Lucene search
+L

479 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.11 views

CVE-2020-5830

Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

3.3CVSS6.3AI score0.00354EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:55 p.m.7 views

CVE-2020-27949

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may cause unexpected changes in memory belonging to processes traced by DTrace...

5.5CVSS5.9AI score0.00977EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.7 views

CVE-2019-12410

While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory...

7.5CVSS6.7AI score0.04711EPSS
Exploits0References1
OSV
OSV
added 2025/05/20 3:34 p.m.14 views

CVE-2025-37938 tracing: Verify event formats that have "%*p.."

In the Linux kernel, the following vulnerability has been resolved: tracing: Verify event formats that have "%p.." The trace event verifier checks the formats of trace events to make sure that they do not point at memory that is not in the trace event itself or in data that will never be freed. I...

5.5CVSS6.4AI score0.0016EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2025/05/19 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1493)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS5.4AI score0.05966EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/17 12:0 a.m.9 views

EulerOS Virtualization 2.12.1 : openssl (EulerOS-SA-2025-1550)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...

4.3CVSS6.9AI score0.05966EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/17 12:0 a.m.4 views

EulerOS Virtualization 2.12.0 : openssl (EulerOS-SA-2025-1565)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to...

4.3CVSS6.9AI score0.05966EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.22 views

Alibaba Cloud Linux 3 : 0144: httpd:2.4 (ALINUX3-SA-2023:0144)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0144 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2006-20001: A carefully crafted If:...

9.8CVSS7.8AI score0.90407EPSS
Exploits7References15
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.13 views

Alibaba Cloud Linux 3 : 0176: samba (ALINUX3-SA-2022:0176)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0176 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2016-2124: A flaw was found in the way...

8.5CVSS7.3AI score0.01953EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0155: curl (ALINUX3-SA-2022:0155)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0155 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-32206: curl 7.84.0 supports chain...

6.5CVSS6.8AI score0.3197EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/05/13 12:0 a.m.7 views

IBM DB2 Multiple Vulnerabilities (7232529, 7232528) (Windows)

According to its self-reported version number, IBM Db2 on Windows may be affected by multiple vulnerabilites: - IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server under specific configurations could allow an authenticated user to cause a denial of service due to insufficient release ...

6.5CVSS6.4AI score0.00315EPSS
Exploits0References4
OSV
OSV
added 2025/05/07 12:6 p.m.2 views

SUSE-SU-2025:1504-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 - CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 - CVE-2025-32051: Fixed segmentation fault when parsing malformed dat...

9CVSS7AI score0.00916EPSS
Exploits1References33
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.12 views

RockyLinux 8 : thunderbird (RLSA-2025:2900)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:2900 advisory. firefox: thunderbird: Memory safety bugs fixed in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8 CVE-2025-1938 firefox:...

7.5CVSS7.7AI score0.00519EPSS
Exploits1References5
OSV
OSV
added 2025/05/06 3:17 a.m.11 views

USN-7484-1 openjdk-24 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 24 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 24 incorrectly handled compiler transformations. An...

7.4CVSS6.9AI score0.00784EPSS
Exploits0References4
CVE
CVE
added 2025/05/01 2:9 p.m.96 views

CVE-2022-49770

CVE-2022-49770 is a Linux kernel vulnerability affecting the ceph component where, if the decoding of snaps fails, the first_realm and realm may reference the same snaprealm memory. This can cause the same memory to be released twice, leading to use-after-free or related instability (BUG_ON). The...

7.8CVSS6.5AI score0.0019EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2025/05/01 2:9 p.m.20 views

CVE-2022-49770 ceph: avoid putting the realm twice when decoding snaps fails

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'firstrealm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random...

0.0019EPSS
Exploits0References6
OSV
OSV
added 2025/05/01 2:9 p.m.8 views

CVE-2022-49770 ceph: avoid putting the realm twice when decoding snaps fails

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'firstrealm' and 'realm' pointing to the same snaprealm memory. And then it'll put it twice and could cause random...

7.8CVSS6AI score0.0019EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/05/01 12:0 a.m.18 views

Amazon Linux 2 : docker (ALASECS-2025-054)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2025-054 advisory. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...

7.5CVSS7.2AI score0.00868EPSS
Exploits0References6
OSV
OSV
added 2025/04/28 8:27 p.m.4 views

USN-7467-2 libxml2 vulnerabilities

USN-7467-1 fixed several vulnerabilities in libxml2. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use thi...

7.5CVSS5.8AI score0.00559EPSS
Exploits2References3
Ubuntu
Ubuntu
added 2025/04/22 5:24 p.m.20 views

USN-7444-1: Synapse vulnerabilities

It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2023-32683 It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue t...

9.1CVSS6.8AI score0.01463EPSS
Exploits0
Rows per page
Query Builder