Lucene search
K

2996 matches found

UbuntuCve
UbuntuCve
added 2025/06/27 12:0 a.m.4 views

CVE-2025-6750

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

4.8CVSS5AI score0.00203EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/06/27 12:0 a.m.4 views

CVE-2025-52992

The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow arbitrary processes to modify the content of a store outside of the build sandbox. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and...

3.2CVSS5.5AI score0.00144EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/06/26 2:15 p.m.1 views

CVE-2025-6707

Under certain conditions, an authenticated user request may execute with stale privileges following an intentional change by an authorized administrator. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.24, MongoDB Server v7.0 version prior ...

5.4CVSS5.9AI score0.00143EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/06/26 5:31 a.m.7 views

CVE-2025-2938

Removed by vendor...

8.8CVSS5.8AI score0.00266EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/06/26 5:31 a.m.8 views

CVE-2025-5315

Removed by vendor...

4.3CVSS5.8AI score0.00216EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/06/25 8:15 p.m.3 views

CVE-2025-45333

berkeley-abc abc 1.1 contains a Null Pointer Dereference NPD vulnerability in the AbcNtkCecFraigPart function of its data processing module, leading to unpredictable program behavior, causing segmentation faults, and program crashes...

7.5CVSS5.9AI score0.00357EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/06/25 5:15 p.m.2 views

CVE-2025-52893

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. Th...

4.5CVSS5.9AI score0.00275EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/06/25 5:15 p.m.2 views

CVE-2025-52999

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly...

8.7CVSS6.9AI score0.00634EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/06/25 12:0 a.m.2 views

CVE-2025-5351

A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additiona...

6.5CVSS6.8AI score0.00494EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/06/25 12:0 a.m.5 views

CVE-2025-5987

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS6.7AI score0.0144EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/06/24 12:0 a.m.1 views

CVE-2025-52566

llama.cpp is an inference of several LLM models in C/C++. Prior to version b5721, there is a signed vs. unsigned integer overflow in llama.cpp's tokenizer implementation llamavocab::tokenize src/llama-vocab.cpp:3036 resulting in unintended behavior in tokens copying size comparison. Allowing...

8.8CVSS5.9AI score0.00318EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/06/24 12:0 a.m.3 views

CVE-2025-6536

A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tmtodatetime in the library src/lib/core/datetime.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been...

4.8CVSS5.2AI score0.00144EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/06/23 7:15 p.m.3 views

CVE-2025-6545

Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/to-buffer.Js. This issue affects pbkdf2: from 3.0.10 through 3.1.2...

9.1CVSS6.3AI score0.00359EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/06/23 10:15 a.m.3 views

CVE-2025-52936

Improper Link Resolution Before File Access 'Link Following' vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2...

9.3CVSS5.8AI score0.00158EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/06/23 12:0 a.m.2 views

CVE-2025-6498

A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

5.5CVSS4.8AI score0.00192EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2025/06/20 12:0 a.m.1 views

CVE-2025-38083

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...

4.7CVSS6.1AI score0.00111EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/06/19 4:15 p.m.2 views

CVE-2025-6269

A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5Creconstructcacheentry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

5.3CVSS5.5AI score0.00204EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/06/19 3:15 p.m.3 views

CVE-2025-49014

jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication...

6.9CVSS5.8AI score0.00321EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/06/19 10:7 a.m.8 views

CVE-2025-49763

ESI plugin does not have the limit for maximum inclusion depth, and that allows excessive memory consumption if malicious instructions are inserted. Users can use a new setting for the plugin --max-inclusion-depth to limit it. This issue affects Apache Traffic Server: from 10.0.0 through 10.0.5,...

7.5CVSS5.3AI score0.00632EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/06/19 3:46 a.m.3 views

SUSE CVE-2022-49941

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

8.6AI score
Exploits0References3
Rows per page
Query Builder