Lucene search
K

799 matches found

SUSE Linux
SUSE Linux
added 2025/04/22 9:29 a.m.2 views

Security update for erlang26

This update for erlang26 fixes the following issues: CVE-2025-30211: Fixed KEX init error results with excessive memory usage bsc1240390 CVE-2025-32433: Fixed unauthenticated remote code execution in Erlang/OTP SSH bsc1241300 Patch Instructions: To install this SUSE update use the SUSE recommende...

10CVSS8.8AI score0.97673EPSS
Exploits36References8
CVE
CVE
added 2025/04/18 7:1 a.m.138 views

CVE-2025-38152

CVE-2025-38152 affects the Linux kernel remoteproc subsystem. The root cause is the rproc_shutdown path not clearing rproc->table_sz, which allows a memcpy of loaded_table from rproc->cached_table to use a NULL rproc->cached_table after stopping, causing a kernel crash. The issue is repo...

5.5CVSS6.5AI score0.00218EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/04/18 7:1 a.m.11 views

CVE-2025-38152 remoteproc: core: Clear table_sz when rproc_shutdown

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear tablesz when rprocshutdown There is case as below could trigger kernel dump: Use U-Boot to start remote processorrproc with resource table published to a fixed address by rproc. After Kernel boots up, stop...

5.5CVSS6.1AI score0.00218EPSS
Exploits0References11
CVE
CVE
added 2025/04/16 2:13 p.m.153 views

CVE-2025-22121

CVE-2025-22121 – Linux kernel ext4 xattr check bypass (out-of-bounds read) What’s affected: Linux kernel ext4 filesystem code, specifically ext4_xattr_inode_dec_ref_all() and related xattr handling paths that can read beyond allocated buffers when inodes contain xattrs. What’s the issue: A read o...

7.1CVSS6.5AI score0.00156EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2025/04/15 4:16 p.m.20 views

CVE-2025-32911

A use-after-free type vulnerability was found in libsoup, in the soupmessageheadersgetcontentdisposition function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server...

9CVSS0.00798EPSS
Exploits0References16
NVD
NVD
added 2025/04/14 2:15 p.m.14 views

CVE-2025-32907

A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a fu...

5.3CVSS0.0057EPSS
Exploits0References9
CVE
CVE
added 2025/04/09 4:0 p.m.218 views

CVE-2025-32381

XGrammar (open-source library for structured generation) has a DoS in-memory cache vulnerability. Before version 0.1.18, an unbounded in-memory cache of compiled grammars can be filled by many unique inputs (e.g., numerous JSON schemas), exhausting host memory and causing denial of service. The i...

6.5CVSS6.3AI score0.00434EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/04/07 3:15 a.m.9 views

CVE-2025-27534

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory...

5.5CVSS0.00128EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/29 5:49 p.m.15 views

CVE-2023-52998

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...

5.5CVSS7.3AI score0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/27 4:43 p.m.12 views

CVE-2023-52998 net: fec: Use page_pool_put_full_page when freeing rx buffers

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use pagepoolputfullpage when freeing rx buffers The pagepoolreleasepage was used when freeing rx buffers, and this function just unmaps the page if mapped and does not recycle the page. So after hundreds of down/up the...

0.00159EPSS
Exploits0References2
CVE
CVE
added 2025/03/27 4:43 p.m.87 views

CVE-2022-49754

CVE-2022-49754: Linux kernel Bluetooth mgmt_mesh_add() contains a buffer overflow risk in mgmt_util.c. Smatch indicates mesh_tx->param is 48 bytes while the destination can reach 50 bytes; caller rejects only when len > 50, creating a potential overflow window. Multiple connected sources co...

7.8CVSS7.1AI score0.00197EPSS
Exploits0References2Affected Software1
SUSE Linux
SUSE Linux
added 2025/03/25 8:44 a.m.0 views

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing bsc1239197 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

8.7CVSS6.2AI score0.00804EPSS
Exploits0References4
OSV
OSV
added 2025/03/24 12:57 p.m.2 views

USN-7367-1 zvbi vulnerabilities

It was discovered that zvbi incorrectly handled memory when processing user input. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

7.5CVSS7.3AI score0.00764EPSS
Exploits0References6
OSV
OSV
added 2025/03/20 10:15 a.m.5 views

CVE-2024-7771

A vulnerability in the Dockerized version of mintplex-labs/anything-llm latest, digest 1d9452da2b92 allows for a denial of service. Uploading an audio file with a very low sample rate causes the functionality responsible for transcribing it to crash the entire site instance. The issue arises from...

6.5CVSS6.9AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/03/13 7:11 a.m.8 views

firefox: JIT corruption of WASM i32 return values on 64-bit CPUs

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...

7.6CVSS7AI score0.00294EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2025/03/12 3:32 p.m.18 views

SmallRye Fault Tolerance out-of-memory (OOM) issue

A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...

7.5CVSS6.6AI score0.00908EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2025/03/12 3:15 p.m.17 views

CVE-2025-2240

A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...

7.5CVSS0.00908EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/03/12 2:55 p.m.6 views

CVE-2025-2240 Smallrye-fault-tolerance: smallrye fault tolerance

A flaw was found in Smallrye, where smallrye-fault-tolerance is vulnerable to an out-of-memory OOM issue. This vulnerability is externally triggered when calling the metrics URI. Every call creates a new object within meterMap and may lead to a denial of service DoS issue...

7.5CVSS6.5AI score0.00908EPSS
Exploits0References6
CVE
CVE
added 2025/03/12 2:55 p.m.280 views

CVE-2025-2240

CVE-2025-2240 is a Smallrye fault-tolerance OOM/DoS issue triggered by the metrics endpoint: each call allocates a new object in meterMap, potentially exhausting memory and causing DoS. Connected advisories confirm a fix is available in updated SmallRye Fault Tolerance core; remediation is to upg...

7.5CVSS7.4AI score0.00908EPSS
Exploits0References6
OSV
OSV
added 2025/03/12 11:54 a.m.11 views

USN-7299-3 xorg-server, xwayland regression

USN-7299-2 fix vulnerabilities in X.Org X Server. This fix caused regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update reverts it pending further investigation. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations...

7.8CVSS7.3AI score0.00474EPSS
Exploits0References2
Rows per page
Query Builder