Lucene search
K

799 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.11 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.0.2)

The version of AHV installed on the remote host is prior to AHV-10.3.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.0.2 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the...

9.8CVSS7.6AI score0.73495EPSS
Exploits13References22
OSV
OSV
added 2025/09/05 12:39 p.m.4 views

OESA-2025-2094 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

9.8CVSS6.7AI score0.0053EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/31 12:0 a.m.3 views

RHEL 10 : thunderbird (RHSA-2025:14844)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:14844 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Denial-of-service due to out-of-memor...

9.8CVSS7.8AI score0.0053EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-30775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by for example sending a crafted PDF document to the pdftoppm...

5.5CVSS6.7AI score0.00795EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-35920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

5.5CVSS5.7AI score0.00398EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/08/25 8:6 a.m.4 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.9AI score0.0053EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/08/25 2:7 a.m.7 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.8CVSS6.9AI score0.0053EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-45412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memo...

8.8CVSS8AI score0.00789EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/08/14 11:22 p.m.2 views

SUSE CVE-2025-55199

Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory OOM termination. This issue has been resolved in Helm 3.18.5. A workaround involves...

6.5CVSS6.9AI score0.00311EPSS
Exploits0References8
NVD
NVD
added 2025/08/14 1:15 p.m.3 views

CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

4.8CVSS0.00186EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-37981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use iskdumpkernel to check for kdump The smartpqi driver checks the...

7.8CVSS6.1AI score0.00154EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/08/07 6:2 p.m.6 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.79 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.79 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

8.8CVSS7AI score0.03239EPSS
Exploits12References3
Redos
Redos
added 2025/08/06 12:0 a.m.7 views

ROS-20250806-10

A vulnerability in the WebRTC technology of Google Chrome browser is related to the use of memory after its release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service by using a specially crafted HTML page A vulnerability in the V8...

8.8CVSS8.3AI score0.09185EPSS
Exploits5
Positive Technologies
Positive Technologies
added 2025/08/06 12:0 a.m.6 views

PT-2025-32111 · Unknown · Blockchain Keystore

Name of the Vulnerable Software and Affected Versions: Blockchain Keystore versions prior to 1.3.17.2 Description: An out-of-bounds write issue exists in the creation of bitmap images. This can allow a local privileged attacker to write to memory outside of allocated boundaries. Recommendations:...

6.7CVSS6.3AI score0.0012EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-52616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: lib/mpi - Fix unexpected pointer access in mpiecinit When the mpiecctx structure is...

5.5CVSS6AI score0.0023EPSS
Exploits0References2
NVD
NVD
added 2025/08/05 3:15 p.m.5 views

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

9.8CVSS0.00599EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/08/05 2:33 p.m.5 views

CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

7.5CVSS6.1AI score0.00599EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/08/05 2:33 p.m.7 views

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

9.8CVSS7.8AI score0.00599EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.6 views

PT-2025-31936

Name of the Vulnerable Software and Affected Versions OpenJPEG versions 2.5.3 and earlier Description OpenJPEG is an open-source JPEG 2000 codec. A call to the opj jp2 read header function may lead to an out-of-bounds heap memory write when the data stream p stream is too short and p image is not...

9.8CVSS7.5AI score0.00599EPSS
Exploits1References49
CVE
CVE
added 2025/08/04 12:0 a.m.45 views

CVE-2025-50422

CVE-2025-50422 affects Cairo (up to 1.18.4) as used in Poppler (up to 25.08.0). The issue is an assertion failure (unscaled->face == NULL) in _cairo_ft_unscaled_font_fini within cairo-ft-font.c, leading to a crash in affected workflows. Mitigations from connected advisories: update Cairo/Poppl...

2.9CVSS6.3AI score0.00205EPSS
Exploits0References4
Rows per page
Query Builder