Lucene search
K

799 matches found

Debian CVE
Debian CVE
added 2025/08/04 12:0 a.m.4 views

CVE-2025-50422

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled-face == NULL" assertion failure for cairoftunscaledfontfini in cairo-ft-font.c...

2.9CVSS5.2AI score0.00205EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/07/31 8:18 p.m.3 views

CVE-2025-48072 OpenEXR's Inaccurate Pointer Arithmetic can Cause an Out of Bounds Heap

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR...

6.8CVSS6.8AI score0.00496EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/07/31 7:23 p.m.8 views

OpenEXR Out-Of-Memory via Unbounded File Header Values

Summary The OpenEXR file format defines many information about the final image inside of the file header, such as the size of data/display window. The application trusts the value of dataWindow size provided in the header of the input file, and performs computations based on this value. This may...

5.5CVSS6.5AI score0.00242EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/07/28 2:14 a.m.4 views

USN-7673-1 openjdk-21-crac vulnerabilities

It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

8.6CVSS6.9AI score0.01058EPSS
Exploits1References5
OSV
OSV
added 2025/07/28 2:7 a.m.5 views

USN-7672-1 openjdk-17-crac vulnerabilities

It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

8.6CVSS6.9AI score0.01058EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/27 3:27 p.m.4 views

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

7CVSS7AI score0.00165EPSS
Exploits0References4
NVD
NVD
added 2025/07/25 4:15 p.m.4 views

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

7.1CVSS0.00165EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack memory usage issue after a reshape operation, which could cause the kernel to crash...

7.1CVSS7.9AI score0.00165EPSS
Exploits0References10
OSV
OSV
added 2025/07/24 1:21 a.m.3 views

USN-7667-1 openjdk-8 vulnerabilities

It was discovered that the 2D component of OpenJDK 8 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 Mashroor Hasan Bhuiyan discovered that the JSSE compone...

8.1CVSS6.9AI score0.01058EPSS
Exploits1References5
OSV
OSV
added 2025/07/22 10:15 p.m.2 views

UBUNTU-CVE-2025-53538

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/07/22 9:36 p.m.5 views

CVE-2025-53538

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

7.5CVSS5.3AI score0.00432EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/22 9:36 p.m.7 views

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

7.5CVSS0.00432EPSS
Exploits0References3
OSV
OSV
added 2025/07/22 9:36 p.m.5 views

CVE-2025-53538 Suricata's mishandling of data on HTTP2 stream 0 can lead to resource starvation

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

7.5CVSS6.4AI score0.00432EPSS
Exploits0References5
OSV
OSV
added 2025/07/17 11:37 a.m.4 views

SUSE-SU-2025:02347-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2025-47183: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244406. - CVE-2025-47219: Fixed out-of-bounds read in MOV/MP4 demuxer bsc1244405. - CVE-2024-47540: Fixed uninitialized stack memory in Matroska/WebM demuxer...

9.8CVSS6.3AI score0.00997EPSS
Exploits2References7
CVE
CVE
added 2025/07/15 2:26 p.m.144 views

CVE-2025-48795

Apache CXF contains a memory-pressure vulnerability where large stream-based messages stored as temporary files are fully read into memory and logged, enabling potential DoS via out-of-memory when logs are written unencrypted. Fixes are available in CXF versions 3.5.11, 3.6.6, 4.0.7, and 4.1.1, w...

5.6CVSS6.3AI score0.00624EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.5 views

Azure Linux 3.0 Security Update: coredns (CVE-2025-47950)

The version of coredns installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-47950 advisory. - CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service DoS...

7.5CVSS7.8AI score0.01132EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/07/10 4:59 p.m.9 views

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

7.5CVSS6.5AI score0.04409EPSS
Exploits1
OSV
OSV
added 2025/07/10 8:14 a.m.3 views

CVE-2025-38321 smb: Log an error when close_all_cached_dirs fails

In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when closeallcacheddirs fails Under low-memory conditions, closeallcacheddirs can't move the dentries to a separate list to dput them once the locks are dropped. This will result in a "Dentry still in use" error...

5.5CVSS6AI score0.00164EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/07/08 12:49 p.m.9 views

CVE-2025-21466 Use After Free in Display

Memory corruption while processing a private escape command in an event trigger...

7.8CVSS0.00082EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 10:33 a.m.9 views

CVE-2025-20983

Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

6.4CVSS0.00127EPSS
Exploits0References1
Rows per page
Query Builder