Lucene search
K

6095 matches found

Debian CVE
Debian CVE
added 2025/04/18 7:1 a.m.7 views

CVE-2025-38479

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-edma: free irq correctly in remove path Add fsledma-txirq/errirq check to avoid below warning because no errirq at i.MX9 platform. Otherwise there will be kernel dump: WARNING: CPU: 0 PID: 11 at...

7.8CVSS5.6AI score0.00228EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/04/18 7:1 a.m.8 views

CVE-2025-38575

In the Linux kernel, the following vulnerability has been resolved: ksmbd: use aeadrequestfree to match aeadrequestalloc Use aeadrequestfree instead of kfree to properly free memory allocated by aeadrequestalloc. This ensures sensitive crypto data is zeroed before being freed...

5.5CVSS5.6AI score0.00219EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/04/18 7:1 a.m.6 views

CVE-2025-37860

In the Linux kernel, the following vulnerability has been resolved: sfc: fix NULL dereferences in ef100processdesignparam Since cited commit, ef100probemain and hence also ef100checkdesignparams run before efx-netdev is created; consequently, we cannot netifsettsomaxsize or segs at this point. Mo...

5.5CVSS5.3AI score0.00215EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.13 views

Advisory ROSA-SA-2025-2848

Software: libsndfile 1.0.28 OS: ROSA Virtualization 2.1 packageevrstring: libsndfile-1.0.28-16.rv3 CVE-ID: CVE-2022-33065 BDU-ID: 2025-03968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the aureadheader function of the src/au.c component of the Libsndfile audio file reading and writing library...

7.8CVSS8.2AI score0.00351EPSS
Exploits2
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.14 views

Advisory ROSA-SA-2025-2850

Software: libX11 1.6.8 OS: ROSA Virtualization 2.1 packageevrstring: libX11-1.6.8-9.0.1.rv3 CVE-ID: CVE-2020-14344 BDU-ID: 2020-03916 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the X Window System libX11 client API provisioning library is caused by an integer overflow. Exploitation of the...

9.8CVSS10AI score0.10634EPSS
Exploits4
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.34 views

Advisory ROSA-SA-2025-2835

Software: bind-dyndb-ldap 11.6 OS: ROSA Virtualization 2.1 packageevrstring: bind-dyndb-ldap-11.6-5.rv3 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the algorithm...

7.5CVSS7.8AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.7 views

Advisory ROSA-SA-2025-2832

Software: avahi 0.7 OS: ROSA Virtualization 2.1 packageevrstring: avahi-0.7-21.0.1.rv3 CVE-ID: CVE-2023-1981 BDU-ID: 2023-03858 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Avahi Local Area Network Service Discovery System involves uncontrolled resource consumption. Exploitation of the...

6.2CVSS7AI score0.0045EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/04/11 10:8 p.m.11 views

Advisory ROSA-SA-2025-2833

Software: binutils 2.30 OS: ROSA Virtualization 2.1 packageevrstring: binutils-2.30-125.0.1.rv3 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.5AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.17 views

Advisory ROSA-SA-2025-2825

Software: python-pip 9.0.3 OS: ROSA Virtualization 3.0 packageevrstring: python-pip-9.0.3-24.rv30 CVE-ID: CVE-2007-4559 BDU-ID: 2022-05975 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the extract and extractall functions of the tarfile module of the Python programming language interpreter is...

9.8CVSS7.6AI score0.27095EPSS
Exploits3
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.16 views

Advisory ROSA-SA-2025-2823

Software: python-dns 1.15.0 OS: ROSA Virtualization 3.0 packageevrstring: python-dns-1.15.0-12.rv30 CVE-ID: CVE-2023-29483 BDU-ID: 2025-03301 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the Python toolkit dnspython is related to insufficient validation of user input. Exploitation of the...

