Lucene search
K

1216 matches found

NVD
NVD
added 2025/09/05 6:15 p.m.3 views

CVE-2025-38736

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this mask, invalid PHY...

7.1CVSS0.00149EPSS
Exploits0References8
OSV
OSV
added 2025/09/05 6:15 p.m.2 views

UBUNTU-CVE-2025-38736

In the Linux kernel, the following vulnerability has been resolved: net: usb: asixdevices: Fix PHY address mask in MDIO bus initialization Syzbot reported shift-out-of-bounds exception on MDIO bus initialization. The PHY address should be masked to 5 bits 0-31. Without this mask, invalid PHY...

7.1CVSS5.7AI score0.00149EPSS
Exploits0References9
CVE
CVE
added 2025/09/05 5:20 p.m.26 views

CVE-2025-38736

Technical details about CVE-2025-38736 are not provided in the connected documents. The initial description notes a Linux kernel MDIO PHY address masking fix (mask with 0x1f) in net: usb: asix_devices to prevent OOB/invalid MDIO addresses. Connected advisories reference the CVE, but do not supply...

7.1CVSS5.8AI score0.00149EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the insn-n sample not being handled by the insnrwemulatebits function of the comedi module...

7.8CVSS6AI score0.00171EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-34244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbuswritebits function. This issue can be triggered when the function is fed with specially crafted...

7.5CVSS5.8AI score0.00524EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/08/31 12:0 a.m.5 views

PT-2025-49070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-syzkaller Description The Linux kernel had an uninitialized value issue within the hfs find set zero bits function, specifically related to the HFS filesystem. The issue was identified by syzbot and involv...

4.6CVSS6.4AI score0.00184EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2006-4484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the LWZReadByte function in ext/gd/libgd/gdgifin.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact...

2.6CVSS5.7AI score0.06357EPSS
Exploits1References2
NVD
NVD
added 2025/08/22 5:15 p.m.4 views

CVE-2025-55398

An issue was discovered in mouse07410 asn1c thru 0.9.29 2025-03-20 - a fork of vlm asn1c. In UPER Unaligned Packed Encoding Rules, asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious inp...

9.8CVSS0.00345EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-15423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512password b...

5.3CVSS7AI score0.01513EPSS
Exploits0References2
OSV
OSV
added 2025/08/19 5:15 p.m.6 views

AZL-66491 CVE-2025-38556 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: HID: core: Harden s32ton against conversion to 0 bits Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should...

7.1CVSS5.6AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/19 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the s32ton function not being handled correctly when converting 0 bits, which could lead to a crash...

7.1CVSS6.4AI score0.0015EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/18 1:48 a.m.10 views

kernel: USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor

A vulnerability was found in the usbparseendpoint function in the Linux kernel's usb drivers, where improper handling of the reserved bits in an endpoint descriptor's bEndpointAddress field can lead to confusion in the endpointisduplicate routine in config.c. This will erroneously treat the same...

5.5CVSS7.1AI score0.00299EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: riscv: fix runtime constant support for nommu kernels the runtimefixup32 function does not...

5.5CVSS5.2AI score0.00137EPSS
Exploits0References2
OSV
OSV
added 2025/08/16 12:15 p.m.1 views

DEBIAN-CVE-2025-38530

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

7.1CVSS6AI score0.00164EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in observed-bits (npm)

The package observed-bits was found to contain malicious code...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.7 views

use-rtg (>=1.0.1 <=1.0.3) potentially affected by unknown CVE via observed-bits (=0.3.1)

observed-bits NPM version =0.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on observed-bits and may be impacted: - use-rtg =1.0.1, =1.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-28060...

5.8AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-28060 Malicious code in observed-bits (npm)

The package observed-bits was found to contain malicious code...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/06 12:0 a.m.4 views

PT-2025-32241 · Unknown · Thinbus-Srp-Npm

Name of the Vulnerable Software and Affected Versions: thinbus-srp-npm versions 2.0.0 and below Description: A protocol compliance bug exists in the Javascript Secure Remote Password implementation, specifically in the client's entropy generation. The client generates a fixed 252 bits of entropy...

9.1CVSS7.5AI score0.00449EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.5 views

PT-2025-37960

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack overrun issue was resolved in the Linux kernel related to KVM on RISC-V architectures when loading vlenb. A userspace load could potentially place up to 2048 bits into a stack...

5.5CVSS6.5AI score0.00135EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.7 views

The vulnerability of the insn_rw_emulate_bits() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the insnrwemulatebits function in the Linux operating system is related to access to an uninitialized pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00158EPSS
Exploits0References11Affected Software4
Rows per page
Query Builder