Lucene search
K

8849 matches found

RedhatCVE
RedhatCVE
added 2025/09/25 3:3 p.m.4 views

CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

4.8CVSS6.9AI score0.00288EPSS
Exploits0References4
OSV
OSV
added 2025/09/25 2:30 p.m.10 views

USN-7767-2 linux-realtime-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

8.1CVSS6.7AI score0.00328EPSS
Exploits0References102
OSV
OSV
added 2025/09/25 2:19 p.m.9 views

USN-7779-1 linux-ibm, linux-ibm-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

8.1CVSS6.5AI score0.00328EPSS
Exploits0References108
OSV
OSV
added 2025/09/25 10:56 a.m.10 views

USN-7776-1 linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

8.4CVSS6.5AI score0.01345EPSS
Exploits8References147
RedHat Linux
RedHat Linux
added 2025/09/25 12:40 a.m.4 views

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

5.5CVSS6.9AI score0.00176EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.3 views

GNOME glib-networking 缓冲区错误漏洞

GNOME glib-networking is a networking extension package for Glib a collection of five underlying libraries written in C. A buffer error vulnerability exists in GNOME glib-networking that stems from the OpenSSL backend not properly checking the BIOwrite return value, which could lead to an...

4.8CVSS6.5AI score0.00288EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.7 views

Ubuntu Pro 24.04 LTS Realtime Kernel : Linux kernel (Real-time) vulnerabilities (USN-7767-1)

"The remote Ubuntu Pro 24.04 LTS Realtime Kernel host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7767-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

8.1CVSS7.1AI score0.00328EPSS
Exploits0References102
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.3 views

GNOME glib-networking 代码问题漏洞

GNOME glib-networking is a networking extension package for Glib a collection of five underlying libraries written in C. A code issue vulnerability exists in GNOME glib-networking that stems from the OpenSSL backend not properly checking the return value of a memory allocation routine, which coul...

3.7CVSS6.6AI score0.00331EPSS
Exploits0References3
NVD
NVD
added 2025/09/24 8:15 p.m.7 views

CVE-2025-59824

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to version 0.48.0, Omni Wireguard SideroLink has the potential to escape. Omni and each Talos machine establish a peer-to-peer P2P SideroLink connection using WireGuard to mutually authenticate and authorize access. The...

5.4CVSS0.00182EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/24 7:48 p.m.4 views

CVE-2025-59824 Omni Wireguard SideroLink potential escape

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to version 0.48.0, Omni Wireguard SideroLink has the potential to escape. Omni and each Talos machine establish a peer-to-peer P2P SideroLink connection using WireGuard to mutually authenticate and authorize access. The...

2.1CVSS6.7AI score0.00182EPSS
Exploits0References2
CVE
CVE
added 2025/09/24 7:48 p.m.28 views

CVE-2025-59824

The CVE CVE-2025-59824 affects Omni’s WireGuard-based SideroLink used to connect Omni to Talos machines. The issue: the WireGuard interface validates that the source IP matches the Talos peer IPv6 address but does not validate the destination address, meaning a malicious workload on the same Kube...

5.4CVSS6.7AI score0.00182EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/09/24 7:48 p.m.6 views

CVE-2025-59824 Omni Wireguard SideroLink potential escape

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to version 0.48.0, Omni Wireguard SideroLink has the potential to escape. Omni and each Talos machine establish a peer-to-peer P2P SideroLink connection using WireGuard to mutually authenticate and authorize access. The...

2.1CVSS6.8AI score0.00182EPSS
Exploits0References4
OSV
OSV
added 2025/09/24 6:57 p.m.5 views

GHSA-HQRF-67PM-WGFQ Omni Wireguard SideroLink potential escape

Overview Omni and each Talos machine establish a peer-to-peer P2P SideroLink connection using WireGuard to mutually authenticate and authorize access. In this setup, Omni assigns a random IPv6 address to each Talos machine from a /64 network block. Omni itself uses the fixed ::1 address within th...

2.1CVSS7.1AI score0.00182EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/09/24 6:57 p.m.12 views

Omni Wireguard SideroLink potential escape

Overview Omni and each Talos machine establish a peer-to-peer P2P SideroLink connection using WireGuard to mutually authenticate and authorize access. In this setup, Omni assigns a random IPv6 address to each Talos machine from a /64 network block. Omni itself uses the fixed ::1 address within th...

5.4CVSS7.1AI score0.00182EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/09/24 5:12 p.m.9 views

CVE-2025-20313

Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due path...

6.7CVSS0.0018EPSS
Exploits0References1
OSV
OSV
added 2025/09/24 3:20 p.m.9 views

USN-7769-2 linux-realtime-6.14 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

7.8CVSS6.6AI score0.01345EPSS
Exploits8References184
RedHat Linux
RedHat Linux
added 2025/09/24 2:11 p.m.6 views

firefox: thunderbird: Information disclosure in the Networking: Cache component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Networking: Cache component...

6.2CVSS7.3AI score0.00154EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/09/24 2:11 p.m.5 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

8.8CVSS6.9AI score0.00687EPSS
Exploits0References8
OSV
OSV
added 2025/09/24 1:30 p.m.8 views

USN-7770-1 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

7.8CVSS6.6AI score0.01345EPSS
Exploits8References185
OSV
OSV
added 2025/09/24 11:8 a.m.11 views

USN-7766-1 linux-aws-6.8, linux-gcp-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

8.1CVSS6.5AI score0.00328EPSS
Exploits0References102
Rows per page
Query Builder