Lucene search
K

147 matches found

CNNVD
CNNVD
added 2025/05/16 12:0 a.m.5 views

GNU PSPP 缓冲区错误漏洞

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a buffer overflow vulnerability that originates from a boundary error when processing untrusted input. An attacker could exploit this vulnerability to cause a denial of...

5.5CVSS7AI score0.00141EPSS
Exploits1References2
CVE
CVE
added 2025/05/16 12:0 a.m.46 views

CVE-2025-48188

The CVE-2025-48188 issue affects GNU PSPP’s libpspp-core.a up to version 2.0.1. A faulty call from fill_buffer (data/encrypted-file.c) to the Gnulib rijndaelDecrypt function leads to a heap-based buffer over-read, which can cause memory disclosure or an application crash. Several sources (includi...

5.5CVSS4.1AI score0.00141EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/16 12:0 a.m.10 views

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

2.9CVSS0.00141EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/16 12:0 a.m.13 views

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

2.9CVSS7.2AI score0.00141EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2025/05/16 12:0 a.m.13 views

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS5.7AI score0.00141EPSS
Exploits1
CNVD
CNVD
added 2025/05/14 12:0 a.m.3 views

GNU PSPP Denial of Service Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis. A denial of service vulnerability exists in GNU PSPP, which can be exploited by an attacker to cause assertion failures and application exits...

5.5CVSS3.5AI score0.00154EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/12 12:6 a.m.25 views

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red H...

2.9CVSS3.9AI score0.00298EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/12 12:6 a.m.27 views

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...

4.5CVSS4.9AI score0.00258EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/12 12:6 a.m.28 views

CVE-2025-47815

A flaw was found in the GNU PSPP ZIP Reader functionality. This vulnerability allows attackers to cause a heap-based buffer overflow via a crafted ZIP archive. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

4.5CVSS4.7AI score0.00258EPSS
Exploits1References4
NVD
NVD
added 2025/05/10 10:15 p.m.21 views

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

9.8CVSS0.00258EPSS
Exploits1References1
NVD
NVD
added 2025/05/10 10:15 p.m.16 views

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

9.8CVSS0.00258EPSS
Exploits1References1
NVD
NVD
added 2025/05/10 10:15 p.m.18 views

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

9.1CVSS0.00298EPSS
Exploits1References1
OSV
OSV
added 2025/05/10 10:15 p.m.7 views

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

9.8CVSS7.1AI score
Exploits0References1
OSV
OSV
added 2025/05/10 10:15 p.m.17 views

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

9.8CVSS7.1AI score
Exploits0References1
OSV
OSV
added 2025/05/10 10:15 p.m.6 views

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

9.1CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2025/05/10 10:15 p.m.2 views

UBUNTU-CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

9.1CVSS5.8AI score0.00298EPSS
Exploits1References3
CVE
CVE
added 2025/05/10 12:0 a.m.68 views

CVE-2025-47815

CVE-2025-47815 affects GNU PSPP up to version 2.0.1, via the libpspp-core.a component. The issue is a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c, due to improper validation of input length/size. This is the stated root cause and vulnera...

9.8CVSS5AI score0.00258EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/05/10 12:0 a.m.72 views

CVE-2025-47814

CVE-2025-47814 describes a heap-based buffer overflow in PSPP’s zip reader. The vulnerable component is the PSPP core library, specifically the file zip-reader.c, within the function inflate_read (called indirectly from spv_read_xml_member). This issue affects the library artifact libpspp-core.a ...

9.8CVSS7.3AI score0.00258EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/10 12:0 a.m.11 views

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

4.5CVSS0.00258EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.2 views

PT-2025-20642 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause a heap-based buffer overflow in inflate read called indirectly from spv read xml member in zip-reader.c. Recommendations: For GNU PSPP versions 2.0.1 and...

9.8CVSS4.6AI score0.00258EPSS
Exploits1References14
Rows per page
Query Builder