Lucene search
K

2994 matches found

UbuntuCve
UbuntuCve
added 2025/07/17 8:15 p.m.3 views

CVE-2025-3753

A code execution vulnerability has been identified in the Robot Operating System ROS 'rosbag' tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability arises from the use of the eval function to process unsanitized, user-supplied input in the 'rosbag filter' command. This...

7.8CVSS6.4AI score0.00195EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/17 8:15 p.m.4 views

CVE-2024-41148

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...

7.8CVSS5.9AI score0.0019EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/17 8:15 p.m.3 views

CVE-2024-41921

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python...

7.8CVSS6AI score0.0019EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/17 6:15 p.m.4 views

CVE-2025-53644

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability...

9.8CVSS6AI score0.00371EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2025/07/15 8:15 p.m.3 views

CVE-2025-50106

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1;...

8.1CVSS6.8AI score0.00611EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/07/15 8:15 p.m.7 views

CVE-2025-50059

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1...

8.6CVSS6.9AI score0.00501EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/07/15 8:15 p.m.3 views

CVE-2025-50063

Vulnerability in Oracle Java SE component: Install. The supported version that is affected is Oracle Java SE: 8u451. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE executes to compromise Oracle Java SE. Successful attacks...

7.3CVSS6.9AI score0.00245EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/07/15 7:27 p.m.2 views

CVE-2025-50091

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS6.3AI score0.00559EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/15 7:27 p.m.3 views

CVE-2025-50081

Vulnerability in the MySQL Client product of Oracle MySQL component: Client: mysqldump. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise...

3.1CVSS6.3AI score0.00244EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/07/15 12:52 a.m.7 views

socat: arbitrary file overwrite via predictable /tmp directory

A flaw was found in the readline.sh script of Socat through version 1.8.0.1. This vulnerability can allow attackers to exploit improper use of a predictable temporary file...

9.8CVSS6.8AI score0.00794EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/07/14 9:15 p.m.4 views

CVE-2025-53643

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...

7.5CVSS6.8AI score0.00297EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/14 9:15 p.m.5 views

CVE-2025-53819

Nix is a package manager for Linux and other Unix systems. Builds with Nix 2.30.0 on macOS were executed with elevated privileges root, instead of the build users. The fix was applied to Nix 2.30.1. No known workarounds are available...

7.9CVSS5.9AI score0.00122EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/14 8:15 p.m.3 views

CVE-2025-53015

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0, infinite lines occur when writing during a specific XMP file conversion command. Version 7.1.2-0 fixes the issue...

7.5CVSS5.9AI score0.00707EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/07/14 6:15 p.m.6 views

CVE-2025-53014

ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue stems from an off-by-one error that causes out-of-bounds memory access when processi...

9.8CVSS6.1AI score0.00617EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/07/14 2:15 p.m.4 views

CVE-2025-7519

A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account i...

6.7CVSS6.7AI score0.00184EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/12 6:15 a.m.4 views

CVE-2025-7462

A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdfferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer...

5.3CVSS5.7AI score0.00388EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/07/10 8:15 p.m.3 views

CVE-2025-53630

llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the ggufinitfromfileimpl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579...

9.3CVSS5.9AI score0.00318EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/10 8:15 p.m.2 views

CVE-2025-53629

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.23.0, incoming requests using Transfer-Encoding: chunked in the header can allocate memory arbitrarily in the server, potentially leading to its exhaustion. This vulnerability is fixed in 0.23.0. NOTE: Th...

7.5CVSS5.7AI score0.00505EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/07/10 7:15 p.m.8 views

CVE-2025-52520

For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following...

7.5CVSS7AI score0.0196EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/10 4:15 p.m.2 views

CVE-2025-6395

A NULL pointer dereference flaw was found in the GnuTLS software in gnutlsfigurecommonciphersuite...

6.5CVSS6.7AI score0.00619EPSS
Exploits0References4
Rows per page
Query Builder