Lucene search
K

4078 matches found

RedHat Linux
RedHat Linux
added 2025/12/22 1:36 p.m.10 views

firefox: thunderbird: Privilege escalation in the Netmonitor component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Netmonitor component...

8.8CVSS5.7AI score0.00334EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/22 12:43 a.m.20 views

HDF5: HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow

A vulnerability was found in HDF5. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. Manipulation leads to a heap-based buffer overflow...

7.8CVSS6AI score0.00361EPSS
Exploits1References8
Chainguard
Chainguard
added 2025/12/20 1:21 p.m.3 views

GHSA-VC5P-V9HR-52MJ vulnerabilities

Vulnerabilities for packages: zipkin, apache-tika-fips, sonarqube, opensearch, apache-hop-fips, spark-fips, camunda-zeebe, kafka-bridge-fips, tritonserver-backend-vllm-cuda-12.9, wso2is, py3-vllm-cuda-12.4, apache-pulsar, commercial-elasticsearch, nuxeo, confluent-kafka-jre-bcfips, infinispan,...

5.8AI score
Exploits0
CBLMariner
CBLMariner
added 2025/12/19 2:46 p.m.1 views

CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1

CVE-2025-65082 affecting package httpd for versions less than 2.4.66-1. An upgraded version of the package is available that resolves this issue...

6.5CVSS6.9AI score0.00758EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/12/19 2:46 p.m.2 views

CVE-2025-65637 affecting package moby-buildx for versions less than 0.7.1-27

CVE-2025-65637 affecting package moby-buildx for versions less than 0.7.1-27. A patched version of the package is available...

7.5CVSS6.9AI score0.00563EPSS
Exploits1
CBLMariner
CBLMariner
added 2025/12/19 2:46 p.m.2 views

CVE-2025-65637 affecting package cni-plugins for versions less than 1.3.0-10

CVE-2025-65637 affecting package cni-plugins for versions less than 1.3.0-10. A patched version of the package is available...

7.5CVSS6.9AI score0.00563EPSS
Exploits1
Redos
Redos
added 2025/12/19 12:0 a.m.4 views

ROS-20251219-7303

A vulnerability in the MongoDB database management system server is related to the use of assert or a similar operator. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

7.5CVSS6.7AI score0.00252EPSS
Exploits0
Redos
Redos
added 2025/12/19 12:0 a.m.6 views

ROS-20251219-7304

Vulnerability in mongodb-org related to flaws in authorization procedure. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

6.5CVSS6.9AI score0.00192EPSS
Exploits0
Redos
Redos
added 2025/12/19 12:0 a.m.6 views

ROS-20251219-7301

Vulnerability in nomad related to incorrect link definition before accessing a file. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.5CVSS7AI score0.00507EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/12/18 3:15 p.m.2 views

CVE-2025-14861

Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 146.0.1...

8.8CVSS7.4AI score0.00208EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/18 3:15 p.m.1 views

CVE-2025-14860

Use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 146.0.1...

9.8CVSS7.3AI score0.00265EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/12/18 2:21 p.m.4 views

CVE-2025-14861

Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 146.0.1...

8.8CVSS8.6AI score0.00208EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/12/18 9:30 a.m.9 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper bounds checking and result in an unexpected process crash...

4.3CVSS6AI score0.01317EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/18 12:26 a.m.2 views

SUSE CVE-2025-68146

filelock is a platform-independent file lock for Python. In versions prior to 3.20.1, a Time-of-Check-Time-of-Use TOCTOU race condition allows local attackers to corrupt or truncate arbitrary user files through symlink attacks. The vulnerability exists in both Unix and Windows lock file creation...

4.7CVSS6.2AI score0.00184EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/12/17 8:46 p.m.4 views

CVE-2025-43541

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

4.3CVSS6.2AI score0.32EPSS
Exploits0
Chainguard
Chainguard
added 2025/12/17 1:23 p.m.4 views

GHSA-R6J8-C6R2-37RR vulnerabilities

Vulnerabilities for packages: kubernetes-csi-driver-nfs-fips, cephcsi-fips, kapp-fips, longhorn-manager-fips, longhorn-share-manager, longhorn-share-manager-fips, kubernetes-csi-driver-nfs, node-feature-discovery, calico, rancher-support-bundle-kit, azuredisk-csi-fips, calico-fips,...

5.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/12/17 12:19 p.m.6 views

webkit: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop

A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...

7.4CVSS5.8AI score0.00277EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/17 6:13 a.m.4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause a buffer overflow due to improper bounds checking and result in an unexpected process crash...

4.3CVSS6AI score0.01317EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/17 4:58 a.m.4 views

webkit: WebKitGTK: Remote user-assisted information disclosure via file drag-and-drop

A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser...

7.4CVSS5.8AI score0.00277EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/12/17 4:58 a.m.4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

4.3CVSS5.7AI score0.00621EPSS
Exploits0References5
Rows per page
Query Builder