Lucene search
K

2521 matches found

RedHat Linux
RedHat Linux
added 2025/08/13 9:40 a.m.6 views

angle: insufficient input validation can cause undefined behavior

A flaw was found in the libANGLE library. An improper input validation can cause undefined behavior when a specially crafted webpage is visited, potentially resulting in code execution...

8.8CVSS7.2AI score0.09185EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/08/13 12:0 a.m.1 views

ImageMagick 安全漏洞

ImageMagick is a suite of open source image processing software from ImageMagick Open Source. It can read, convert or write images in many formats. A security vulnerability exists in ImageMagick versions prior to 6.9.13-27 and 7.1.2-1, which stems from undefined behavior in the splay tree clone...

6.1CVSS6.1AI score0.0038EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-1556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The incorrect object was checked for NULL in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only...

6.5CVSS7.5AI score0.00474EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-22067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdnsmrvlxspisetupclock If requestedclk 128,...

7.8CVSS6.5AI score0.00174EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-47763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wasmtime is an open source runtime for WebAssembly. Wasmtime's implementation of WebAssembly tail calls combined with stack traces can result in a runtime crash...

5.5CVSS5.4AI score0.00244EPSS
Exploits0References2
OSV
OSV
added 2025/08/11 11:15 p.m.3 views

UBUNTU-CVE-2025-55159

slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the getdisjointmut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has...

5.1CVSS5.7AI score0.00156EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/08/11 11:0 p.m.4 views

CVE-2025-55159

slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the getdisjointmut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has...

5.1CVSS5.3AI score0.00156EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-27069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ovl: relax WARNON in ovlverifyarea syzbot hit an assertion in copy up data loop which looks...

5.5CVSS5.8AI score0.00193EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-39462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign -num before accessing -hws Commit f316cdff8d67 clk: Annotate struct...

9.8CVSS5.8AI score0.00762EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-37739

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as below: ------------ cut here ------------ UBSAN:...

7.1CVSS6.6AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2021-47065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour...

7.8CVSS6.2AI score0.00234EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-40014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - objtool, spi: amd: Fix out-of-bounds stack access in amdsetspifreq If speedhz AMDSPIMINHZ, amdsetspifreq iterates over the entire amdspifreq array without...

7.8CVSS6.8AI score0.00194EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-4774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability...

6.5CVSS7.6AI score0.00372EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/30 12:0 a.m.2 views

CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-49796)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49796 advisory. - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can...

9.1CVSS6.6AI score0.01437EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/29 12:20 a.m.4 views

zlib: Out-of-bound pointer arithmetic in inftrees.c

A vulnerability was discovered in the inftrees.c file of zlib. Pointer arithmetic operations violate the C standard by subtracting an offset from an array pointer before its allocated memory, leading to undefined behavior...

8.8CVSS7.3AI score0.04793EPSS
Exploits0References6
OSV
OSV
added 2025/07/25 2:15 p.m.0 views

DEBIAN-CVE-2025-38415

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sbminblocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfsbioread" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, issues an ioctl"/dev/loop0...

7.8CVSS5.8AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the nfsd module not verifying that it is a v4 composite request, which could lead to undefined behavior...

5.5CVSS6.8AI score0.00175EPSS
Exploits0References9
OSV
OSV
added 2025/07/17 9:19 p.m.4 views

GHSA-9RCW-C2F9-2J55 OpenZeppelin Contracts Bytes's lastIndexOf function with position argument performs out-of-bound memory access on empty buffers

Impact The lastIndexOfbytes,byte,uint256 function of the Bytes.sol library may access uninitialized memory when the following two conditions hold: 1 the provided buffer length is empty i.e. buffer.length == 0 and position is not 2256 - 1 i.e. pos != typeuint256.max. The pos argument could be used...

6.9CVSS6.7AI score0.00334EPSS
Exploits0References5
CVE
CVE
added 2025/07/17 6:25 p.m.20 views

CVE-2025-54070

OpenZeppelin Contracts (Bytes.sol) lastIndexOf(bytes, byte, uint256) is vulnerable in versions prior to 5.4.0 when the input buffer is empty (buffer.length == 0) and pos != type(uint256).max. In this scenario, the function may access uninitialized memory at buffer + 0x20 + pos, potentially return...

6.9CVSS7AI score0.00334EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/07/17 9:12 a.m.6 views

glib: buffer overflow in set_connect_msg()

A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4CONNMSGLEN. This issue may lead to an application crash or other undefined behavior...

9.8CVSS7.3AI score0.01263EPSS
Exploits1References7
Rows per page
Query Builder