Lucene search
K

25 matches found

UbuntuCve
UbuntuCve
added 2025/09/17 6:15 p.m.2 views

CVE-2025-58767

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...

5.3CVSS6.7AI score0.00231EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/09/16 5:15 p.m.2 views

CVE-2023-53332

In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irqdatagetaffinitymask If ipisendmask|single is called with an invalid interrupt number, all the local variables there will be NULL. ipisendverify which is invoked from these functions does...

5.5CVSS5.7AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/09/16 1:16 p.m.2 views

CVE-2025-39824

In the Linux kernel, the following vulnerability has been resolved: HID: asus: fix UAF via HIDCLAIMEDINPUT validation After hidhwstart is called hidinputconnect will eventually be called to set up the device with the input layer since the HIDCONNECTDEFAULT connect mask is used. During...

7.8CVSS6.4AI score0.00152EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2025/09/15 8:15 p.m.6 views

CVE-2025-45091

Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable to a stored Cross-Site Scripting XSS attack. An authenticated attacker can exploit this vulnerability by modifying their username to include a malicious XSS payload in notification and activities...

5.4CVSS5.9AI score0.00192EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/15 3:15 p.m.3 views

CVE-2023-53227

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/09/15 3:15 p.m.2 views

CVE-2023-53219

In the Linux kernel, the following vulnerability has been resolved: media: netupunidvb: fix use-after-free at deltimer When Universal DVB card is detaching, netupunidvbdmafini uses deltimer to stop dma-timeout timer. But when timer handler netupunidvbdmatimeout is running, deltimer could not stop...

7.8CVSS6.2AI score0.00149EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/09/15 3:15 p.m.2 views

CVE-2023-53239

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in order to avoid the NULL pointer dereference. Patchwork:...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/09/15 3:15 p.m.2 views

CVE-2023-53259

In the Linux kernel, the following vulnerability has been resolved: VMCI: check context-notifypage after call to getuserpagesfast to avoid GPF The call to getuserpagesfast in vmcihostsetupnotify can return NULL context-notifypage causing a GPF. To avoid GPF check if context-notifypage == NULL and...

7.1CVSS6.6AI score0.00139EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/09/15 2:15 p.m.2 views

CVE-2022-50248

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is indeed a way to...

7.8CVSS6.2AI score0.0015EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/09/15 2:15 p.m.2 views

CVE-2022-50259

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: fix race in sockmapfree sockmapfree calls releasesocksk without owning a reference on the socket. This can cause use-after-free as syzbot found 1 Jakub Sitnicki already took care of a similar issue in sockhashfree i...

4.7CVSS5.8AI score0.00101EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/09/15 1:15 p.m.2 views

CVE-2025-39802

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit 773426f4771b "crypto: arm/poly1305 - Add block-only interface". This safety check is cheap and is...

7.8CVSS6.6AI score0.00133EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/12 4:15 p.m.2 views

CVE-2025-39798

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix the setting of capabilities when automounting a new filesystem Capabilities cannot be inherited when we cross into a new filesystem. They need to be reset to the minimal defaults, and then probed for again...

5.5CVSS5.6AI score0.00154EPSS
Exploits0References36
UbuntuCve
UbuntuCve
added 2025/09/11 5:15 p.m.2 views

CVE-2025-39739

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-qcom: Add SM6115 MDSS compatible Add the SM6115 MDSS compatible to clients compatible list, as it also needs that workaround. Without this workaround, for example, QRB4210 RB2 which is based on SM4250/SM6115...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References23
UbuntuCve
UbuntuCve
added 2025/09/11 5:15 p.m.3 views

CVE-2025-39771

In the Linux kernel, the following vulnerability has been resolved: regulator: pca9450: Use devmregistersysoffhandler With module test, there is error dump: ------------ cut here ------------ notifier callback pca9450i2crestarthandler already registered WARNING: kernel/notifier.c:23 at...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/11 5:15 p.m.2 views

CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References33
Openbugbounty
Openbugbounty
added 2023/09/19 9:32 a.m.12 views

limeworks.com.au Cross Site Scripting vulnerability OBB-3698462

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Patchstack
Patchstack
added 2023/09/19 12:0 a.m.7 views

WordPress wpDiscuz Plugin < 7.6.6 is vulnerable to SQL Injection

Software wpDiscuz Type Plugin Vulnerable versions 7.6.6 Fixed in 7.6.6 OWASP Top 10 A1: Injection Classification SQL Injection CVE N/A Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID fcbd1df4be98 Credits Unknown Required privilege Unauthenticated Published 19 September,...

7.2AI score
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2021/09/19 6:58 p.m.20 views

asst-valcamonica.it Cross Site Scripting vulnerability OBB-2144260

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Cisco Threats
Cisco Threats
added 2017/09/19 5:27 p.m.18 views

Threat Outbreak Alert RuleID30681: Email Messages Distributing Malicious Software on September 19, 2017

Medium Alert ID: 55339 First Published: 2017 September 19 17:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30681 may contain the following files: Name ...

0.4AI score
Exploits0
Cisco Threats
Cisco Threats
added 2017/09/19 4:10 p.m.12 views

Threat Outbreak Alert RuleID30670: Email Messages Distributing Malicious Software on September 19, 2017

Medium Alert ID: 55331 First Published: 2017 September 19 16:10 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID30670 may contain the following files: Name ...

0.3AI score
Exploits0
Rows per page
Query Builder