Lucene search
K

66 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:10 p.m.9 views

CVE-2021-38568

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format...

9.8CVSS7.1AI score0.01087EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:53 p.m.5 views

CVE-2021-43620

An issue was discovered in the fruity crate through 0.2.0 for Rust. Security-relevant validation of filename extensions is plausibly affected. Methods of NSString for conversion to a string may return a partial result. Because they call CStr::fromptr on a pointer to the string buffer, the string ...

7.5CVSS6.6AI score0.01314EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.8 views

CVE-2013-0233

Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass...

6.8CVSS7.3AI score0.14126EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:3 a.m.8 views

CVE-2011-0227

The queueing primitives in IOMobileFrameBuffer in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 do not properly perform type conversion, which allows local users to gain privileges via a crafted application...

7.2CVSS6.1AI score0.00315EPSS
Exploits0References1
CVE
CVE
added 2025/04/16 2:12 p.m.125 views

CVE-2025-22044

CVE-2025-22044 relates to a Linux kernel vulnerability in the ACPI NFIT handling (acpi_nfit_ctl). The issue arises from a narrowing conversion of a user-supplied 64‑bit value (call_pkg->nd_family) to int after a zero-check, which could allow an invalid argument to pass when the lower 32 bits a...

5.5CVSS6.4AI score0.00185EPSS
Exploits0References10Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/25 12:0 a.m.9 views

CVE-2025-27835

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c...

7.6AI score0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/21 8:23 a.m.12 views

CVE-2025-27933 Unauthorized Private-to-Public Channel Conversion

Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...

5.4CVSS6.8AI score0.00195EPSS
Exploits0References1
CVE
CVE
added 2025/03/21 8:23 a.m.215 views

CVE-2025-27933

Mattermost CVE-2025-27933 affects Mattermost Server 9.11.x <= 9.11.8, 10.3.x <= 10.3.3, and 10.4.x

5.4CVSS5.4AI score0.00195EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/21 8:23 a.m.25 views

CVE-2025-27933 Unauthorized Private-to-Public Channel Conversion

Mattermost versions 10.4.x = 10.4.2, 10.3.x = 10.3.3, 9.11.x = 9.11.8 fail to fail to enforce channel conversion restrictions, which allows members with permission to convert public channels to private ones to also convert private ones to public...

5.4CVSS0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/20 10:10 a.m.15 views

CVE-2024-7983 Denial of Service in open-webui/open-webui

In version 0.3.8 of open-webui, an endpoint for converting markdown to HTML is exposed without authentication. A maliciously crafted markdown payload can cause the server to spend excessive time converting it, leading to a denial of service. The server becomes unresponsive to other requests until...

7.5CVSS0.00811EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.11 views

EulerOS 2.0 SP12 : curl (EulerOS-SA-2025-1186)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than...

6.5CVSS6.7AI score0.0197EPSS
Exploits1References2
OSV
OSV
added 2024/10/21 6:15 p.m.6 views

AZL-51778 CVE-2024-49962 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: ACPICA: check null return of ACPIALLOCATEZEROED in acpidbconverttopackage ACPICA commit 4d4547cf13cca820ff7e0f859ba83e1a610b9fd0 ACPIALLOCATEZEROED may fail, elements might be NULL and will cause NULL pointer dereference later...

5.5CVSS6.7AI score0.00249EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/21 12:0 a.m.3 views

PT-2024-40567 · Git +1 · Simdutf

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow write error. Technical details include the crash type and state, specifically mentioning...

7AI score
Exploits0References2
CNNVD
CNNVD
added 2024/03/11 12:0 a.m.8 views

Linux kernel security vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the fact that scrub causes an irreparable failure when ext4 is converted to btrfs...

7.8CVSS6.7AI score0.00291EPSS
Exploits0References4
OSV
OSV
added 2024/02/27 7:4 p.m.2 views

DEBIAN-CVE-2021-46940

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...

5.5CVSS4.7AI score0.00222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.13 views

PT-2024-20002

Name of the Vulnerable Software and Affected Versions BuildKit versions prior to 0.12.5 Description A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue is related to the conversion of source code to build artifacts. As ...

10CVSS7.1AI score0.66252EPSS
Exploits35References351
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.31 views

GLSA-202401-27 : Ruby: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-27 Ruby: Multiple vulnerabilities - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header...

9.8CVSS8.1AI score0.04766EPSS
Exploits6References18
Github Security Blog
Github Security Blog
added 2023/08/22 6:3 p.m.26 views

Weaviate denial of service vulnerability

Impact This vulnerability is a type conversion issue that affects users of Weaviate Server versions 1.20.0 and earlier. Who is impacted: Users of Weaviate Server versions 1.20.0 and earlier are impacted by this vulnerability. Patches A patch has been developed for this vulnerability. Patch releas...

7.5CVSS6.7AI score0.017EPSS
Exploits1References9Affected Software1
Positive Technologies
Positive Technologies
added 2023/08/21 12:0 a.m.2 views

PT-2023-26715 · Weaviate · Weaviate

Name of the Vulnerable Software and Affected Versions: Weaviate versions 1.20.0 and earlier Description: The issue is a type conversion problem that allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function. This affects users of Weaviate Server versions...

7.5CVSS7.2AI score0.017EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2023/06/23 12:0 a.m.4 views

PT-2023-17241 · Unknown · Orangescrum

Name of the Vulnerable Software and Affected Versions: OrangeScrum version 2.0.11 Description: The issue allows an external attacker to remotely obtain AWS instance credentials. This is possible because the application does not properly validate the HTML content to be converted to PDF...

7.6CVSS7.2AI score0.00576EPSS
Exploits1References5
Rows per page
Query Builder