Lucene search
+L

70 matches found

ubuntucve
ubuntucve
added 2024/11/26 12:0 a.m.13 views

CVE-2024-11691

Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. This bug only affected the application on Apple M series hardware. Other platforms were unaffected. This vulnerability affects Firefox 13...

8.8CVSS7.2AI score0.00704EPSS
Exploits0References11
ubuntucve
ubuntucve
added 2024/11/26 12:0 a.m.8 views

CVE-2024-11704

A double-free issue could have occurred in secpkcs7decoderstartdecrypt when handling an error path. Under specific conditions, the same symmetric key could have been freed twice, potentially leading to memory corruption. This vulnerability affects Firefox 133, Thunderbird 133, Firefox ESR 128.7,...

9.8CVSS6.7AI score0.00919EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2024/10/29 12:0 a.m.13 views

CVE-2024-10466

By sending a specially crafted push message, a remote server could have hung the parent process, causing the browser to become unresponsive. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

7.5CVSS6.8AI score0.00809EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2024/10/29 12:0 a.m.11 views

CVE-2024-10462

Truncation of a long URL could have allowed origin spoofing in a permission prompt. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...

7.5CVSS6.8AI score0.0054EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2024/10/29 12:0 a.m.16 views

CVE-2024-10459

An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox 132, Firefox ESR 128.4, Firefox ESR 115.17, Thunderbird 128.4, and Thunderbird 132...

7.5CVSS6.9AI score0.00597EPSS
Exploits0References8
ubuntucve
ubuntucve
added 2024/10/03 12:0 a.m.13 views

CVE-2024-9402

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 131, Firefox ESR...

9.8CVSS7.2AI score0.0061EPSS
Exploits0References10
ubuntucve
ubuntucve
added 2024/10/03 12:0 a.m.11 views

CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox 131, Firefox ESR 128.3, Thunderbird 128.3, and Thunderbird 131...

8.8CVSS6.8AI score0.00474EPSS
Exploits0References10
ubuntucve
ubuntucve
added 2024/09/12 12:0 a.m.9 views

CVE-2024-8754

An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provider identities when JWT authentication is...

8.1CVSS5.8AI score0.00408EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2024/09/03 1:15 p.m.11 views

CVE-2024-8389

Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 130...

9.8CVSS7.3AI score0.00489EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2024/09/03 1:15 p.m.10 views

CVE-2024-8382

Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence would indicate certain browser features had...

8.8CVSS7.1AI score0.00561EPSS
Exploits0References9
ibm
ibm
added 2024/07/16 12:17 p.m.30 views

Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.

Summary Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details CVEID:CVE-2023-4641 DESCRIPTION: shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive...

5.5CVSS7.1AI score0.04459EPSS
Exploits4Affected Software1
ubuntucve
ubuntucve
added 2024/01/26 12:0 a.m.36 views

CVE-2022-48622

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

7.8CVSS7.5AI score0.00415EPSS
Exploits1References2
ubuntu
ubuntu
added 2023/03/15 4:20 p.m.81 views

USN-5957-1: LibreCAD vulnerabilities

Cody Sixteen discovered that LibreCAD incorrectly handled memory when parsing DXF files. An attacker could use this issue to cause LibreCAD to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2018-19105 Lilith of Cisco Talos discovered tha...

9.3CVSS7.4AI score0.06617EPSS
Exploits7
openvas
openvas
added 2022/10/11 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-5668-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00419EPSS
Exploits0References2
cnnvd
cnnvd
added 2022/06/08 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel 5.17, which stems from a small table perturbation that causes insufficient randomization in net/ipv4/tcp.c when the Linux kernel...

8.2CVSS6.7AI score0.02986EPSS
Exploits0References59
ubuntu
ubuntu
added 2021/05/11 9:41 a.m.165 views

USN-4943-1: XStream vulnerabilities

Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. CVE-2020-26217 It was discovered that XStream was vulnerable to...

9.9CVSS7AI score0.85001EPSS
Exploits21
ubuntu
ubuntu
added 2021/04/01 5:33 p.m.120 views

USN-4900-1: OpenEXR vulnerabilities

It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

5.5CVSS6.4AI score0.01848EPSS
Exploits0
gitee
gitee
added 2020/11/16 3:14 p.m.8 views

IMChecker

This repository is an offensive tool for API misuse detection, specifically designed to identify API misuse bugs in C programs. The tool is called IMChecker, and it uses a constraint-directed static analysis technique powered by a domain-specific language DSL for specifying API usage constraints...

6.8AI score
Exploits0
ubuntucve
ubuntucve
added 2020/04/09 3:15 a.m.41 views

CVE-2020-11656

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement...

9.8CVSS6.8AI score0.07407EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2018/06/15 2:29 a.m.29 views

CVE-2018-12438

The Elliptic Curve Cryptography library aka sunec or libsunec allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the...

4.9CVSS5.9AI score0.00464EPSS
Exploits1References1
Rows per page
Query Builder