Lucene search
K

17206 matches found

OSV
OSV
added 2025/11/18 12:0 a.m.5 views

ALSA-2025:21702 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

7.5CVSS6.9AI score0.00526EPSS
Exploits1References4
CNVD
CNVD
added 2025/11/18 12:0 a.m.4 views

Google Chrome DevTools Improperly Implemented Vulnerability

Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a DevTools mal-implementation vulnerability that can be exploited by an attacker to cause a sandbox escape...

7.5CVSS6.9AI score0.00176EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

RHEL 9 : buildah (RHSA-2025:21634)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21634 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References4
CNVD
CNVD
added 2025/11/18 12:0 a.m.4 views

Google Chrome Code Problem Vulnerability (CNVD-2025-29240)

Google Chrome is a web browser developed by Google. A security vulnerability exists in Google Chrome versions prior to 136.0.7103.59, which stems from a flaw in the security handling of the sandboxing mechanism. The vulnerability can be exploited by an attacker to achieve a sandbox escape via a...

5.4CVSS6.8AI score0.00144EPSS
Exploits1References1
AlmaLinux
AlmaLinux
added 2025/11/18 12:0 a.m.8 views

Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs...

7.5CVSS6.4AI score0.00526EPSS
Exploits1References4
OSV
OSV
added 2025/11/17 7:11 p.m.3 views

GO-2025-4106 Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve

Soft Serve does not sanitize ANSI escape sequences in user input in github.com/charmbracelet/soft-serve...

4.6CVSS6.8AI score0.00155EPSS
Exploits0References3
NVD
NVD
added 2025/11/17 6:15 p.m.7 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS0.00172EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 6:15 p.m.3 views

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

7.4CVSS5.8AI score0.00172EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/17 5:18 p.m.7 views

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/17 5:18 p.m.7 views

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

6.6AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/11/17 5:18 p.m.19 views

CVE-2025-58407

CVE-2025-58407 concerns Imagination Technologies GPU DDK/driver software used in a Guest VM. The vulnerability is a TOCTOU race in the GPU firmware interaction (psFWMemContext->uiPageCatBaseRegSet) that could allow reading and/or writing data outside the allotted memory, enabling escape from t...

7.4CVSS6.6AI score0.00172EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/11/17 12:0 a.m.6 views

PT-2025-47174

Name of the Vulnerable Software and Affected Versions versions prior to 2025 Description Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware, potentially exploiting a TOCTOU race condition. This could lead to a read and/or write of data outside the...

7.4CVSS6.5AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/17 12:0 a.m.2 views

RHEL 10 : buildah (RHSA-2025:21633)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21633 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working...

7.5CVSS7.1AI score0.00526EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/16 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-13097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted...

5.4CVSS5.7AI score0.00144EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/15 12:0 a.m.6 views

SUSE SLES15: tomcat10 / tomcat10-admin-webapps / tomcat10-doc / etc (SUSE-SU-2025:4103-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4103-1 advisory. Update to Tomcat 10.1.48 - CVE-2025-55752: Fixed directory traversal via rewrite with possible RCE if PUT is enabled...

9.6CVSS7.2AI score0.66535EPSS
Exploits4References10
OSV
OSV
added 2025/11/14 12:39 p.m.6 views

OESA-2025-2686 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00418EPSS
Exploits2References3
OSV
OSV
added 2025/11/14 12:39 p.m.5 views

OESA-2025-2685 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00418EPSS
Exploits2References3
OSV
OSV
added 2025/11/14 12:39 p.m.2 views

OESA-2025-2683 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00294EPSS
Exploits1References2
OSV
OSV
added 2025/11/14 12:39 p.m.4 views

OESA-2025-2682 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.9AI score0.00418EPSS
Exploits2References3
OSV
OSV
added 2025/11/14 12:39 p.m.2 views

OESA-2025-2681 python-ldap security update

python-ldap: python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. Mainly it wraps the OpenLDAP 2.x libs for that purpose. Additionally the package contains modules for other LDAP-related stuff e.g. processing LDIF, LDAPURLs, LDAPv3 schema, LDAPv3...

6.9CVSS6.7AI score0.00418EPSS
Exploits2References3
Rows per page
Query Builder