Lucene search
K

2988 matches found

Debian CVE
Debian CVE
added 2026/02/18 8:49 p.m.5 views

CVE-2025-8860

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFIVARSREGBUFFERSIZE, the .write callback uefivarswrite is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buffer filled with residual data from prior allocations. Wh...

3.3CVSS6.4AI score0.00147EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/02/11 11:16 p.m.3 views

CVE-2026-20608

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

5.5CVSS7.2AI score0.00229EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/02/04 11:5 p.m.30 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS8.3AI score0.00238EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-67857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in moodle. During anonymous assignment submissions, user identifiers were inadvertently exposed in URLs. This data exposure allows unauthorized...

5.3CVSS5.4AI score0.00342EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/02/03 7:29 p.m.5 views

CVE-2025-64098

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...

6.3CVSS5.5AI score0.00434EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/03 7:16 p.m.4 views

CVE-2025-62601

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

7.5CVSS5.7AI score0.00527EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.3 views

CVE-2025-6591

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/api/ApiFeedContributions.Php. This issue affects MediaWiki: from before 1.39.13, 1.42.7 1.43.2, 1.44.0...

5.9AI score0.00393EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/02 11:16 p.m.2 views

CVE-2025-6593

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/user/User.Php. This issue affects MediaWiki: from 1.27.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

2.1CVSS5.9AI score0.00396EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/02/02 11:3 p.m.9 views

CVE-2025-6589

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php. This issue affects MediaWiki: = 1.42.0...

2.1CVSS5.2AI score0.00429EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 11:0 p.m.8 views

CVE-2025-6594

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandbox.Js. This issue affects MediaWiki: from 1.27.0 before...

4.7CVSS5.2AI score0.0027EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/02/02 10:57 p.m.6 views

CVE-2025-6597

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/auth/AuthManager.Php. This issue affects MediaWiki: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...

5.2AI score0.00454EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/02 1:17 p.m.3 views

GHSA-G72F-6G67-W739 vulnerabilities

Vulnerabilities for packages: linux-vmware, linux-gcp, linux-azure, linux-aws, linux-qemu...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/01/28 5:35 p.m.5 views

CVE-2020-36968

Removed by vendor...

7.1CVSS5.2AI score0.0042EPSS
Exploits1
Chainguard
Chainguard
added 2026/01/28 1:17 p.m.5 views

GHSA-XHP4-6G9V-4XVJ vulnerabilities

Vulnerabilities for packages: redis...

5.9AI score
Exploits0
Redos
Redos
added 2026/01/28 12:0 a.m.4 views

ROS-20260128-73-0044

Vulnerability in kernel-lt related to writing outside buffer boundaries in memory. Exploitation of the vulnerability may allow an attacker to execute arbitrary code...

7.8CVSS6.4AI score0.00167EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/01/27 4:1 p.m.6 views

CVE-2025-15469

Issue summary: The 'openssl dgst' command-line tool silently truncates input data to 16MB when using one-shot signing algorithms and reports success instead of an error. Impact summary: A user signing or verifying files larger than 16MB with one-shot algorithms such as Ed25519, Ed448, or ML-DSA m...

5.5CVSS5.3AI score0.00176EPSS
Exploits1
OSV
OSV
added 2026/01/22 6:30 a.m.1 views

GHSA-6W46-J5RX-G56G pytest has vulnerable tmpdir handling

pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...

6.8CVSS5.8AI score0.0014EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/01/20 10:15 p.m.4 views

CVE-2026-0865

User-controlled header names and values containing newlines can allow injecting HTTP headers...

5.9CVSS7.1AI score0.00463EPSS
Exploits0References12
Chainguard
Chainguard
added 2026/01/20 7:20 p.m.4 views

GHSA-JM66-CG57-JJV5 vulnerabilities

Vulnerabilities for packages: request-1276, az, authentik, authentik-fips, py3-cassandra-medusa, barman, open-webui, duplicity, airflow, kserve, pgadmin4, awx...

5.8AI score
Exploits0
Debian CVE
Debian CVE
added 2026/01/13 3:31 p.m.4 views

CVE-2025-71071

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: fix use-after-free on probe deferral The driver is dropping the references taken to the larb devices during probe after successful lookup as well as on errors. This can potentially lead to a use-after-free in case...

7.8CVSS5.3AI score0.00125EPSS
Exploits0
Rows per page
Query Builder