Lucene search
K

12 matches found

Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.14 views

xorg-x11-server-Xwayland security update

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...

7.8CVSS5.8AI score0.0038EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/15 2:41 a.m.9 views

CVE-2025-66664

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS5.8AI score0.00112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 7:33 p.m.4 views

CVE-2026-21348 Substance3D - Modeler | Out-of-bounds Read (CWE-125)

Substance3D - Modeler versions 1.22.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that ...

5.5CVSS5.4AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 12:0 a.m.9 views

CVE-2025-60791

Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt. The keys can be obtained by attaching a debugger or analyzing the process/memory dump an...

0.00099EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/07/02 4:33 p.m.7 views

xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests...

6.1CVSS5.7AI score0.00361EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/10/03 12:0 a.m.7 views

PT-2023-5885 · Grub2 +10 · Grub2 +10

Name of the Vulnerable Software and Affected Versions: Grub2 affected versions not specified Description: The issue is related to an out-of-bounds read flaw in Grub2's NTFS filesystem driver. This flaw may allow a physically present attacker to present a specially crafted NTFS file system image t...

8.3CVSS6.7AI score0.04852EPSS
Exploits2References112
OSV
OSV
added 2023/07/20 1:15 a.m.3 views

UBUNTU-CVE-2022-28736

There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...

7.8CVSS7.5AI score0.00289EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:26 a.m.4 views

SUSE CVE-2022-28736

There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...

8.4CVSS8.7AI score0.00289EPSS
Exploits0References24
OSV
OSV
added 2022/08/13 11:4 a.m.4 views

OESA-2022-1833 openssl security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under so...

5.3CVSS6.9AI score0.04425EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/06/02 12:0 a.m.15 views

The vulnerability of the SCADA system “SKADA-NEV” lies in the unencrypted storage of critical information in memory, allowing attackers to gain access to user account data.

The vulnerability of the SCADA system “SKADA-NEV” is related to the unencrypted storage of critical information in memory. Exploiting this vulnerability can allow an intruder to gain access to user account data...

7.8CVSS5.5AI score
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2018/04/30 10:0 a.m.4 views

dpdk: Information exposure in unchecked guest physical to host virtual address translations

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory...

6.1CVSS6.6AI score0.00878EPSS
Exploits0References4
curl security advisories
curl security advisories
added 2017/08/09 8:0 a.m.8 views

TFTP sends more than buffer size

When doing a TFTP transfer and curl/libcurl is given a URL that contains a long filename longer than about 515 bytes, the filename is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the original length. This too large value is then used in the...

6.5CVSS6.6AI score0.03958EPSS
Exploits0Affected Software2
Rows per page
Query Builder