Lucene search
+L

401 matches found

osv
osv
added 2025/08/28 10:15 p.m.7 views

AZL-66716 CVE-2025-58058 affecting package podman 4.1.1-26

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...

5.3CVSS6.9AI score0.00385EPSS
Exploits0References1
osv
osv
added 2025/08/28 10:15 p.m.8 views

AZL-66762 CVE-2025-58058 affecting package skopeo for versions less than 1.14.4-6

xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current...

5.3CVSS6.8AI score0.00385EPSS
Exploits0References1
redos
redos
added 2025/08/28 12:0 a.m.6 views

ROS-20250828-01

A vulnerability in the 7-Zip file archiver is related to incorrect symbolic link detection before file access. before accessing a file. Exploitation of the vulnerability allows an attacker to bypass security restrictions A vulnerability in the CopyCoder component of the 7-Zip file archiver is...

6.5CVSS6.7AI score0.01703EPSS
Exploits2
nessus
nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-29917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The bytes setting in the decodebase64...

6.2CVSS6.8AI score0.00251EPSS
Exploits0References3
nessus
nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-14295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset...

5.5CVSS6.4AI score0.015EPSS
Exploits1References2
nessus
nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-37837

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmamfreecoherent Two WARNINGs are observed when SM...

5.5CVSS6.2AI score0.00229EPSS
Exploits0References3
nvd
nvd
added 2025/08/08 12:15 a.m.7 views

CVE-2025-54952

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b...

9.8CVSS0.00593EPSS
Exploits0References2
cvelist
cvelist
added 2025/08/07 11:8 p.m.12 views

CVE-2025-54952

An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b...

0.00593EPSS
Exploits0References2
cve
cve
added 2025/08/07 10:55 p.m.32 views

CVE-2025-30405

The CVE-2025-30405 entry describes an integer overflow in the loading of ExecuTorch models, causing objects to be placed outside their allocated memory. Affected software is ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73. Reported impact includes potential code execution or o...

9.8CVSS7.2AI score0.00593EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/08/07 12:0 a.m.5 views

PT-2025-32320

Name of the Vulnerable Software and Affected Versions ExecuTorch versions prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73 Description An integer overflow vulnerability exists in the loading of ExecuTorch models. This can lead to objects being placed outside of their allocated memory,...

9.8CVSS6.5AI score0.00593EPSS
Exploits0References15
nessus
nessus
added 2025/08/06 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-56706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU...

6.3CVSS6.1AI score0.00159EPSS
Exploits0References3
nessus
nessus
added 2025/08/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-46943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix setfmt error handling If there in an error during a setfmt, d...

7.8CVSS6.4AI score0.00234EPSS
Exploits0References2
debiancve
debiancve
added 2025/08/01 4:32 p.m.8 views

CVE-2025-48074

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...

5.5CVSS5.2AI score0.00259EPSS
Exploits1
osv
osv
added 2025/08/01 4:32 p.m.4 views

CVE-2025-48074 OpenEXR's Unbounded File Header Values can Lead to Out-Of-Memory Errors

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance...

4.6CVSS6.5AI score0.00259EPSS
Exploits1References4
cvelist
cvelist
added 2025/07/28 11:22 a.m.8 views

CVE-2025-38495 HID: core: ensure the allocated report buffer can contain the reserved report ID

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account f...

0.00198EPSS
Exploits0References8
nvd
nvd
added 2025/07/25 6:15 p.m.6 views

CVE-2025-5449

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS0.00777EPSS
Exploits0References8
cvelist
cvelist
added 2025/07/25 5:19 p.m.13 views

CVE-2025-5449 Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...

6.5CVSS0.00777EPSS
Exploits0References8
osv
osv
added 2025/07/25 4:15 p.m.15 views

AZL-72929 CVE-2025-38445 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

7.1CVSS6.7AI score0.00165EPSS
Exploits0References1
cvelist
cvelist
added 2025/07/25 3:27 p.m.10 views

CVE-2025-38465 netlink: Fix wraparounds of sk->sk_rmem_alloc.

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk-skrmemalloc. Netlink has this pattern in some places if atomicread&sk-skrmemalloc sk-skrcvbuf atomicaddskb-truesize, &sk-skrmemalloc; , which has the same problem fixed by commit 5a465a0da13e "udp:...

0.00165EPSS
Exploits0References8
nvd
nvd
added 2025/07/25 3:15 p.m.8 views

CVE-2025-38426

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add basic validation for RAS header If RAS header read from EEPROM is corrupted, it could result in trying to allocate huge memory for reading the records. Add some validation to header fields...

5.5CVSS0.00157EPSS
Exploits0References4
Rows per page
Query Builder