Lucene search
K

12 matches found

SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.8 views

SUSE CVE-2026-31515

In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...

4.4CVSS5.6AI score0.00123EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003846 advisory. In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack...

5.4CVSS6.5AI score0.00962EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0625

Malicious code in bioql PyPI...

9.8CVSS7.2AI score0.00932EPSS
Exploits0References5
OSV
OSV
added 2025/09/19 1:13 p.m.4 views

OESA-2025-2315 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/tls: fix kernel panic when allocpage failed We cannot set fraglist to NULL pointer when allocpage failed. It will be used in tlsstrpcheckqueueok when the nex...

7.8CVSS6.2AI score0.0017EPSS
Exploits0References10
OSV
OSV
added 2025/07/03 9:15 a.m.13 views

AZL-64526 CVE-2025-38147 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: calipso: Don't call calipso functions for AFINET sk. syzkaller reported a null-ptr-deref in txoptget. 0 The offset 0x70 was of struct ipv6txoptions in struct ipv6pinfo, so struct ipv6pinfo was NULL there. However, this never...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/03 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of address family validation, which could lead to null pointer dereferencing...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 7:29 a.m.11 views

CVE-2024-25117

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

9.8CVSS9.6AI score0.00932EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 6:4 p.m.22 views

GHSA-F3QR-QR4X-J273 php-svg-lib lacks path validation on font through SVG inline styles

Summary php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP href, 0, 7 === "phar://" || $this-document-allowExternalReferences === false && \strtolower\substr$this-href, 0, 5 !== "data:" unset$style"font-family"; PoC Parsing the following SVG...

6.8CVSS7.8AI score0.00932EPSS
Exploits0References5
OSV
OSV
added 2024/02/21 5:15 p.m.3 views

DEBIAN-CVE-2024-25117

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

9.8CVSS7.5AI score0.00932EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 4:25 p.m.24 views

CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

6.8CVSS7.5AI score0.00932EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/02/21 4:25 p.m.20 views

CVE-2024-25117

php-svg-lib is a scalable vector graphics SVG file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP 8.0, and doesn't validate if external references are allowed. This might leads to bypass...

9.8CVSS7.5AI score0.00932EPSS
Exploits0
OSV
OSV
added 2020/03/24 10:15 p.m.2 views

DEBIAN-CVE-2020-10942

In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls...

5.3CVSS6.7AI score0.00962EPSS
Exploits1References1
Rows per page
Query Builder