Lucene search
K

526 matches found

UbuntuCve
UbuntuCve
added 2025/11/21 11:15 a.m.4 views

CVE-2025-40211

In the Linux kernel, the following vulnerability has been resolved: ACPI: video: Fix use-after-free in acpivideoswitchbrightness The switchbrightnesswork delayed work accesses device-brightness and device-backlight, freed by acpivideodevunregisterbacklight during device removal. If the work...

5.9AI score0.00175EPSS
Exploits0References30
UbuntuCve
UbuntuCve
added 2025/11/12 10:15 p.m.3 views

CVE-2025-40201

In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of tasklocktsk-groupleader in sysprlimit64 paths The usage of tasklocktsk-groupleader in sysprlimit64-doprlimit path is very broken. sysprlimit64 does gettaskstructtsk but this only protects...

5.7AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2025/11/12 5:15 p.m.2 views

CVE-2025-59089

If an attacker causes kdcproxy to connect to an attacker-controlled KDC server e.g. through server-side request forgery, they can exploit the fact that kdcproxy does not enforce bounds on TCP response length to conduct a denial-of-service attack. While receiving the KDC's response, kdcproxy copie...

5.9CVSS6AI score0.00511EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/11/12 11:15 a.m.6 views

CVE-2025-40128

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00018EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/11/12 11:15 a.m.3 views

CVE-2025-40160

In the Linux kernel, the following vulnerability has been resolved: xen/events: Return -EEXIST for bound VIRQs Change findvirq to return -EEXIST when a VIRQ is bound to a different CPU than the one passed in. With that, remove the BUGON from bindvirqtoirq to propogate the error upwards. Some VIRQ...

5.7AI score0.00182EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2025/11/12 11:15 a.m.3 views

CVE-2025-40168

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...

5.7AI score0.0017EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/10/29 8:15 p.m.3 views

CVE-2025-10921

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.00452EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/29 2:15 p.m.2 views

CVE-2025-40084

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

5.7AI score0.00183EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/10/29 2:15 p.m.2 views

CVE-2023-7324

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addldescptr out-of-bounds accesses Sanitize possible addldescptr out-of-bounds accesses in sesenclosuredataprocess...

5.9AI score0.00193EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/10/28 12:15 p.m.9 views

CVE-2025-40071

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

5.7AI score0.00183EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/10/28 12:15 p.m.3 views

CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

5.8AI score0.00202EPSS
Exploits0References37
UbuntuCve
UbuntuCve
added 2025/10/21 8:20 p.m.3 views

CVE-2025-61759

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...

6.5CVSS6.8AI score0.00176EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/10/20 6:15 p.m.4 views

CVE-2025-62693

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in The Wikimedia Foundation Mediawiki - LastModified Extension allows Stored XSS.This issue affects Mediawiki - LastModified Extension: from master before 1.39...

6.9CVSS5.9AI score0.00311EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/17 7:15 p.m.3 views

CVE-2024-31573

XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...

4CVSS7.3AI score0.00216EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/10/13 2:15 p.m.2 views

CVE-2025-39964

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Disallow concurrent writes in afalgsendmsg Issuing two writes to the same afalg socket is bogus as the data will be interleaved in an unpredictable fashion. Furthermore, concurrent writes may create inconsistencie...

3.3CVSS6.3AI score0.00232EPSS
Exploits0References42
UbuntuCve
UbuntuCve
added 2025/10/07 4:15 p.m.2 views

CVE-2022-50534

In the Linux kernel, the following vulnerability has been resolved: dm thin: Use last transaction's pmd-root when commit failed Recently we found a softlock up problem in dm thin pool btree lookup code due to corrupted metadata: Kernel panic - not syncing: softlockup: hung tasks CPU: 7 PID: 26692...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/10/07 4:15 p.m.2 views

CVE-2022-50547

In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: fix possible memory leak in solosysfsinit If deviceregister returns error in solosysfsinit, the name allocated by devsetname need be freed. As comment of deviceregister says, it should use putdevice to give up th...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.3 views

CVE-2025-59728

When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...

8.7CVSS6AI score0.00172EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/10/06 12:0 a.m.2 views

CVE-2025-61765

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

6.4CVSS6.9AI score0.00446EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/05 1:15 a.m.2 views

CVE-2025-11275

A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. Such manipulation leads to heap-based buffer overflow. The...

7.8CVSS6.1AI score0.00225EPSS
Exploits1References5
Rows per page
Query Builder