Lucene search
K

151 matches found

UbuntuCve
UbuntuCve
added 2026/03/19 12:0 a.m.8 views

CVE-2026-2046

Unknown description...

7.1AI score
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/02/04 11:5 p.m.8 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS5.2AI score0.00238EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.5 views

CVE-2025-6597

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects MediaWiki: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...

5.9AI score0.00454EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/08 12:0 a.m.4 views

CVE-2025-40291

In the Linux kernel, the following vulnerability has been resolved: iouring: fix regbuf vector size truncation There is a report of ioestimatebvecsize truncating the calculated number of segments that leads to corruption issues. Check it doesn't overflow "int"s used later. Rough but simple, can b...

5.7AI score0.00162EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/12/05 5:16 p.m.4 views

CVE-2025-14104

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function, affecting SUID Set User ID login-utils utilities writing to the password database...

6.1CVSS6.8AI score0.00179EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/04 4:16 p.m.2 views

CVE-2025-40248

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

5.8AI score0.00203EPSS
Exploits0References33
Debian CVE
Debian CVE
added 2025/08/12 2:24 a.m.17 views

CVE-2025-4390

Removed by vendor...

5.3CVSS6.7AI score0.00307EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/08/07 1:30 a.m.6 views

CVE-2025-8579

Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS4.8AI score0.00234EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/07/28 12:15 p.m.4 views

CVE-2025-38493

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...

5.5CVSS6AI score0.00151EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/07/25 4:15 p.m.3 views

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

7.1CVSS6.6AI score0.00165EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/07/25 4:15 p.m.1 views

CVE-2025-38456

In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmicreateuser The "intf" list iterator is an invalid pointer if the correct "intf-intfnum" is not found. Calling atomicdec&intf-nrusers on and invalid pointer will lead to memo...

7.8CVSS6.6AI score0.00155EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2025/07/22 10:15 p.m.1 views

CVE-2025-53538

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions 7.0.10 and below and 8.0.0-beta1 through 8.0.0-rc1, mishandling of data on HTTP2 stream 0 can lead to uncontrolled memory usage, leading to loss of...

7.5CVSS5.9AI score0.00432EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/17 7:15 p.m.5 views

CVE-2025-53816

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue...

7.5CVSS7.2AI score0.00635EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/07/10 8:15 p.m.6 views

CVE-2025-53506

Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces the maximum permitted concurrent streams. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1...

7.5CVSS7AI score0.01898EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/04 9:15 p.m.4 views

CVE-2025-7068

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FLmalloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

5.5CVSS5AI score0.00194EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/07/04 8:15 a.m.7 views

CVE-2025-32918

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...

8.8CVSS5.9AI score0.00327EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/03 9:15 a.m.2 views

CVE-2025-38113

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference when nosmp is used With nosmp in cmdline, other CPUs are not brought up, leaving their cpcdescptr NULL. CPU0's iteration via foreachpossiblecpu dereferences these NULL pointers, causing...

5.5CVSS6.2AI score0.00157EPSS
Exploits0References30
UbuntuCve
UbuntuCve
added 2025/07/03 9:15 a.m.2 views

CVE-2025-38150

In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the following issue: BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578 mutexlock+0x106/0xe80...

5.5CVSS6AI score0.001EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/03 9:15 a.m.3 views

CVE-2025-38118

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix UAF on mgmtremoveadvmonitorcomplete This reworks MGMTOPREMOVEADVMONITOR to not use mgmtpendingadd to avoid crashes like bellow: ================================================================== BUG: KASAN:...

7.8CVSS6.3AI score0.0016EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2025/07/01 12:0 a.m.8 views

CVE-2025-6297

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...

8.2CVSS7.3AI score0.00341EPSS
Exploits0References2
Rows per page
Query Builder