Lucene search
K

19 matches found

Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.20 views

PT-2026-39710

Name of the Vulnerable Software and Affected Versions jq versions 1.8.1 and earlier Description Top-level programs loaded from a file using the '-f' flag are truncated at the first embedded NUL byte. A specially crafted filter file containing a NUL byte followed by an arbitrary suffix will compil...

7.3CVSS6AI score0.00174EPSS
Exploits6References57
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.7 views

CVE-2023-54150

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...

5.9AI score0.00168EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.1 views

openSUSE 15: libpython3_9-1_0 / libpython3_9-1_0-32bit / python39 / etc (SUSE-SU-2025:4433-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4433-1 advisory. Update to 3.9.25: - Security - gh-137836: Add support of the plaintext element, RAWTEXT elements xmp, iframe, noembed and noframes, and optionally RAWTEXT...

5.8AI score
Exploits0References1
OSV
OSV
added 2025/03/26 11:30 a.m.20 views

SUSE-SU-2025:1026-1 Security update for php7

This update for php7 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

9.8CVSS8.3AI score0.01357EPSS
Exploits3References13
OSV
OSV
added 2025/03/24 3:11 p.m.18 views

SUSE-SU-2025:0994-1 Security update for php8

This update for php8 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...

9.8CVSS7.1AI score0.01357EPSS
Exploits3References13
OSV
OSV
added 2025/02/03 9:39 a.m.9 views

SUSE-SU-2025:0327-1 Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to...

7.5CVSS7.6AI score0.03312EPSS
Exploits0References15
SUSE Linux
SUSE Linux
added 2025/02/03 9:39 a.m.0 views

Security update for clamav

This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...

8.7CVSS7.8AI score0.03312EPSS
Exploits0References34
Vulnrichment
Vulnrichment
added 2024/12/11 7:17 p.m.15 views

CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...

6.8CVSS6.7AI score0.01036EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2024/12/11 7:17 p.m.19 views

CVE-2024-47835

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...

7.5CVSS6.5AI score0.01036EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2024/10/29 1:54 p.m.3 views

Security update for go1.22-openssl

This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 jscSLE-18320 Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 229 go1.22.7 released 2024-09-05 includes securi...

7.5CVSS7.8AI score0.91969EPSS
Exploits2References64
OSV
OSV
added 2023/10/05 8:18 p.m.7 views

CLSA-2023-1696537106 libxml2: Fix of 5 CVEs

CVE-2021-3517: fix flaw in the xml entity encoding - CVE-2021-3518: fix dangling pointers in entity reference nodes - CVE-2022-23308: fix use-after-free of ID and IDREF attributes - CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML - CVE-2022-40304: fix double free...

8.8CVSS6.9AI score0.22791EPSS
Exploits2References1
OSV
OSV
added 2022/08/22 1:7 p.m.9 views

CLSA-2022-1661173656 Fixed 50 CVEs in java-1.7.0-openjdk

Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation JDK-8281859 - CVE-2022-21541: Enhance MethodHandle invocations JDK-8281866 - CVE-2022-34169: Improve Xalan supports JDK-8285407 - Security fixes in 7u341: - CVE-2022-21426: Better XPath...

8.3CVSS6.5AI score0.17673EPSS
Exploits2References1
OSV
OSV
added 2021/04/15 6:11 a.m.8 views

OPENSUSE-SU-2021:0555-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...

7.8CVSS7.8AI score0.03155EPSS
Exploits0References8
OSV
OSV
added 2021/04/14 12:6 p.m.9 views

SUSE-SU-2021:1189-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...

7.8CVSS7.7AI score0.03155EPSS
Exploits0References8
OSV
OSV
added 2021/04/14 7:33 a.m.7 views

SUSE-SU-2021:14692-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...

7.8CVSS7.7AI score0.03155EPSS
Exploits0References8
OSV
OSV
added 2021/04/13 3:45 p.m.7 views

SUSE-SU-2021:1174-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...

7.8CVSS7.7AI score0.03155EPSS
Exploits0References8
OSV
OSV
added 2019/11/13 11:20 p.m.6 views

OPENSUSE-SU-2019:2501-1 Security update for rsyslog

This update for rsyslog fixes the following issues: Security issues fixed: - CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages bsc1153451. - CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages bsc1153459. Other issue addressed: - Fixed an issue where...

9.8CVSS9.6AI score0.04568EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2011/03/07 12:0 a.m.18 views

Debian Security Advisory DSA 2145-1 (libsmi)

The remote host is missing an update to libsmi announced via advisory DSA 2145-1. OpenVAS Vulnerability Test $Id: deb21451.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2145-1 libsmi Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

7.5CVSS0.2AI score0.14035EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2009/09/25 12:0 a.m.25 views

SuSE9 Security Update : freeswan (YOU Patch Number 12503)

The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

5CVSS5.4AI score0.01577EPSS
Exploits0References2
Rows per page
Query Builder