Lucene search
K

212 matches found

UbuntuCve
UbuntuCve
added 2025/03/17 10:15 p.m.79 views

CVE-2024-40635

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

7.8CVSS6.7AI score0.00275EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2025/03/10 9:15 p.m.13 views

CVE-2025-1920

Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00324EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/02/19 5:15 p.m.12 views

CVE-2025-1426

Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00615EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/02/15 2:15 a.m.8 views

CVE-2025-0998

Rejected reason: Not exploitable...

7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/03 10:50 a.m.4 views

Malicious code in kupo-app-secure-store-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d04ed47c7e296896a93ec11ccbe851b0a3d33f3afe06d2aaba32be6263363a33 The OpenSSF Package Analysis project identified 'kupo-app-secure-store-plugin' @ 99.0.0 npm as malicious. It is considered malicious because: -...

6.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2024/09/23 11:15 p.m.9 views

CVE-2024-7023

Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00355EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/09/17 9:15 p.m.5 views

CVE-2024-8904

Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.1AI score0.00472EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2024/07/31 12:0 a.m.18 views

CVE-2024-6992

Unknown description...

5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/22 12:0 a.m.24 views

CVE-2024-5159

Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.4AI score0.00641EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2024/05/15 9:15 p.m.23 views

CVE-2024-4949

Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS6.6AI score0.00939EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2024/05/01 1:15 p.m.24 views

CVE-2024-4331

Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.01228EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/19 4:34 p.m.55 views

Security Bulletin: IBM i Access Client Solutions is vulnerable to a remote attacker bypassing integrity checks in Apache Mina SSHD Common (CVE-2023-48795)

Summary IBM i Access Client Solutions is vulnerable to a remote attacker bypassing integrity checks CVE-2023-48795 found in Apache Mina SSHD Common. Apache Mina SSHD Common is used by the Open Source Package Manager feature of IBM i Access Client Solutions when authenticating to the IBM i server...

5.9CVSS6.4AI score0.93305EPSS
Exploits4Affected Software1
UbuntuCve
UbuntuCve
added 2024/04/10 7:15 p.m.26 views

CVE-2024-3516

Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.8AI score0.01EPSS
Exploits1References3
Amazon
Amazon
added 2024/03/21 12:0 a.m.3 views

Important: aws-nitro-enclaves-cli

Issue Overview: RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 Affected Packages: aws-nitro-enclaves-cli Issue Correction: Run dnf update aws-nitro-enclaves-cli --releasever...

6.9AI score
Exploits0
Amazon
Amazon
added 2024/03/04 12:0 a.m.4 views

Important: unbound

Issue Overview: Certain DNSSEC aspects of the DNS protocol in RFC 4035 and related RFCs allow remote attackers to cause a denial of service CPU consumption via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification...

7.5CVSS6.9AI score0.99995EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/02/20 12:30 p.m.39 views

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

Cybersecurity researchers have discovered two malicious packages on the Python Package Index PyPI repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP6HelperHttptest and NP6HelperHttpe...

9.8CVSS7.7AI score0.12661EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/01/24 12:15 a.m.20 views

CVE-2024-0804

Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS7.1AI score0.00491EPSS
Exploits0References3
NVD
NVD
added 2023/12/22 9:15 p.m.33 views

CVE-2023-51449

Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of gradio prior to 4.11.0 contained a vulnerability in the /file route which made them susceptible to file traversal...

7.5CVSS0.0228EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/11/29 12:15 p.m.35 views

CVE-2023-6350

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. Chromium security severity: High...

8.8CVSS7.2AI score0.01118EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2023/07/29 12:15 a.m.24 views

CVE-2021-4318

Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.0055EPSS
Exploits1References3
Rows per page
Query Builder