Lucene search
K

2521 matches found

RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.1 views

kernel: lib/fonts: fix undefined behavior in bit shift for get_default_font

In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds i...

5.5CVSS6.8AI score0.00143EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/12 12:36 p.m.5 views

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

4.8CVSS7.3AI score0.00267EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/05/11 12:0 a.m.3 views

FreeBSD : Mozilla -- XPath parsing undefined behavior (a2d5bd7b-2e85-11f0-a989-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a2d5bd7b-2e85-11f0-a989-b42e991fc52e advisory. [email protected] reports: A vulnerability was identified in Thunderbird where XPath parsing could...

4.8CVSS7AI score0.00267EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/05/10 2:53 a.m.2 views

SUSE CVE-2025-37846

In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET...

5.5CVSS7.7AI score0.00225EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.2 views

PT-2025-20643 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause a heap-based buffer overflow in the inflate read function, which is called indirectly from zip member read all in zip-reader.c. This can be exploited to caus...

9.8CVSS4.7AI score0.00258EPSS
Exploits1References14
SUSE CVE
SUSE CVE
added 2025/05/09 4:54 a.m.2 views

SUSE CVE-2022-49907

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds ...

5.5CVSS6.5AI score0.00188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/05/08 7:58 p.m.4 views

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

4.8CVSS7.3AI score0.00267EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/08 5:6 p.m.14 views

CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

4.6CVSS7AI score0.00123EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/07 2:19 a.m.2 views

SUSE CVE-2022-49870

In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in...

3.3CVSS6.3AI score0.00183EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2025/05/07 2:12 a.m.3 views

SUSE CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS6.7AI score0.00452EPSS
Exploits0References47
Vulnrichment
Vulnrichment
added 2025/05/06 4:57 p.m.10 views

CVE-2025-32022 Finit has heap based buffer overwrite in urandom.so plugin

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

4.6CVSS7.1AI score0.00123EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/05/06 4:57 p.m.6 views

CVE-2025-32022

Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...

4.6CVSS5.7AI score0.00123EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/05/05 11:22 a.m.5 views

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

4.8CVSS7.3AI score0.00267EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2025/05/05 10:13 a.m.4 views

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

4.8CVSS7.3AI score0.00267EPSS
Exploits0References9
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

clk: samsung: Fix UBSAN panic in samsung_clk_init()

...

5.5CVSS7.4AI score0.00214EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.5 views

iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()

...

7.1CVSS7.4AI score0.00188EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/05/05 1:37 a.m.4 views

firefox: thunderbird: Unsafe attribute access during XPath parsing

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...

4.8CVSS7.3AI score0.00267EPSS
Exploits0References9
RustSec
RustSec
added 2025/05/04 12:0 p.m.9 views

Unsound issue in Trailer

Our static analyzer find a potential unsound issue in the construction of Trailer, where it doesn't provide enough check to ensure the soundness. trailer/src/lib.rs, Lines 18 to 25 in d474984: pub fn newcapacity: usize - Trailer unsafe let trailer = Trailer::allocatecapacity; let ptr = trailer.pt...

9.8CVSS5.5AI score0.00464EPSS
Exploits1
OSV
OSV
added 2025/05/02 4:15 p.m.3 views

DEBIAN-CVE-2023-53112

In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix maxsubslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae "drm/i915/sseu: Don't try to store EU mask internally in UAPI format" exposed a potential out-of-bounds access, reported by UBSAN ...

7.1CVSS5.5AI score0.00161EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/02 2:2 a.m.7 views

SUSE CVE-2025-37752

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the check at the end of the...

7CVSS6.5AI score0.00227EPSS
Exploits0References88
Rows per page
Query Builder