Lucene search
+L

304 matches found

Redos
Redos
added 2025/09/04 12:0 a.m.7 views

ROS-20250904-10

The vulnerability of the dpkg-deb command line utility included in the dpkg package is related to the peculiarities of processing of temporary files by the package manager when extracting them to a temporary directory. Exploitation vulnerability could allow an attacker acting remotely to cause a...

8.2CVSS6.5AI score0.00341EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-31523

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has capnetraw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to ga...

7.8CVSS7AI score0.00318EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-9706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service use- after-free and daemon crash because of a forcerescanuser...

5.5CVSS5.8AI score0.0046EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-0373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The genclasspod implementation in lib/Config/Model/Utils/GenClassPod.pm in Config-Model aka libconfig- model-perl before 2.102 has a dangerous use lib line, whi...

7.3CVSS7.1AI score0.01837EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2014-8625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the parseerrormsg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service...

6.8CVSS6AI score0.03296EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/08/22 9:15 p.m.7 views

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

9.6CVSS7.2AI score0.00375EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/08/11 12:0 a.m.3 views

SUSE: Security Advisory (SUSE-SU-2025:02734-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.9AI score0.00341EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2025/08/11 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:02734-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.9AI score0.00341EPSS
Exploits0References4
OSV
OSV
added 2025/08/08 8:5 a.m.2 views

SUSE-SU-2025:02734-1 Security update for dpkg

This update for dpkg fixes the following issues: - CVE-2025-6297: Fixed an improper sanitization of directory permissions that could lead to DoS. bsc1245573...

8.2CVSS6.5AI score0.00341EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/08/07 2:15 a.m.4 views

CVE-2025-8582

Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.9AI score0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/08/01 6:15 a.m.45 views

CVE-2025-8454

It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the life of a Debian Package maintainer easier, skips OpenPGP verification if the upstream source is already downloaded from a previous run even...

9.8CVSS0.00235EPSS
Exploits0References1
OSV
OSV
added 2025/08/01 6:15 a.m.12 views

CVE-2025-8454

It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the life of a Debian Package maintainer easier, skips OpenPGP verification if the upstream source is already downloaded from a previous run even...

9.8CVSS6.1AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/07/30 2:17 a.m.5 views

CVE-2025-8292

Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00315EPSS
Exploits0References3
Fedora
Fedora
added 2025/07/22 1:12 a.m.11 views

[SECURITY] Fedora 42 Update: dpkg-1.22.20-1.fc42

This package provides the low-level infrastructure for handling the installation and removal of Debian software packages. This package contains the tools including dpkg-source required to unpack, build and upload Debian source packages. This package also contains the programs dpkg which used to...

8.2CVSS7.3AI score0.00341EPSS
Exploits0
OSV
OSV
added 2025/07/01 5:15 p.m.8 views

AZL-64641 CVE-2025-6297 affecting package dpkg 1.20.10-1

It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...

8.2CVSS7.5AI score0.00341EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/01 12:0 a.m.6 views

dpkg-deb 安全漏洞

dpkg-deb is a package manager in Linux from the Debian community. A security vulnerability exists in dpkg-deb that stems from improperly cleaned directory permissions and could lead to a denial of service attack...

8.2CVSS6.2AI score0.00341EPSS
Exploits0References4
OSV
OSV
added 2025/06/26 9:15 p.m.8 views

DEBIAN-CVE-2014-7210

pdns specific as packaged in Debian in version before 3.3.1-1 creates a too privileged MySQL user. It was discovered that the maintainer scripts of pdns-backend-mysql grant too wide database permissions for the pdns user. Other backends are not affected...

9.8CVSS5.3AI score0.00433EPSS
Exploits0References1
Debian
Debian
added 2025/06/12 2:41 a.m.76 views

[SECURITY] [DSA 5942-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5942-1 [email protected] https://www.debian.org/security/ Andres Salomon June 11, 2025 https://www.debian.org/security/faq -...

8.8CVSS7.8AI score0.10666EPSS
Exploits0
Debian
Debian
added 2025/06/08 8:28 p.m.13 views

[SECURITY] [DSA 5940-1] modsecurity-apache security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5940-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2025 https://www.debian.org/security/faq -...

7.5CVSS7.6AI score0.00797EPSS
Exploits2
OpenVAS
OpenVAS
added 2025/06/02 12:0 a.m.7 views

Debian: Security Advisory (DLA-4204-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.6CVSS7.1AI score0.00272EPSS
Exploits0References2
Rows per page
Query Builder