Lucene search
K

11953 matches found

Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992840)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992840 advisory. In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/30 9:30 p.m.4 views

EUVD-2025-205846

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

6.5AI score0.00343EPSS
Exploits1References3
Snyk
Snyk
added 2025/12/30 8:41 p.m.2 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getSpan function's memory size check in MemoryInstance, where a multiplication operation can wrap, causing checkAccessBound to incorrectly allow access. An attacker can cause a segmentation fault b...

7.5CVSS6.8AI score0.00285EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 8:16 p.m.5 views

CVE-2025-69261

WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...

7.5CVSS0.00285EPSS
Exploits0References2
NVD
NVD
added 2025/12/30 8:16 p.m.4 views

CVE-2025-50343

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

9.8CVSS0.00343EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/12/30 8:16 p.m.5 views

CVE-2025-69261

WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...

7.5CVSS5.8AI score0.00285EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 8:16 p.m.3 views

UBUNTU-CVE-2025-69261

WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...

7.5CVSS5.8AI score0.00285EPSS
Exploits0References4
OSV
OSV
added 2025/12/30 8:16 p.m.5 views

UBUNTU-CVE-2025-50343

An issue was discovered in matio 1.5.28. A heap-based memory corruption can occur in MatVarCreateStruct when the nfields value does not match the actual number of strings in the fields array. This leads to out-of-bounds reads and invalid memory frees during cleanup, potentially causing a...

9.8CVSS5.8AI score0.00343EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/30 7:43 p.m.3 views

CVE-2025-69261 WasmEdge integer wrap in MemoryInstance::getSpan()'s memory size check

WasmEdge is a WebAssembly runtime. Prior to version 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound to incorrectly allow the access. This leads to a segmentation fault. Version 0.16.0-alpha.3 contains a patch for the issue...

6.9CVSS6.4AI score0.00285EPSS
Exploits0References2
CVE
CVE
added 2025/12/30 7:43 p.m.223 views

CVE-2025-69261

Summary: CVE-2025-69261 affects WasmEdge, a WebAssembly runtime. Prior to 0.16.0-alpha.3, a multiplication in WasmEdge/include/runtime/instance/memory.h can wrap, causing checkAccessBound() to incorrectly permit access and may trigger a segmentation fault. A patch is included in 0.16.0-alpha.3. R...

7.5CVSS6.4AI score0.00285EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/12/30 12:23 p.m.1 views

CVE-2022-50879

In the Linux kernel, the following vulnerability has been resolved: objtool: Fix SEGFAULT findinsn will return NULL in case of failure. Check insn in order to avoid a kernel Oops for NULL pointer dereference...

5.3AI score0.00173EPSS
Exploits0
CVE
CVE
added 2025/12/30 12:0 a.m.30 views

CVE-2025-50343

CVE-2025-50343 affects libmatio (MAT-file I/O library). A heap-based memory corruption can occur in Mat_VarCreateStruct() when nfields does not match the actual number of strings in the fields array, causing out-of-bounds reads and invalid memory frees during cleanup, potentially leading to a seg...

9.8CVSS6.7AI score0.00343EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.7 views

WasmEdge 输入验证错误漏洞

WasmEdge is a WebAssembly runtime open-sourced by WasmEdge Runtime. An input validation error vulnerability exists in WasmEdge versions prior to 0.16.0-alpha.3, which stems from a multiplication operation resulting in a wrap-around error that could trigger a segmentation violation...

7.5CVSS5.8AI score0.00285EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

MATIO 安全漏洞

MATIO is an open source C language library for reading and writing binary MATLAB MAT files by tbeu individual developers. A security vulnerability exists in MATIO version 1.5.28, which stems from a mismatch between the value of nfields in the MatVarCreateStruct function and the actual number of...

9.8CVSS6.6AI score0.00343EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992645)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992645 advisory. In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before...

5.5CVSS6.1AI score0.00186EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/12/28 12:0 a.m.18 views

SecureBank: A Financially-Aware Zero Trust Architecture for High-Assurance Banking Systems

Financial institutions increasingly rely on distributed architectures, open banking APIs, cloud native infrastructures, and high frequency digital transactions. These transformations expand the attack surface and expose limitations in traditional perimeter based security models. While Zero Trust...

6.8AI score
Exploits0
OSV
OSV
added 2025/12/27 8:15 p.m.4 views

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

7.5CVSS6.4AI score
Exploits0References1
OSV
OSV
added 2025/12/27 8:15 p.m.5 views

AZL-73234 CVE-2025-14180 affecting package php for versions less than 8.1.34-1

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS5.8AI score0.00573EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/12/27 7:21 p.m.18 views

CVE-2025-14180 NULL Pointer Dereference in PDO quoting

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS0.00573EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/12/27 7:21 p.m.3 views

CVE-2025-14180 NULL Pointer Dereference in PDO quoting

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS6AI score0.00573EPSS
Exploits2References1
Rows per page
Query Builder