Lucene search
K

2995 matches found

UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.1 views

CVE-2025-38244

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when reconnecting channels Fix cifssignalcifsdforreconnect to take the correct lock order and prevent the following deadlock from happening =====================================================...

5.5CVSS6.2AI score0.00107EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.1 views

CVE-2025-38247

In the Linux kernel, the following vulnerability has been resolved: userns and mntidmap leak in opentreeattr2 Once wantmountsetattr has returned a positive, it does require finishmountkattr to release -mntuserns. Failing domountsetattr does not change that. As the result, we can end up leaking...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.3 views

CVE-2025-38262

In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...

5.5CVSS6.3AI score0.00147EPSS
Exploits0References38
UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.2 views

CVE-2025-38251

In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevent NULL deref in clippush Blamed commit missed that vccdestroysocket calls clippush with a NULL skb. If clipdevs is NULL, clippush then crashes when reading skb-truesize...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.3 views

CVE-2025-38241

In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix softlockup with mTHP swapin Following softlockup can be easily reproduced on my test machine with: echo always /sys/kernel/mm/transparenthugepage/hugepages-64kB/enabled swapon /dev/zram0 zram0 is a 48G swap...

5.5CVSS5.9AI score0.00094EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.3 views

CVE-2025-38255

In the Linux kernel, the following vulnerability has been resolved: lib/groupcpus: fix NULL pointer dereference from groupcpusevenly While testing nullblk with configfs, echo 0 pollqueues will trigger following panic: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 000...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/07/08 6:15 p.m.3 views

CVE-2025-0928

In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controller user was allowed to upload arbitrary agent binaries to any model or to the controller itself, without verifying model membership or requiring explicit permissions. This enabled the distribution of poisoned binaries to new or...

8.8CVSS6.3AI score0.00569EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2025/07/08 5:0 p.m.2 views

CVE-2025-27614

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script e.g., Bourne shell, Perl, Python, ... supplied by the attacker by invoking...

8.6CVSS7.2AI score0.00314EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/07 3:15 p.m.2 views

CVE-2025-6714

MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...

7.5CVSS5.9AI score0.00307EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/07 3:15 p.m.4 views

CVE-2025-6713

An unauthorized user may leverage a specially crafted aggregation pipeline to access data without proper authorization due to improper handling of the $mergeCursors stage in MongoDB Server. This may lead to access to data without further authorisation. This issue affects MongoDB Server MongoDB...

7.7CVSS5.9AI score0.00336EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/05 1:15 a.m.3 views

CVE-2025-53603

In Alinto SOPE SOGo 2.0.2 through 5.12.2, sope-core/NGExtensions/NGHashMap.m allows a NULL pointer dereference and SOGo crash via a request in which a parameter in the query string is a duplicate of a parameter in the POST body...

7.5CVSS5.9AI score0.00592EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/04 9:15 p.m.3 views

CVE-2025-7069

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FSsectlinksize of the file src/H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to t...

5.5CVSS5.3AI score0.00215EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/07/04 3:15 p.m.3 views

CVE-2025-52496

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...

7.8CVSS7AI score0.00189EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/07/04 3:15 p.m.3 views

CVE-2025-49601

In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...

6.5CVSS6AI score0.00259EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/04 3:15 p.m.2 views

CVE-2025-49600

In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsverify may accept invalid signatures if hash computation fails and internal errors go unchecked, enabling LMS Leighton-Micali Signature forgery in a fault scenario. Specifically, unchecked return values in mbedtlslmsverify allow an attacker who can induce ...

4.9CVSS6AI score0.00125EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.7 views

CVE-2025-38211

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

7.8CVSS6.3AI score0.00154EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.3 views

CVE-2025-38181

In the Linux kernel, the following vulnerability has been resolved: calipso: Fix null-ptr-deref in calipsoreqset,delattr. syzkaller reported a null-ptr-deref in sockomalloc while allocating a CALIPSO option. 0 The NULL is of struct sock, which was fetched by sktofullsk in calipsoreqsetattr. Since...

5.5CVSS6.3AI score0.00172EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.3 views

CVE-2025-38219

In the Linux kernel, the following vulnerability has been resolved: f2fs: prevent kernel warning due to negative inlink from corrupted image WARNING: CPU: 1 PID: 9426 at fs/inode.c:417 dropnlink+0xac/0xd0 home/cc/linux/fs/inode.c:417 Modules linked in: CPU: 1 UID: 0 PID: 9426 Comm: syz-executor56...

5.5CVSS6.3AI score0.0015EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.2 views

CVE-2025-38209

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: remove tag set when second admin queue config fails Commit 104d0e2f6222 "nvme-fabrics: reset admin connection for secure concatenation" modified nvmetcpsetupctrl to call nvmetcpconfigureadminqueue twice. The first call...

7.8CVSS6.6AI score0.00146EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.2 views

CVE-2025-38201

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is unset. Similar to: b541ba7d1f5a "netfilter: conntrack...

7.8CVSS6.6AI score0.00185EPSS
Exploits0References17
Rows per page
Query Builder