Lucene search
K

2988 matches found

Debian CVE
Debian CVE
added 2025/12/16 1:57 p.m.4 views

CVE-2025-68216

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...

5.3AI score0.00155EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/12/16 1:43 p.m.3 views

CVE-2025-68190

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...

5.3AI score0.00166EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2023-53827

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2capdisconnectreq,rsp Similar to commit d0be8347c623 "Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput", just use l2capchanholdunlesszero to prevent referencing a channel that i...

5.9AI score0.00216EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53852

In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchapsecretstore Free dhchapsecret in nvmectrldhchapsecretstore before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 size 64: comm "check", pid 22048, jiffies 4344316705...

5.7AI score0.00191EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53841

In the Linux kernel, the following vulnerability has been resolved: devlink: report devlinkporttypewarn source device devlinkporttypewarn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device driver has no devlink port...

5.8AI score0.00216EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/12/08 12:0 a.m.1 views

CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

6.1AI score0.00161EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/12/04 4:16 p.m.1 views

CVE-2025-40264

In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrbparams in case of OS2BMC beinsertvlaninpkt is called with the wrbparams argument being NULL at besendpkttobmc call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific...

5.9AI score0.00182EPSS
Exploits0References33
UbuntuCve
UbuntuCve
added 2025/12/03 7:15 p.m.3 views

CVE-2025-12819

Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...

8.1CVSS7.4AI score0.00315EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/12/02 1:31 a.m.3 views

GHSA-G7RM-8PW5-WVG2 vulnerabilities

Vulnerabilities for packages: linux-aws, linux-gcp, linux-azure...

5.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/02 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2025-13837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...

5.5CVSS7.1AI score0.00193EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/11/26 12:0 a.m.3 views

CVE-2025-63938

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the stripreturnport function within src/reqs.c...

6.5CVSS5.2AI score0.00229EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/11/25 12:15 a.m.2 views

CVE-2025-64505

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

6.1CVSS6.4AI score0.00184EPSS
Exploits2References7
UbuntuCve
UbuntuCve
added 2025/11/24 2:15 p.m.1 views

CVE-2025-65501

Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...

4.3CVSS5.9AI score0.00226EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/11/24 2:15 p.m.1 views

CVE-2025-65493

NULL pointer dereference in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIOgetdata to return NULL...

7.5CVSS5.9AI score0.00331EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-11935

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the...

7.5CVSS5.8AI score0.00199EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/11/21 11:15 a.m.2 views

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.8AI score0.0015EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2025/11/17 6:15 p.m.4 views

CVE-2025-64756

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS8.1AI score0.03026EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/11/13 3:32 p.m.6 views

CVE-2025-64718

js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution proto. All users who parse untrusted yaml documents may be impacted. The problem is patched in...

5.3CVSS6.2AI score0.0037EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/11/12 10:15 p.m.2 views

CVE-2025-40192

In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in ...

5.7AI score0.00162EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/11/12 11:15 a.m.2 views

CVE-2025-40145

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

5.7AI score0.00197EPSS
Exploits0References9
Rows per page
Query Builder