Lucene search
K

2994 matches found

UbuntuCve
UbuntuCve
added 2025/11/21 11:15 a.m.3 views

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

5.8AI score0.0015EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2025/11/17 6:15 p.m.4 views

CVE-2025-64756

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS8.1AI score0.03026EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2025/11/13 3:32 p.m.6 views

CVE-2025-64718

js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution proto. All users who parse untrusted yaml documents may be impacted. The problem is patched in...

5.3CVSS6.2AI score0.0037EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/11/12 10:15 p.m.3 views

CVE-2025-40192

In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in ...

5.7AI score0.00162EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/11/12 11:15 a.m.2 views

CVE-2025-40145

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...

5.7AI score0.00197EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-40120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock Prevent USB runtime PM autosuspend for AX88772 in bind. usbnet enables runtime PM autosuspend...

5.8AI score0.00179EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/11/07 7:42 p.m.8 views

CVE-2025-10230

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS8.7AI score0.39677EPSS
Exploits2
Chainguard
Chainguard
added 2025/11/02 1:49 p.m.6 views

CVE-2025-61725 vulnerabilities

Vulnerabilities for packages: multus-cni, kubevela, xcover, google-osconfig-agent, crossplane, configmap-reload-fips, terraform-provider-tls-fips, minio-operator-fips, aws-signer-notation-plugin, velero-plugin-for-aws-fips, prometheus-fips, consul, grpcurl-fips, x509-certificate-exporter-fips,...

7.5CVSS6.7AI score0.00613EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/10/31 12:0 a.m.11 views

CVE-2025-23050

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...

3.1CVSS5.2AI score0.00172EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/30 12:0 a.m.3 views

IBM Sterling Connect Direct for Unix 安全漏洞

IBM Sterling Connect Direct for Unix is a file transfer program from International Business Machines IBM. A security vulnerability exists in IBM Sterling Connect Direct for Unix versions 6.2.0.7 through 6.2.0.9, iFix004 and 6.4.0.0 through 6.4.0.2, iFix001 and 6.3.0.2 through 6.3.0.5, iFix002,...

7.2CVSS6.5AI score0.00322EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/10/29 10:10 p.m.2 views

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS6.6AI score0.00526EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/10/28 12:0 a.m.4 views

CVE-2025-61103

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinklanadjsid function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

7.5CVSS5.2AI score0.00582EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/10/28 12:0 a.m.4 views

CVE-2025-61106

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextprefprefsid function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

7.5CVSS5.2AI score0.00582EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/10/24 11:44 a.m.4 views

CVE-2025-40019

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...

5.1AI score0.00274EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/10/23 12:15 p.m.2 views

CVE-2025-62397

The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance...

5.3CVSS5.9AI score0.00254EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/10/22 11:23 p.m.2 views

SUSE CVE-2025-62589

unknown...

8.2CVSS7AI score0.00191EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/22 2:15 p.m.1 views

CVE-2023-53693

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in rawgadget driver Currently, increasing rawdev-count happens before invoke the rawqueueevent, if the rawqueueevent return error, invoke rawrelease will not trigger the devfree to be called...

5.9AI score0.00195EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/10/22 2:15 p.m.2 views

CVE-2023-53725

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttctimerprobe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttctimerprobe warn: 'timerbaseaddr' from ofiomap not released on lines: 498,508,516. timerbaseaddr may...

5.9AI score0.00191EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2025/10/22 1:23 p.m.6 views

CVE-2023-53732

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix NULL dereference in niwriteinode Syzbot reports a NULL dereference in niwriteinode. When creating a new inode, if allocation fails in miinit function called in miformatnew function, mi-mrec is set to NULL. In the...

5.2AI score0.00182EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/10/22 1:23 p.m.5 views

CVE-2022-50568

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: fix fhidg lifetime vs cdev The embedded struct cdev does not have its lifetime correctly tied to the enclosing struct fhidg, so there is a use-after-free if /dev/hidgN is held open while the gadget is deleted...

5.5AI score0.002EPSS
Exploits0
Rows per page
Query Builder