11955 matches found
Siemens SIMATIC Devices Improper Input Validation (CVE-2023-50495)
NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component ncwrapentry. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...
Amazon Linux 2 : docker, --advisory ALAS2ECS-2025-076 (ALASECS-2025-076)
The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-076 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container...
CVE-2025-12199
No description is available for this CVE. Mitigation No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability. To reduce the risk, ensure that only trusted and validated configuration files are used by dnsmasq, and...
Siemens SIMATIC Devices Improper Input Validation (CVE-2024-42281)
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gsosize Linearize the skb when downgrading gsosize because it may trigger a BUGON later when the skb is segmented as described in 1,2. This plugin only works with Tenable.ot. Please visit...
Rockwell Automation Compact GuardLogix 5370
RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system devices...
CVE-2025-62672
rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...
RUSTSEC-2025-0074 `unic-segment` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icusegmenter - unicode-segmentation...
`unic-segment` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icusegmenter - unicode-segmentation...
Segmentation fault and invalid memory read in `mnl::cb_run`
The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...
SUSE CVE-2025-61908
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
CVE-2025-61908
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
Linux Distros Unpatched Vulnerability : CVE-2025-61908
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null...
CVE-2025-61908
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
CVE-2025-61908
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
DEBIAN-CVE-2025-61908
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
UBUNTU-CVE-2025-61908
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
EUVD-2025-34793
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
CVE-2025-61908
CVE-2025-61908 – Icinga 2 Denial of Service : Multiple vendor advisories confirm a vulnerability in Icinga 2 where creating an invalid reference (e.g., a reference to null) dereferences a null pointer and triggers a segmentation fault, crashing the daemon when a filter expression is provided via ...
CVE-2025-61908 Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...
USN-7825-1: MuPDF vulnerabilities
It was discovered that MuPDF incorrectly managed memory, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-1000036 It was discovered that MuPDF could enter an infinite loop when parsing certain P...