Lucene search
+L

479 matches found

AlpineLinux
AlpineLinux
added 2025/02/25 3:53 p.m.6 views

CVE-2025-26594

A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free...

7.8CVSS7.6AI score0.00359EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/25 12:0 a.m.18 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : libxml2 vulnerabilities (USN-7302-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7302-1 advisory. It was discovered that libxml2 incorrectly handled certain memory operations. A remot...

9.8CVSS7.1AI score0.02298EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:1079-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.6AI score0.0138EPSS
Exploits1References4
OSV
OSV
added 2025/02/11 12:55 a.m.6 views

USN-7263-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2025-1011, CVE-2025-1013,...

9.8CVSS7.2AI score0.01196EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/02/05 12:44 p.m.23 views

CVE-2024-43783

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Instances of the Apollo Router running versions =1.21.0 and =1.7.0 and 1.52.1 are impacted by a denial-of-service vulnerability if all of the...

7.5CVSS6.5AI score0.00857EPSS
Exploits1References1
Amazon
Amazon
added 2025/02/05 12:0 a.m.15 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability has been resolved: usb-storage: alauda: Check whether the media is initialized...

7.8CVSS7.3AI score0.00302EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2025/01/31 12:0 a.m.8 views

Security update for stb (important)

openSUSE Security Update: Security update for stb Announcement ID: openSUSE-SU-2025:0039-1 Rating: important References: 1216478 Cross-References: CVE-2019-13217 CVE-2019-13218 CVE-2019-13219 CVE-2019-13220 CVE-2019-13221 CVE-2019-13222 CVE-2019-13223 Affected Products: openSUSE Backports...

7.8CVSS8.3AI score0.01545EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/01/23 12:0 a.m.27 views

GLSA-202501-08 : Qt: Buffer Overflow

The remote host is affected by the vulnerability described in GLSA-202501-08 Qt: Buffer Overflow When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash or freeze or get out of memory on recursive entity expansion, with DTD tokens i...

7.5CVSS7.4AI score0.01553EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/01/22 12:0 a.m.7 views

CVE-2023-37008

Open5GS MME versions = 2.6.4 contain a buffer overflow in the ASN.1 deserialization function of the S1AP handler. This buffer overflow causes type confusion in decoded fields, leading to invalid parsing and freeing of memory. An attacker may use this to crash an MME or potentially execute code in...

5.8AI score0.00283EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/01/21 12:0 a.m.37 views

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2025-1123)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : kernel: drm/sched: Avoid data corruptionsCVE-2021-47354 drm/sched: Avoid data corruptionsCVE-2024-46759 hwmon: lm95234 Fix underflows seen when...

9.8CVSS7.8AI score0.02701EPSS
Exploits3References62
Debian CVE
Debian CVE
added 2025/01/15 1:5 p.m.10 views

CVE-2024-57883

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD page table shared count The folio refcount may be increased unexpectly through trygetfolio by caller such as splithugepages. In hugepmdunshare, we use refcount to check whether a pmd page table is...

5.5CVSS5.6AI score0.00203EPSS
Exploits0
OSV
OSV
added 2025/01/14 7:22 p.m.10 views

BIT-PHP-MIN-2021-21708 UAF due to php_filter_float() failing

In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTERVALIDATEFLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in...

9.8CVSS9.5AI score0.03002EPSS
Exploits1References4
OSV
OSV
added 2025/01/14 7:22 p.m.14 views

BIT-PHP-MIN-2022-31625 Freeing unallocated memory in php_pgsql_free_params()

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when using Postgres database extension, supplying invalid parameters to the parametrized query may lead to PHP attempting to free memory using uninitialized data as pointers. This could lead to RCE vulnerability or...

8.1CVSS8.5AI score0.03437EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.32 views

EulerOS 2.0 SP9 : openssl (EulerOS-SA-2025-1058)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds...

4.3CVSS7AI score0.05966EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/01/14 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2025-1009)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.8AI score0.05966EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/13 12:0 a.m.13 views

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2025-1009)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Use of the low-level GF2^m elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds...

4.3CVSS7AI score0.05966EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/10 12:0 a.m.15 views

PT-2025-8846

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel's fastrpc driver has been identified, where the calculation of page size for non-registered buffers does not account for the offset, potentially leading to...

7.8CVSS7.4AI score0.00193EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/01/09 7:18 p.m.5 views

webkit: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling, resulting in a denial of service...

7.5CVSS5.7AI score0.00973EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2025-25422

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description A flaw was found in GIMP, specifically an integer overflow vulnerability in the "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height,...

7.8CVSS8.5AI score0.00419EPSS
Exploits0References47
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.5 views

PT-2025-49860

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 146 Firefox ESR versions prior to 140.6 Thunderbird versions prior to 146 Thunderbird ESR versions prior to 140.6 Description The software contains memory safety bugs that could potentially lead to arbitrary code...

9.8CVSS8AI score0.0057EPSS
Exploits2References61
Rows per page
Query Builder