Lucene search
K

375 matches found

Amazon
Amazon
added 2025/10/14 12:0 a.m.5 views

Medium: cuda-cuobjdump-12-9

Issue Overview: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. CVE-2025-23272 Affected Packages:...

5.7CVSS6.5AI score0.00141EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.3 views

Medium: cuda-nvtx-12-9

Issue Overview: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. CVE-2025-23272 Affected Packages:...

5.7CVSS6.5AI score0.00141EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.6 views

Medium: libcusolver-12-9

Issue Overview: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. CVE-2025-23272 Affected Packages:...

5.7CVSS6.5AI score0.00141EPSS
Exploits0
Amazon
Amazon
added 2025/09/29 12:0 a.m.5 views

Important: kernel-livepatch-6.12.35-55.103

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 Affected Packages: kernel-livepatch-6.12.35-55.103 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

5.5CVSS6.4AI score0.00128EPSS
Exploits0
Amazon
Amazon
added 2025/09/29 12:0 a.m.4 views

Low: ruby3.2

Issue Overview: REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches t...

5.3CVSS7.1AI score0.00231EPSS
Exploits0
CVE
CVE
added 2025/09/22 8:26 p.m.62 views

CVE-2025-59532

CVE-2025-59532 affects OpenAI Codex CLI (v0.2.0–0.38.0). A sandbox configuration bug caused the model-generated cwd to be treated as the sandbox’s writable root, enabling arbitrary file writes and command execution outside the user’s session workspace. The issue did not impact the network-disable...

8.6CVSS6.9AI score0.00815EPSS
Exploits1References3
Amazon
Amazon
added 2025/09/15 12:0 a.m.3 views

Important: kernel-livepatch-6.1.141-167.250

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing CVE-2025-38386 Affected Packages: kernel-livepatch-6.1.141-167.250 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

5.5CVSS6.4AI score0.00166EPSS
Exploits0
Amazon
Amazon
added 2025/09/15 12:0 a.m.7 views

Important: kernel-livepatch-6.1.141-165.249

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing CVE-2025-38386 Affected Packages: kernel-livepatch-6.1.141-165.249 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

5.5CVSS6.4AI score0.00166EPSS
Exploits0
Amazon
Amazon
added 2025/08/19 12:0 a.m.3 views

Important: kernel-livepatch-5.10.237-230.949

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 Affected Packages: kernel-livepatch-5.10.237-230.949 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS6.7AI score0.00148EPSS
Exploits0
Amazon
Amazon
added 2025/08/19 12:0 a.m.5 views

Important: kernel-livepatch-4.14.355-280.664

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 Affected Packages: kernel-livepatch-4.14.355-280.664 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS6.7AI score0.00148EPSS
Exploits0
Amazon
Amazon
added 2025/08/04 12:0 a.m.3 views

Important: nvidia-driver

Issue Overview: NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or...

7.3CVSS6.8AI score0.00182EPSS
Exploits0
Amazon
Amazon
added 2025/08/04 12:0 a.m.4 views

Low: cuda-nvdisasm-13-0

Issue Overview: Placeholder CVE. Details forthcoming CVE-2025-23248 Affected Packages: cuda-nvdisasm-13-0 Issue Correction: Run dnf update cuda-nvdisasm-13-0 --releasever latest or dnf update --advisory ALAS2023NVIDIA-2025-144 --releasever latest to update your system. More information on how to...

3.3CVSS6.9AI score0.00146EPSS
Exploits0
Amazon
Amazon
added 2025/07/29 12:0 a.m.4 views

Important: kernel-livepatch-6.12.29-33.102

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vxlan: Annotate FDB data races CVE-2025-38037 Affected Packages: kernel-livepatch-6.12.29-33.102 Issue Correction: Please ensure you have live patching enabled. Run dnf update kernel-livepatch-6.12.29-33.102...

5.5CVSS6.5AI score0.00182EPSS
Exploits0
Amazon
Amazon
added 2025/07/10 12:0 a.m.3 views

Medium: python3.12

Issue Overview: The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. CVE-2025-6069 Affected Packages: python3.12 Issue Correction: Run dnf update python3.12 --releasever...

4.3CVSS6.8AI score0.00473EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/07/08 12:0 a.m.80 views

KB5062799: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: July 8, 2025

KB5062799: Servicing stack update for Windows 10, version 1607 and Windows Server 2016: July 8, 2025 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates o...

5.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/07 12:0 a.m.3 views

PT-2025-28247 · Mediawiki · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - AbuseFilter Extension versions 1.39.0 through 1.39.12 Mediawiki - AbuseFilter Extension versions 1.42.0 through 1.42.6 Mediawiki - AbuseFilter Extension versions 1.43.0 through 1.43.1 Description: The issue is related to a Missing...

9.1CVSS6.3AI score0.00289EPSS
Exploits0References4
Amazon
Amazon
added 2025/06/24 12:0 a.m.4 views

Important: libvpx

Issue Overview: Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium Duplicate: https://console.harmony.a2z.com/al-cve-eval/cve/TEMP-1106689-EC87F6 CVE-2025-528...

5.4CVSS7.2AI score0.00513EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2025/06/23 9:22 p.m.33 views

Claude Code Improper Authorization via websocket connections from arbitrary origins

Claude Code extensions in VSCode and forks e.g., Cursor, Windsurf, and VSCodium and JetBrains IDEs e.g., IntelliJ, Pycharm, and Android Studio are vulnerable to unauthorized websocket connections from an attacker when visiting attacker-controlled webpages. Claude Code for VSCode IDE extensions...

8.8CVSS7.4AI score0.00316EPSS
Exploits0References3Affected Software1
Rosalinux
Rosalinux
added 2025/06/23 7:23 a.m.32 views

Advisory ROSA-SA-2025-2898

Software: openssl 1.1.1k OS: ROSA Virtualization 3.0 packageevrstring: openssl-1.1.1k-12.0.1.rv30 CVE-ID: CVE-2019-1547 BDU-ID: 2019-04084 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the ecerr.c and eclib.c functions of the OpenSSL library is related to the lack of data encryption measures...

10CVSS9.2AI score0.96275EPSS
Exploits15
Amazon
Amazon
added 2025/06/23 12:0 a.m.7 views

Medium: perl-YAML-LibYAML

Issue Overview: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified CVE-2025-40908 Affected Packages: perl-YAML-LibYAML Issue Correction: Run dnf update perl-YAML-LibYAML --releasever 2023.7.20250623 or dnf update --advisory ALAS2023-2025-1036...

9.1CVSS6.8AI score0.00368EPSS
Exploits1
Rows per page
Query Builder