Lucene search
K

4 matches found

OSV
OSV
added 2025/12/23 11:15 p.m.3 views

UBUNTU-CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

7CVSS5.8AI score0.00179EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/08/14 12:0 a.m.5 views

EulerOS 2.0 SP13 : ppp (EulerOS-SA-2025-1997)

According to the versions of the ppp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description block directly...

9.3CVSS5.5AI score0.00196EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/02/07 3:0 p.m.2 views

apache-ivy: XML External Entity vulnerability

Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy...

8.2CVSS7.3AI score0.01855EPSS
Exploits0References5
Amazon
Amazon
added 2023/09/07 12:0 a.m.4 views

Important: apache-ivy

Issue Overview: Improper Restriction of XML External Entity Reference, XML Injection aka Blind XPath Injection vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own...

8.2CVSS7.2AI score0.01855EPSS
Exploits0
Rows per page
Query Builder