Lucene search
K

30 matches found

OSV
OSV
added 2026/04/29 2:0 p.m.2 views

UBUNTU-CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

5.9CVSS5.8AI score0.00329EPSS
Exploits1References4
OSV
OSV
added 2025/12/31 2:15 a.m.5 views

AZL-73325 CVE-2025-68131 affecting package python-cbor2 5.6.5-2

cbor2 provides encoding and decoding for the Concise Binary Object Representation CBOR serialization format. Starting in version 3.0.0 and prior to version 5.8.0, whhen a CBORDecoder instance is reused across multiple decode operations, values marked with the shareable tag 28 persist in memory an...

7.5CVSS5.7AI score0.00423EPSS
Exploits1References1
CNVD
CNVD
added 2025/08/18 12:0 a.m.2 views

Adobe Framemaker Post-Release Reuse Vulnerability (CNVD-2025-19626)

Adobe FrameMaker is Adobe's development of professional-grade technical document creation and layout software, mainly used to deal with complex long-form structured content such as technical manuals, aviation documents, etc., support for XML/DITA standards, multilingual publishing and cross-media...

7.8CVSS7.7AI score0.00215EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.4 views

The vulnerability of the arp_xmit_finish() function in the net/ipv4/arp.c module of the Linux operating system’s kernel for implementing the IPv4 protocol allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the arpxmitfinish function in the net/ipv4/arp.c module of the Linux operating system’s IPv4 protocol implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...

7.8CVSS6.7AI score0.00232EPSS
Exploits0References21Affected Software7
BDU FSTEC
BDU FSTEC
added 2025/01/13 12:0 a.m.5 views

The vulnerability of the bcm_release() function in the net/can/bcm.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the bcmrelease function in the net/can/bcm.c module of the Linux kernel is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.8CVSS6.5AI score0.00286EPSS
Exploits0References25Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/11/22 12:0 a.m.5 views

The vulnerability of the scmidebugfs_common_setup() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the scmi.debugfscommonsetup function in the drivers/firmware/armscmi/driver.c file of the Linux kernel is related to the repeated release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

7.8CVSS7.2AI score0.00231EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/18 12:0 a.m.6 views

The vulnerability of the vdec_close() function in the Qualcomm Venus V4L2 driver for Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the vdecclose function in the drivers/media/platform/qcom/venus/vdec.c file of the Qualcomm Venus V4L2 driver for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the...

7.8CVSS6.5AI score0.00228EPSS
Exploits0References30Affected Software5
BDU FSTEC
BDU FSTEC
added 2024/10/18 12:0 a.m.5 views

The vulnerability of the mlx5_function_teardown() function in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the mlx5functionteardown function in the Linux operating system is related to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.8CVSS7.1AI score0.00283EPSS
Exploits0References25Affected Software5
CNNVD
CNNVD
added 2024/09/03 12:0 a.m.2 views

ARM多款产品 安全漏洞

ARM Bifrost GPU Kernel Driver and others are a GPU kernel driver from ARM UK. A security vulnerability exists in a number of ARM products, which stems from memory reuse after release. The following products and versions are affected: Bifrost GPU Kernel Driver versions r43p0 through r49p0, Valhall...

7.8CVSS6.6AI score0.00166EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/08/27 12:0 a.m.6 views

The vulnerability of the pm8001_exec_internal_tmf_task() function in the PMC-Sierra SPC 8001 SAS/SATA kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the pm8001execinternaltmftask function in the drivers/scsi/pm8001/pm8001sas.c file of the PMC-Sierra SPC 8001 SAS/SATA kernel for the Linux operating system is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to...

7.8CVSS6.5AI score0.00244EPSS
Exploits0References20Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.5 views

The vulnerability of the Garbage Collector component of the Mozilla Firefox browser, which allows a hacker to execute arbitrary code.

The vulnerability of the Garbage Collector component in the Mozilla Firefox browser is related to the use of memory after it is freed, as a result of the simultaneous loading of the browser’s own global execution environment and the “garbage collection” process. Exploiting this vulnerability can...

10CVSS8.1AI score0.0036EPSS
Exploits0References11Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.4 views

The vulnerability of the ima_collect_measurement() function in the IMA component of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the imacollectmeasurement function in the security/integrity/ima/imaapi.c module of the IMA kernel of the Linux operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

7.8CVSS6.5AI score0.00306EPSS
Exploits0References35Affected Software7
CNNVD
CNNVD
added 2024/08/05 12:0 a.m.6 views

ARM Bifrost GPU Kernel Driver、Valhall GPU Kernel Driver和ARM 5th Gen GPU Architecture Kernel Driver 安全漏洞

ARM Valhall GPU Kernel Driver and others are products of ARM UK.Valhall GPU Kernel Driver is a Valhall GPU Kernel Driver.ARM Bifrost GPU Kernel Driver is a GPU Kernel Driver.ARM 5th Gen The ARM Bifrost GPU Kernel Driver is a GPU kernel driver. A security vulnerability exists in the ARM Bifrost GP...

7.8CVSS6.8AI score0.00183EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/06/17 12:0 a.m.8 views

The vulnerability of the gfs2PutSuper() function in the gfs2 file system of Linux kernels allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the gfs2PutSuper function in the fs/gfs2/super.c file of the Linux kernel’s file system gfs2 is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of th...

7.8CVSS7.2AI score0.00269EPSS
Exploits0References11Affected Software3
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.6 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A post-release reuse vulnerability exists in versions prior to Mozilla Firefox 127, which can be exploited by an attacker to read memory in the JavaScript string portion of the heap...

7.5CVSS6.5AI score0.0047EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.6 views

ImageSharp 安全漏洞

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API from ImageSharp, Inc. A security vulnerability exists in ImageSharp versions prior to v3.1.4 and prior to v2.1.8, which stems from a heap-release-after-reuse flaw found in ImageSharp's JPEG and TGA decoders, which i...

6.5CVSS6.1AI score0.00575EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/01/25 8:12 a.m.2 views

curl: FTP too eager connection reuse

A flaw was found in the Curl package. Libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, several FTP settings were left out from the configuration match checks, making them match too easily. The problematic...

5.9CVSS6.8AI score0.01607EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/10/06 12:0 a.m.4 views

libxml2 Resource Management Error Vulnerability

libxml2 is an open source library used to parse XML documents . It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 version 2.11.5 and earlier, which stems from a post-release reuse vulnerability...

6.5CVSS6.8AI score0.00826EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/16 10:43 p.m.49 views

Security Bulletin: Multiple publicly disclosed Libcurl vulnerabilities affect IBM Safer Payments

Summary Libcurl is used by IBM Safer Payments as part of the AVRO support for Kafka. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-43551 DESCRIPTION: cURL libcurl could allow a remote attacker to bypass security restrictions, caused by a flaw when the host name i...

9.1CVSS8.5AI score0.1654EPSS
Exploits8Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/20 12:0 a.m.5 views

The vulnerability of the indexing filter of the traffic control system tcindex (net/sched/cls_tcindex.c) in the Linux operating system allows a hacker to increase their privileges.

The vulnerability of the indexing filter in the tcindex traffic control system net/sched/clstcindex.c in the Linux operating system is related to improper handling of filters, resulting in the re-release of previously released memory. Exploiting this vulnerability can allow an attacker to increas...

7.8CVSS6.6AI score0.01029EPSS
Exploits1References17Affected Software4
Rows per page
Query Builder