Lucene search
K

22 matches found

UbuntuCve
UbuntuCve
added 2025/03/27 5:15 p.m.7 views

CVE-2023-52989

In the Linux kernel, the following vulnerability has been resolved: firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region This patch is fix for Linux kernel v2.6.33 or later. For request subaction to IEC 61883-1 FCP region, Linux FireWire subsystem have had an issue...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/03/27 5:15 p.m.6 views

CVE-2023-53012

In the Linux kernel, the following vulnerability has been resolved: thermal: core: call putdevice only after deviceregister fails putdevice shouldn't be called before a prior call to deviceregister. thermalcoolingdeviceregister doesn't follow that properly and needs fixing. Also...

5.5CVSS5.9AI score0.00188EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/03/27 3:15 p.m.6 views

CVE-2025-21876

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix suspicious RCU usage Commit "iommu/vt-d: Allocate DMAR fault interrupts locally" moved the call to enabledrhdfaulthandling to a code path that does not hold any lock while traversing the drhd list. Fix it by...

5.5CVSS6.4AI score0.00187EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/03/26 5:15 p.m.8 views

CVE-2025-27609

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a request that, once transmitted to a victim's Icinga Web, allows to embed arbitrary Javascript into it and to act on...

5.4CVSS5.9AI score0.00228EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/23 12:0 a.m.2 views

Fedora 41 : dotnet8.0 (2025-adbd75f500)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-adbd75f500 advisory. This is the monthly update for .NET for March 2025. Release Notes: - SDK https://github.com/dotnet/core/blob/main/release-notes/8.0/8.0.14/8.0.114.md -...

5.6AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/03/17 2:15 p.m.10 views

CVE-2025-29787

zip is a zip library for rust which supports reading and writing of simple ZIP files. In the archive extraction routine of affected versions of the zip crate starting with version 1.3.0 and prior to version 2.3.0, symbolic links earlier in the archive are allowed to be used for later files in the...

7.3CVSS5.9AI score0.005EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/03/17 12:0 a.m.8 views

CVE-2025-2361

A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument cmd leads to cross site scripting. The attack can be initiated remotely. The exploit has be...

5.3CVSS4.5AI score0.00486EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/12 9:15 p.m.13 views

CVE-2025-25292

ruby-saml provides security assertion markup language SAML single sign-on SSO for Ruby. An authentication bypass vulnerability was found in ruby-saml prior to versions 1.12.4 and 1.18.0 due to a parser differential. ReXML and Nokogiri parse XML differently, the parsers can generate entirely...

9.8CVSS7.4AI score0.63792EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2025/03/12 10:15 a.m.9 views

CVE-2025-21861

In the Linux kernel, the following vulnerability has been resolved: mm/migratedevice: don't add folio to be freed to LRU in migratedevicefinalize If migration succeeded, we called foliomigrateflags-memcgroupmigrate to migrate the memcg from the old to the new folio. This will set memcgdata of the...

5.5CVSS6.4AI score0.00198EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2025/03/12 10:15 a.m.11 views

CVE-2025-21864

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

5.5CVSS6.3AI score0.002EPSS
Exploits0References16
Talos Blog
Talos Blog
added 2025/03/11 9:55 p.m.33 views

Microsoft Patch Tuesday for March 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for March of 2025 which includes 57 vulnerabilities affecting a range of products, including 6 that Microsoft marked as "critical". There are six vulnerabilities that Microsoft has observed being exploited in the wild. CVE-2025-26633 is a Remoted...

8.8CVSS9.6AI score0.31894EPSS
Exploits9
Circl
Circl
added 2025/03/11 4:39 p.m.19 views

CVE-2025-26627

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-11 20:08:28+00:00| seen| https://t.me/cvedetector/20115 2025-03-13 17:45:17+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7458...

7CVSS7.2AI score0.00813EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/11 9:15 a.m.6 views

CVE-2025-1550

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...

9.8CVSS6.9AI score0.02803EPSS
Exploits3References3
UbuntuCve
UbuntuCve
added 2025/03/07 9:15 a.m.4 views

CVE-2025-21837

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.9AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/03/06 4:15 p.m.11 views

CVE-2024-58055

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ftcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command...

7.8CVSS6.6AI score0.00218EPSS
Exploits0References49
UbuntuCve
UbuntuCve
added 2025/02/27 3:15 a.m.12 views

CVE-2025-21786

In the Linux kernel, the following vulnerability has been resolved: workqueue: Put the pwq after detaching the rescuer from the pool The commit 68f83057b913"workqueue: Reap workers via kthreadstop and remove detachcompletion" adds code to reap the normal workers but mistakenly does not handle the...

7.8CVSS6.6AI score0.0022EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.8 views

CVE-2022-49643

In the Linux kernel, the following vulnerability has been resolved: ima: Fix a potential integer overflow in imaappraisemeasurement When the ima-modsig is enabled, the rc passed to evmverifyxattr may be negative, which may cause the integer overflow problem...

5.5CVSS6.4AI score0.00252EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.8 views

CVE-2022-49564

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linea...

5.5CVSS6.5AI score0.0025EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.8 views

CVE-2022-49704

In the Linux kernel, the following vulnerability has been resolved: 9p: fix fid refcount leak in v9fsvfsgetlink we check for protocol version later than required, after a fid has been obtained. Just move the version check earlier...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/02/25 4:15 p.m.8 views

CVE-2025-21626

GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive information from the status.php endpoint. Version 10.0.18 contains a fix for the issue. Some workarounds are available. One may delete the status.p...

6.5CVSS6.3AI score0.00403EPSS
Exploits0References3
Rows per page
Query Builder