Lucene search
K

387 matches found

OSV
OSV
added 2025/08/11 8:15 a.m.7 views

AZL-66168 CVE-2025-8837 affecting package jasper for versions less than 4.2.1-3

A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...

7.8CVSS4.8AI score0.00221EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-50097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: fec: don't save PTP state if PTP is unsupported Some platforms such as i.MX25 and i.MX2...

5.5CVSS5.8AI score0.00229EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-49826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix double atahostput in atatportadd In the error path in atatportadd...

7.8CVSS6.2AI score0.00194EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-23156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: venus: hfiparser: refactor hfi packet parsing logic wordscount denotes the number of words in total payload, while data points to payload of various...

7.1CVSS6.8AI score0.00178EPSS
Exploits0References2
OSV
OSV
added 2025/07/28 12:15 p.m.11 views

UBUNTU-CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

4.7CVSS6.1AI score0.00115EPSS
Exploits0References48
OSV
OSV
added 2025/07/25 3:27 p.m.4 views

CVE-2025-38443 nbd: fix uaf in nbd_genl_connect() error path

In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbdgenlconnect error path There is a use-after-free issue in nbd: block nbd6: Receive control failed result -104 block nbd6: shutting down sockets ==================================================================...

7.8CVSS6.3AI score0.00151EPSS
Exploits0References10
OSV
OSV
added 2025/07/25 1:20 p.m.4 views

CVE-2025-38409 drm/msm: Fix another leak in the submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

5.5CVSS6.4AI score0.00156EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2025/07/04 11:22 p.m.9 views

SUSE CVE-2025-38193

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

6.1CVSS6.5AI score0.00161EPSS
Exploits0References23
OSV
OSV
added 2025/07/04 2:15 p.m.1 views

DEBIAN-CVE-2025-38184

In the Linux kernel, the following vulnerability has been resolved: tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer The reproduction steps: 1. create a tun interface 2. enable l2 bearer 3. TIPCNLUDPGETREMOTEIP with media name set to tun tipc: Started in network mode tipc: Nod...

5.5CVSS5.7AI score0.00161EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/20 2:28 a.m.3 views

CVE-2022-50002

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fix logic over MLX5LAGFLAGNDEVSREADY Only set MLX5LAGFLAGNDEVSREADY if both netdevices are registered. Doing so guarantees that both ldev-pfMLX5LAGP0.dev and ldev-pfMLX5LAGP1.dev have valid pointers when...

7CVSS6.7AI score0.00198EPSS
Exploits0References4
NVD
NVD
added 2025/06/18 11:15 a.m.7 views

CVE-2022-50064

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...

7.8CVSS0.00157EPSS
Exploits0References2
NVD
NVD
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50049

In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections at dpcmaddpaths, it doesn't check whether the picked BE actually supports for the given stream direction. Due to that, when an asymmetric ...

5.5CVSS0.00157EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/18 11:1 a.m.10 views

CVE-2022-50002 net/mlx5: LAG, fix logic over MLX5_LAG_FLAG_NDEVS_READY

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: LAG, fix logic over MLX5LAGFLAGNDEVSREADY Only set MLX5LAGFLAGNDEVSREADY if both netdevices are registered. Doing so guarantees that both ldev-pfMLX5LAGP0.dev and ldev-pfMLX5LAGP1.dev have valid pointers when...

0.00198EPSS
Exploits0References2
NVD
NVD
added 2025/06/18 10:15 a.m.4 views

CVE-2025-38031

In the Linux kernel, the following vulnerability has been resolved: padata: do not leak refcount in reorderwork A recent patch that addressed a UAF introduced a reference count leak: the paralleldata refcount is incremented unconditionally, regardless of the return value of queuework. If the work...

5.5CVSS0.0017EPSS
Exploits0References9
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.1 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fixed invalid pointer dereferencing in Etron handling. This check is performed before preparetransfer and preparering, so enqueue can already point to the final link TRB of a segment. Indeed, this happens about 0.4% of...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2025/06/06 1:3 p.m.162 views

CVE-2025-38000

CVE-2025-38000 affects the Linux kernel HFSC scheduler qlen accounting: when enqueuing the first packet, hfsc_enqueue() previously used child qdisc peek() before updating sch->q.qlen and sch->qstats.backlog, which could trigger a dequeue and leave the HFSC class in an inconsistent state (po...

7.8CVSS6.6AI score0.00179EPSS
Exploits0References10Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 1:11 a.m.5 views

CVE-2022-1289

A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch...

6.5CVSS6.7AI score0.01137EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.6 views

CVE-2022-36002

TensorFlow is an open source platform for machine learning. When Unbatch receives a nonscalar input id, it gives a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. The fix will be included in TensorFlow...

7.5CVSS6.7AI score0.00396EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:54 p.m.6 views

CVE-2021-37660

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation has a logic error: it should skip processing i...

5.5CVSS6AI score0.00154EPSS
Exploits0References1
NVD
NVD
added 2025/05/20 4:15 p.m.9 views

CVE-2025-37913

In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will make the parent qdisc's enqueue callback reentrant. In the case of qfq,...

7.8CVSS0.00176EPSS
Exploits0References10
Rows per page
Query Builder