Lucene search
K

147 matches found

Cvelist
Cvelist
added 2025/05/10 12:0 a.m.12 views

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

2.9CVSS0.00298EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/10 12:0 a.m.4 views

GNU PSPP 安全漏洞

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from an out-of-bounds read vulnerability that stems from spvxmlparseattributes, no details of the vulnerability are provided at this time...

9.1CVSS6.8AI score0.00298EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.4 views

PT-2025-20644 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause an out-of-bounds read in spvxml-helpers.c spvxml parse attributes, related to extra content at the end of a document. Recommendations: For GNU PSPP versions...

9.1CVSS3.4AI score0.00298EPSS
Exploits1References17
Vulnrichment
Vulnrichment
added 2025/05/10 12:0 a.m.7 views

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

2.9CVSS3.6AI score0.00298EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/10 12:0 a.m.2 views

PT-2025-20643 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause a heap-based buffer overflow in the inflate read function, which is called indirectly from zip member read all in zip-reader.c. This can be exploited to caus...

9.8CVSS4.7AI score0.00258EPSS
Exploits1References14
Vulnrichment
Vulnrichment
added 2025/05/10 12:0 a.m.6 views

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

4.5CVSS4.8AI score0.00258EPSS
Exploits1References1
CVE
CVE
added 2025/05/10 12:0 a.m.68 views

CVE-2025-47815

CVE-2025-47815 affects GNU PSPP up to version 2.0.1, via the libpspp-core.a component. The issue is a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c, due to improper validation of input length/size. This is the stated root cause and vulnera...

9.8CVSS5AI score0.00258EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/10 12:0 a.m.11 views

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

4.5CVSS0.00258EPSS
Exploits1References1
CVE
CVE
added 2025/05/10 12:0 a.m.66 views

CVE-2025-47816

CVE-2025-47816 affects GNU PSPP (libpspp-core.a) through version 2.0.1. The vulnerability is an out-of-bounds read in spvxml_parse_attributes (spvxml-helpers.c), related to extra content at the end of a document. All provided connected sources corroborate this issue. Practical impact is an out-of...

9.1CVSS6.8AI score0.00298EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2025/05/10 12:0 a.m.11 views

CVE-2025-47814

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from spvreadxmlmember in zip-reader.c...

9.8CVSS5.5AI score0.00258EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/05/10 12:0 a.m.8 views

CVE-2025-47815

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread called indirectly from zipmemberreadall in zip-reader.c...

9.8CVSS5.5AI score0.00258EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/05/10 12:0 a.m.6 views

CVE-2025-47816

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxmlparseattributes out-of-bounds read, related to extra content at the end of a document...

9.1CVSS4.5AI score0.00298EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/05 1:6 a.m.16 views

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

2.9CVSS6.9AI score0.00154EPSS
Exploits1
NVD
NVD
added 2025/05/03 3:15 a.m.16 views

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

5.5CVSS0.00154EPSS
Exploits1References1
OSV
OSV
added 2025/05/03 3:15 a.m.6 views

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

5.5CVSS6.9AI score
Exploits0References1
OSV
OSV
added 2025/05/03 3:15 a.m.2 views

DEBIAN-CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

5.5CVSS5.5AI score0.00154EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/03 12:0 a.m.25 views

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

2.9CVSS0.00154EPSS
Exploits1References1
CVE
CVE
added 2025/05/03 12:0 a.m.72 views

CVE-2025-47229

CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...

5.5CVSS7.2AI score0.00154EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/03 12:0 a.m.6 views

CVE-2025-47229

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...

2.9CVSS6.8AI score0.00154EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/03 12:0 a.m.4 views

PT-2025-18938 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions through 2.0.1 Description: The issue allows attackers to cause a denial of service, resulting in an application exit, via crafted input data. This can be triggered by specific data that causes a call from the...

5.5CVSS6.4AI score0.00154EPSS
Exploits1References16
Rows per page
Query Builder