Lucene search
K

245 matches found

CNVD
CNVD
added 2025/05/22 12:0 a.m.1 views

GNU PSPP Buffer Overflow Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a buffer overflow vulnerability that originates from a boundary error when processing untrusted input. An attacker could exploit this vulnerability to cause a denial of...

5.5CVSS7.4AI score0.00141EPSS
Exploits1References1
OSV
OSV
added 2025/05/20 10:15 p.m.1 views

DEBIAN-CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

5.5CVSS3.9AI score0.00237EPSS
Exploits1References1
OSV
OSV
added 2025/05/20 10:15 p.m.4 views

CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

5.5CVSS7AI score
Exploits0References8
NVD
NVD
added 2025/05/20 10:15 p.m.15 views

CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

5.5CVSS0.00237EPSS
Exploits1References6
OSV
OSV
added 2025/05/20 10:15 p.m.3 views

UBUNTU-CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

5.5CVSS5.2AI score0.00237EPSS
Exploits1References8
CVE
CVE
added 2025/05/20 9:31 p.m.65 views

CVE-2025-5001

CVE-2025-5001 affects GNU PSPP (pspp-convert.c: calloc). Root cause: manipulation of the -l argument leads to an integer overflow in calloc. Impact: potential local impact, with availability degraded; confidentiality/integrity not affected per sources. Exploit has been disclosed publicly. Affecte...

5.5CVSS4AI score0.00237EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/20 9:31 p.m.5 views

CVE-2025-5001 GNU PSPP pspp-convert.c calloc integer overflow

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

4.8CVSS6.7AI score0.00237EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/05/20 9:31 p.m.23 views

CVE-2025-5001 GNU PSPP pspp-convert.c calloc integer overflow

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

4.8CVSS0.00237EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2025/05/20 9:31 p.m.7 views

CVE-2025-5001

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this...

5.5CVSS3.9AI score0.00237EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/05/20 1:7 a.m.4 views

SUSE CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS7.2AI score0.00141EPSS
Exploits1References3
CNVD
CNVD
added 2025/05/20 12:0 a.m.5 views

GNU PSPP Buffer Overflow Vulnerability

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a buffer overflow vulnerability that stems from inflateread failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a...

9.8CVSS7.5AI score0.00258EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/20 12:0 a.m.3 views

PT-2025-22311 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP version 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb Description: A vulnerability was found in GNU PSPP, affecting the calloc function in the pspp-convert.c file. The manipulation of the argument -l leads to integer overflow. Local acces...

5.5CVSS3.8AI score0.00237EPSS
Exploits1References17
RedhatCVE
RedhatCVE
added 2025/05/18 12:10 a.m.18 views

CVE-2025-48188

A flaw was found in GNU PSPP's libpspp-core.a component. This vulnerability can allow a heap-based buffer over-read via a crafted encrypted file when the rijndaelDecrypt function is incorrectly called by fillbuffer in encrypted-file.c. This can lead to memory disclosure or an application crash...

6.1CVSS3.7AI score0.00141EPSS
Exploits1References4
NVD
NVD
added 2025/05/16 9:15 p.m.13 views

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS0.00141EPSS
Exploits1References1
OSV
OSV
added 2025/05/16 9:15 p.m.8 views

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS6.8AI score
Exploits0References1
OSV
OSV
added 2025/05/16 9:15 p.m.5 views

UBUNTU-CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

5.5CVSS6.2AI score0.00141EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/05/16 12:0 a.m.5 views

PT-2025-21763 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP versions through 2.0.1 Description: libpspp-core.a in GNU PSPP through 2.0.1 contains an incorrect call from the fill buffer function in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, resulting in a heap-based buffer...

5.5CVSS6.2AI score0.00141EPSS
Exploits1References14
CNNVD
CNNVD
added 2025/05/16 12:0 a.m.5 views

GNU PSPP 缓冲区错误漏洞

GNU PSPP is an application for data sampling, statistics and analysis from the American GNU community. GNU PSPP suffers from a buffer overflow vulnerability that originates from a boundary error when processing untrusted input. An attacker could exploit this vulnerability to cause a denial of...

5.5CVSS7AI score0.00141EPSS
Exploits1References2
CVE
CVE
added 2025/05/16 12:0 a.m.46 views

CVE-2025-48188

The CVE-2025-48188 issue affects GNU PSPP’s libpspp-core.a up to version 2.0.1. A faulty call from fill_buffer (data/encrypted-file.c) to the Gnulib rijndaelDecrypt function leads to a heap-based buffer over-read, which can cause memory disclosure or an application crash. Several sources (includi...

5.5CVSS4.1AI score0.00141EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/16 12:0 a.m.11 views

CVE-2025-48188

libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fillbuffer in data/encrypted-file.c to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read...

2.9CVSS0.00141EPSS
Exploits1References1
Rows per page
Query Builder