3:15 a.m.3 views

CVE-2025-24252

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory...

8.8CVSS5.8AI score0.0127EPSS
Exploits2References8
Amazon
Amazon
added 2025/04/29 12:0 a.m.10 views

Medium: python3.12-pip

Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...

5.6CVSS7AI score0.0034EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/04/15 12:50 p.m.18 views

CVE-2025-32944 PeerTube User Import Authenticated Persistent Denial of Service

The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner. If user import is enabled which is the default setting, any registered user can upload an archive for importing. The code uses the yauzl library for reading the archive. If the...

6.5CVSS7.1AI score0.00479EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2025/04/12 12:0 a.m.6 views

p5-Crypt-CBC -- Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

Lib-Crypt-CBC project reports: Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case...

4CVSS7.3AI score0.00166EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/04/11 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-31498

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - c-ares is an asynchronous resolver library. From 1.32.3 through 1.34.4, there is a use-after-free in readanswers when processanswer may re-enqueue a query eithe...

8.3CVSS7.5AI score0.00555EPSS
Exploits0References2
OSV
OSV
added 2025/03/31 11:15 p.m.1 views

UBUNTU-CVE-2025-24213

This issue was addressed with improved handling of floats. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A type confusion issue could lead to memory corruption...

7.8CVSS7.2AI score0.00407EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/16 12:0 a.m.12 views

CVE-2025-30077

Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28 allows an index out-of-range panic in asn1/aper GetBitString via a zero value of numBits...

6.2CVSS0.0015EPSS
Exploits0References1
OSV
OSV
added 2025/03/10 8:15 p.m.5 views

CVE-2022-43454

A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges...

7.8CVSS6AI score0.00206EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-35195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert...

5.6CVSS6.8AI score0.0034EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-32606

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 Library through 1.14.3 may attempt to dereference uninitialized values in h5toolsstrsprint in tools/lib/h5toolsstr.c called from h5toolsdumpsimpledata in...

5.7CVSS7.1AI score0.00227EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-31124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - c-ares is an asynchronous resolver library. When cross-compiling c-ares and using the autotools build system, CARESRANDOMFILE will not be set, as seen when cros...

3.7CVSS6.1AI score0.00936EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-32614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 Library through 1.14.3 has a SEGV in H5VMmemcpyvv in H5VM.c. CVE-2024-32614 Note that Nessus relies on the presence of the package as reported by the vendo...

8.8CVSS6.9AI score0.00936EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-47072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XStream is a simple library to serialize objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack...

7.5CVSS6.6AI score0.02015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-43799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect which executes untrusted...

5CVSS6.7AI score0.00511EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2020-36323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to...

8.2CVSS7.4AI score0.02025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-32612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HDF5 Library through 1.14.3 contains a heap-based buffer over-read in H5HLfldeserialize in H5HLcache.c, resulting in the corruption of the instruction pointer, ...

7.4CVSS7AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2018-14033

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olayoutdecode in H5Olayout.c, related to...

8.8CVSS6.9AI score0.01561EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2021-28875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer...

7.5CVSS7.8AI score0.02122EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2018-14031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Tcopy in H5T.c. CVE-2018-14031 Note that Nessus...

8.8CVSS6.9AI score0.01568EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-14035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VMmemcpyvv in H5VM.c. CVE-2018-14035 Note that...

8.8CVSS7.5AI score0.01239EPSS
Exploits0References4
Rows per page
Query Builder