Lucene search
K

19 matches found

UbuntuCve
UbuntuCve
added 2025/11/17 6:15 p.m.4 views

CVE-2025-64756

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS7AI score0.03026EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.2 views

CVE-2025-59728

When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...

8.7CVSS6AI score0.00172EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.4 views

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS6.7AI score0.00171EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.2 views

CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS6.6AI score0.0016EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.3 views

CVE-2025-59732

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...

8.7CVSS6.6AI score0.00155EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.4 views

CVE-2025-59734

It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion storedframe. Stored frames can later be referenced by FTCH chunks. For files using subversion storedframe. Leaving ctx-hasdimensions set to false. A subsequent chunk with type...

8.7CVSS6AI score0.00167EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.4 views

CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS6AI score0.00149EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.4 views

CVE-2025-59729

When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before the start of the allocated buffer. If we load a DHAV file that is larger than MAXDURATIONBUFFERSIZE bytes 0x100000 for example 0x101000 bytes, then at 0 we ha...

5.7CVSS5.9AI score0.00149EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/02/27 7:4 p.m.23 views

CVE-2021-46948

In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX event handling We're starting from a TXQ label, not a TXQ type, so efxchannelgettxqueue is inappropriate and could return NULL, leading to panics...

5.5CVSS5.7AI score0.00222EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/01/31 1:15 p.m.198 views

CVE-2024-1085

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The nftsetelemcatchalldeactivate function checks whether the catch-all set element is active in the current generation instead of the next generation before...

7.8CVSS6.7AI score0.00282EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2024/01/23 3:15 a.m.67 views

CVE-2023-39197

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking conntrack in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol...

7.5CVSS6.4AI score0.00976EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2023/11/09 8:15 p.m.29 views

CVE-2023-39198

A race condition was found in the QXL driver in the Linux kernel. The qxlmodedumbcreate function dereferences the qobj returned by the qxlgemobjectcreatewithhandle, but the handle is the only one holding a reference to it. This flaw allows an attacker to guess the returned handle value and trigge...

7.5CVSS6.6AI score0.0042EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2023/08/28 7:15 p.m.14 views

CVE-2023-39810

An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal...

7.8CVSS6.8AI score0.0071EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/07/18 12:15 a.m.42 views

CVE-2023-38430

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read...

9.1CVSS6.8AI score0.01059EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2023/03/03 12:0 a.m.39 views

CVE-2023-27560

Math/PrimeField.php in phpseclib 3.x before 3.0.19 has an infinite loop with composite primefields...

7.5CVSS7.1AI score0.00815EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/12/26 5:15 a.m.34 views

CVE-2021-44758

Heimdal before 7.7.1 allows attackers to cause a NULL pointer dereference in a SPNEGO acceptor via a preferredmechtype of GSSCNOOID and a nonzero initialresponse value to sendaccept...

7.5CVSS6.4AI score0.01223EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/09/19 10:15 p.m.44 views

CVE-2022-35068

OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e420d...

6.5CVSS6.8AI score0.00767EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2022/08/23 4:15 p.m.45 views

CVE-2021-3714

A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a network...

5.9CVSS6.6AI score0.01095EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/07/08 10:15 p.m.49 views

CVE-2022-2345

Use After Free in GitHub repository vim/vim prior to 9.0.0046...

7.8CVSS7.1AI score0.01207EPSS
Exploits1References3
Rows per page
Query Builder