7CVSS7.4AI score0.01857EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.25 views

Advisory ROSA-SA-2025-2830

Software: golang 1.19.13 OS: ROSA Virtualization 3.0 packageevrstring: golang-1.19.13-2.rv30 CVE-ID: CVE-2023-29402 BDU-ID: 2023-03201 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Cgo module of the Go programming language is related to incorrect code generation control when handling directory...

9.8CVSS9AI score0.99999EPSS
Exploits19
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.9 views

Advisory ROSA-SA-2025-2820

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 packageevrstring: tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2021-41043 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The Use after free vulnerability in tcpslice causes AddressSanitizer, with no other confirmed impact. CVE-STATUS: The vulnerability has been...

5.5CVSS7.3AI score0.0087EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.9 views

Advisory ROSA-SA-2025-2815

Software: binutils 2.30 OS: ROSA Virtualization 3.0 packageevrstring: binutils-2.30-125.rv30 CVE-ID: CVE-2018-12699 BDU-ID: 2021-01389 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the finishstab function of the stabs.c file of the Binutils program development kit is related to an operation...

9.8CVSS9.6AI score0.04505EPSS
Exploits1
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.8 views

Advisory ROSA-SA-2025-2817

Software: rpm 4.14.3 OS: ROSA Virtualization 3.0 packageevrstring: rpm-4.14.3-31.rv30 CVE-ID: CVE-2021-35937 BDU-ID: 2021-03555 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the RPM Package Manager RPM of Red Hat Enterprise Linux operating systems is caused by a race condition. Exploitation of t...

6.7CVSS7AI score0.00491EPSS
Exploits3
Rosalinux
Rosalinux
added 2025/04/11 9:49 p.m.15 views

Advisory ROSA-SA-2025-2812

Software: mariadb 10.5.27 OS: ROSA Virtualization 3.0 packageevrstring: mariadb-10.5.27-1.rv30 CVE-ID: CVE-2023-22084 BDU-ID: 2023-06913 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to insufficient input validation...

4.9CVSS8.9AI score0.01782EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 9:49 p.m.11 views

Advisory ROSA-SA-2025-2807

Software: less 530 OS: ROSA Virtualization 3.0 packageevrstring: less-530-3.rv30 CVE-ID: CVE-2022-48624 BDU-ID: 2024-04438 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the closealtfile filename.c function for UNIX-like Less text terminals is related to the skipping of Shellquote calls for...

7.8CVSS8.9AI score0.01059EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 9:49 p.m.20 views

Advisory ROSA-SA-2025-2792

Software: bind-dyndb-ldap 11.6 OS: ROSA Virtualization 3.0 packageevrstring: bind-dyndb-ldap-11.6-5.rv30 CVE-ID: CVE-2023-50387 BDU-ID: 2024-01359 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DNSSEC component of the DNS protocol implementation of the DNS server BIND is related to the...

7.5CVSS7.8AI score0.99995EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 9:49 p.m.22 views

Advisory ROSA-SA-2025-2791

Software: bind 9.11.36 OS: ROSA Virtualization 3.0 packageevrstring: bind-9.11.36-16.rv30.4 CVE-ID: CVE-2022-3094 BDU-ID: 2023-00580 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the named component of the DNS BIND server is related to the ability to use memory after it has been freed. Exploitatio...

7.5CVSS7.8AI score0.99995EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/09 6:21 p.m.20 views

Security Bulletin: IBM Software Support mobile app is vulnerable to multiple vulnerabilities due to 3rd party software

Summary This release includes information about multiple vulnerabilities, improving the overall security and stability of the application. The types of vulnerabilities resolved include: Axios Vulnerability: Addressed an issue that could potentially cause SSRF and credential leakage server and...

8.7CVSS6.8AI score0.01429EPSS
Exploits1Affected Software1
Patchstack
Patchstack
added 2025/04/09 7:24 a.m.5 views

WordPress Accordion plugin <= 2.3.11 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k in WordPress Plugin Accordion versions = 2.3.11...

8.8CVSS8.7AI score0.00832EPSS
Exploits0Affected Software1
Rows per page
Query Builder