Lucene search
K

17 matches found

RedHat Linux
RedHat Linux
added 2025/11/03 12:20 p.m.12 views

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS6.7AI score0.02394EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/11/03 12:20 p.m.7 views

libssh: out-of-bounds read in sftp_handle()

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in...

8.1CVSS6.7AI score0.02394EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/23 12:0 a.m.4 views

RHEL 9 : libssh (RHSA-2025:19012)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19012 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

8.1CVSS6.6AI score0.02394EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

EulerOS 2.0 SP10 : libssh (EulerOS-SA-2025-2104)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftphandle function due to an incorrect comparison check that...

8.1CVSS6.6AI score0.02394EPSS
Exploits0References2
NVD
NVD
added 2025/07/10 8:15 a.m.4 views

CVE-2025-38294

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when ath12kmacassignviftovdev fails, the radio handle ar gets accessed from the link VIF handle arvif for debug logging, This is incorrect. In the fail...

5.5CVSS0.00137EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/23 12:0 a.m.6 views

Amazon Linux 2023 : perl-File-Find-Rule-Perl (ALAS2023-2025-1047)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1047 advisory. File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename. A file handle is opened with the 2 argument form of open allowing an attacker...

8.8CVSS7.8AI score0.00736EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Chromium

The incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

9.6CVSS7.2AI score0.00375EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.6 views

Amazon Linux 2 : perl-File-Find-Rule (ALAS-2025-2891)

The version of perl-File-Find-Rule installed on the remote host is prior to 0.33-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2891 advisory. File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when grep encounters a crafted filename...

8.8CVSS7.9AI score0.00736EPSS
Exploits0References4
Amazon
Amazon
added 2025/06/10 12:0 a.m.4 views

Important: perl

Issue Overview: Thread creation while a directory handle is open does a fchdir, affecting other threads race condition CVE-2025-40909 Affected Packages: perl Issue Correction: Run dnf update perl --releasever 2023.7.20250609 to update your system. New Packages: aarch64: ...

5.9CVSS7.2AI score0.00368EPSS
Exploits0
OSV
OSV
added 2025/05/23 8:6 p.m.7 views

MGASA-2025-0159 Updated chromium-browser-stable packages fix security vulnerabilities

Heap buffer overflow in HTML. CVE-2025-4096 Out of bounds memory access in DevTools. CVE-2025-4050 Insufficient data validation in DevTools. CVE-2025-4051 Inappropriate implementation in DevTools. CVE-2025-4052 Use after free in WebAudio. CVE-2025-4372 Insufficient policy enforcement in Loader...

9.8CVSS10AI score0.05329EPSS
Exploits3References5
RedhatCVE
RedhatCVE
added 2025/05/23 1:16 a.m.7 views

CVE-2022-29207

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but...

5.5CVSS6.7AI score0.00317EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome that stems from an unspecified incorrect handle being provided, which could lead to information disclosure, elevation of privilege...

9.6CVSS8.3AI score0.00375EPSS
Exploits1References5
NVD
NVD
added 2025/02/12 6:15 p.m.17 views

CVE-2025-25199

go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation CNG. Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to cng.TLS1PRF don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41...

7.5CVSS0.0128EPSS
Exploits0References2
OSV
OSV
added 2025/01/18 2:4 a.m.14 views

SUSE-SU-2025:0188-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. - CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. -...

7.8CVSS7.6AI score0.00352EPSS
Exploits1References15
OSV
OSV
added 2022/11/24 10:21 p.m.10 views

MGASA-2022-0435 Updated java packages fix security vulnerability

Class compilation issue. CVE-2022-21540 Improper restriction of MethodHandle.invokeBasic. CVE-2022-21541 Integer truncation issue in Xalan-J. CVE-2022-34169 Improper MultiByte conversion can lead to buffer overflow. CVE-2022-21618 Improper handling of long NTLM client hostnames. CVE-2022-21619...

7.5CVSS6.3AI score0.17673EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2022/05/20 10:10 p.m.3 views

CVE-2022-29207 Undefined behavior when users supply invalid resource handles in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but...

5.5CVSS5.7AI score0.00317EPSS
Exploits1References7
OSV
OSV
added 2021/01/04 1:52 p.m.2 views

USN-4668-3 python-apt regression

USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A loca...

5.8AI score
Exploits0References2
Rows per page
Query Builder