Lucene search
K

11953 matches found

CVE
CVE
added 2025/12/24 1:6 p.m.19 views

CVE-2023-54094

CVE-2023-54094 — Linux kernel : The issue arises when GRO-ed packets (rx-gro-list) are bridged to local input and an egress device, where segmentation writes into cloned skbs with shared heads, risking skb corruption and a NULL dereference. A fix was implemented by uncloning as needed for the skb...

5.8AI score0.00168EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/24 1:6 p.m.22 views

CVE-2023-54094 net: prevent skb corruption on frag list segmentation

In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: 62.624003 BUG: kernel NULL pointer dereference, address: 00000000000000c0...

0.00168EPSS
Exploits0References5
OSV
OSV
added 2025/12/24 1:6 p.m.5 views

CVE-2023-54094 net: prevent skb corruption on frag list segmentation

In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting different oops alike: 62.624003 BUG: kernel NULL pointer dereference, address: 00000000000000c0...

6.1AI score0.00168EPSS
Exploits0References8
NVD
NVD
added 2025/12/24 11:16 a.m.5 views

CVE-2025-68725

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...

5.5CVSS0.00161EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/12/24 10:33 a.m.24 views

CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...

0.00161EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2025/12/24 10:33 a.m.3 views

CVE-2025-68725

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...

5.7AI score0.00161EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2025/12/24 10:33 a.m.4 views

CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...

5.5CVSS6.3AI score0.00161EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a fragment list corruption during segmentation, which could lead to a null pointer dereference...

6.2AI score0.00168EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-52918

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where BPF test infrastructure could emit invalid GSO types to the stack. This issue stemmed from a fuzzer tool triggering a warning in netif skb feature...

5.5CVSS5.9AI score0.00161EPSS
Exploits0
NVD
NVD
added 2025/12/16 2:15 p.m.7 views

CVE-2025-68229

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Fix segfault in tcmlooptpgaddressshow If the allocation of tlhba-sh fails in tcmloopdriverprobe and we attempt to dereference it in tcmlooptpgaddressshow we will get a segfault, see below for an example. So...

0.00172EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/12/14 11:50 p.m.4 views

CVE-2025-67901

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p-rem and p-len is not checked...

5.3CVSS6.5AI score0.00243EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/14 12:0 a.m.8 views

PT-2025-51180

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p-rem and p-len is not checked...

5.3CVSS6.8AI score0.00243EPSS
Exploits0References3
Snyk
Snyk
added 2025/12/12 10:7 p.m.2 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the parsing process of DICOM files containing encapsulated PixelData fragments. An attacker can cause a segmentation fault and an application crash by supplying a crafted malicious DICOM file. Remediation Upgrade...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References2
NVD
NVD
added 2025/12/12 9:15 p.m.3 views

CVE-2025-11266

An out-of-bounds write vulnerability exists in the Grassroots DICOM library GDCM. The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments compressed image data stored as multiple fragments. This vulnerability leads to a segmentation fault caused...

6.8CVSS0.00119EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/12 8:48 p.m.17 views

CVE-2025-11266 Grassroots DICOM (GDCM) Out-of-bounds Write

An out-of-bounds write vulnerability exists in the Grassroots DICOM library GDCM. The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments compressed image data stored as multiple fragments. This vulnerability leads to a segmentation fault caused...

6.8CVSS0.00119EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.5 views

Amazon Linux 2023 : postgresql15, postgresql15-contrib, postgresql15-llvmjit (ALAS2023-2025-1313)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1313 advisory. Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE...

5.9CVSS5.8AI score0.00301EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/09 12:0 a.m.19 views

Amazon Linux 2023 : libpq, libpq-devel (ALAS2023-2025-1299)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1299 advisory. Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network peer to cause libpq to undersize an allocation and write out-of-bounds by hundre...

5.9CVSS5.4AI score0.00301EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.4 views

PT-2025-49425

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the virtio-net component of the Linux kernel related to the handling of received packet lengths in large packets. A change introduced by commit 4959aebba8c0 altered how...

4.3CVSS6.2AI score0.00168EPSS
Exploits0
Amazon
Amazon
added 2025/12/08 12:0 a.m.4 views

Medium: postgresql15

Issue Overview: Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail...

5.9CVSS6.7AI score0.00301EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.5 views

Amazon Linux 2 : libpq, --advisory ALAS2POSTGRESQL14-2025-020 (ALASPOSTGRESQL14-2025-020)

The version of libpq installed on the remote host is prior to 14.20-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2POSTGRESQL14-2025-020 advisory. Integer wraparound in multiple PostgreSQL libpq client library functions allows an application input provider or network...

5.9CVSS5.5AI score0.00301EPSS
Exploits0References4
Rows per page
Query Builder