Lucene search
K

2521 matches found

Debian CVE
Debian CVE
added 2025/04/29 1:13 p.m.15 views

CVE-2025-4087

A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and potentially, memory corruption. This vulnerability was fixed in Firefox 138, Firefox ESR 128.10,...

4.8CVSS6.9AI score0.00267EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/04/28 10:26 a.m.2 views

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

6.2CVSS7.3AI score0.00349EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/04/28 10:7 a.m.6 views

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

6.2CVSS7.3AI score0.00349EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/24 12:0 a.m.5 views

PT-2025-27728

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A potential invalid memory access issue has been identified in the Linux kernel, specifically in the asus-ec-sensors component of the hwmon subsystem. The find ec sensor index function...

5.5CVSS6.3AI score0.00156EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/04/18 11:19 p.m.2 views

SUSE CVE-2025-39728

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...

5.5CVSS7.7AI score0.00214EPSS
Exploits0References15
OSV
OSV
added 2025/04/18 7:15 a.m.2 views

DEBIAN-CVE-2025-40014

In the Linux kernel, the following vulnerability has been resolved: objtool, spi: amd: Fix out-of-bounds stack access in amdsetspifreq If speedhz AMDSPIMINHZ, amdsetspifreq iterates over the entire amdspifreq array without breaking out early, causing 'i' to go beyond the array bounds. Fix that by...

7.8CVSS5.8AI score0.00194EPSS
Exploits0References1
OSV
OSV
added 2025/04/18 7:15 a.m.2 views

DEBIAN-CVE-2025-39728

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...

5.5CVSS5.6AI score0.00214EPSS
Exploits0References1
OSV
OSV
added 2025/04/18 7:15 a.m.1 views

UBUNTU-CVE-2025-40014

In the Linux kernel, the following vulnerability has been resolved: objtool, spi: amd: Fix out-of-bounds stack access in amdsetspifreq If speedhz AMDSPIMINHZ, amdsetspifreq iterates over the entire amdspifreq array without breaking out early, causing 'i' to go beyond the array bounds. Fix that by...

7.8CVSS6.2AI score0.00194EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2025/04/18 7:1 a.m.2 views

CVE-2025-39728 clk: samsung: Fix UBSAN panic in samsung_clk_init()

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...

7.5AI score0.00214EPSS
Exploits0References8
NVD
NVD
added 2025/04/16 3:15 p.m.8 views

CVE-2025-22044

In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: fix narrowing conversion in acpinfitctl Syzkaller has reported a warning in tonfitbusuuid: "only secondary bus families can be translated". This warning is emited if the argument is equal to NVDIMMBUSFAMILYNFIT == 0...

5.5CVSS0.00176EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ext4 attempting to update the superblock even after log destruction, which could lead to undefined behavior...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from cfg80211 not initializing wiphywork before rfkill allocation fails, which could lead to undefined behavior...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/04/14 1:35 a.m.5 views

glibc: buffer overflow in the GNU C Library's assert()

A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...

6.2CVSS7.3AI score0.00349EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.3 views

PT-2025-28997

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue where an uninitialized variable ret is used in the ecc-mxic functionality within the MTD/NAND subsystem. If ctx-steps is zero, the ECC step processin...

5.5CVSS6.5AI score0.00156EPSS
Exploits0
OSV
OSV
added 2025/04/08 7:15 p.m.23 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS6.6AI score0.00452EPSS
Exploits0References6
NVD
NVD
added 2025/04/08 7:15 p.m.8 views

CVE-2025-3416

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS0.00452EPSS
Exploits0References6
CVE
CVE
added 2025/04/08 6:24 p.m.110 views

CVE-2025-3416

CVE-2025-3416 describes a Use-After-Free in rust-openssl used by OpenSSL for handling the properties argument, potentially causing undefined behavior or incorrect property parsing and treating input as an empty string. Connected advisories show this affects AWS Amazon Linux 2/AL2023 ecosystems vi...

3.7CVSS6.8AI score0.00452EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/04/08 6:24 p.m.8 views

CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...

3.7CVSS3.8AI score0.00452EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.2 views

PT-2025-15361

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified rust-openssl crate versions prior to 0.10.71 Description A flaw exists in the handling of the properties argument within certain functions. This issue can lead to a use-after-free condition, where the...

3.7CVSS7AI score0.00452EPSS
Exploits0References165
OSV
OSV
added 2025/04/03 12:55 p.m.7 views

OESA-2025-1372 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: SUNRPC: make sure cache entry active before cacheshow The function cshow was called with protection from RCU. This only ensures that cp will not be freed...

7.8CVSS6.9AI score0.00824EPSS
Exploits3References38
Rows per page
Query Builder