Lucene search
+L

2311 matches found

UbuntuCve
UbuntuCve
added 2025/09/25 4:15 p.m.4 views

CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

4.8CVSS5.9AI score0.00288EPSS
Exploits0References2
CISA
CISA
added 2025/09/25 12:0 p.m.9 views

CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices

Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances ASA and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333link is external and CVE-2025-20362link is...

9.9CVSS7.3AI score0.85543EPSS
Exploits1References14
Cisco
Cisco
added 2025/09/24 4:0 p.m.12 views

Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability

A vulnerability in the Web Authentication feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting attack XSS on an affected device. This vulnerability is due to improper sanitization of user-supplied input. An attacker could...

6.1CVSS5.7AI score0.00272EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/09/24 2:15 p.m.2 views

CVE-2025-23275

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure...

7.1CVSS5.9AI score0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.13 views

PT-2025-39339

CVE-2025-00123 UNDER DEVELOPMENT - USE AT YOUR OWN RISK!!! Enhanced Incident Summary Report Executive Summary On September 18, 2025, a medium-severity incident Risk Score https://t.co/mYu56R5gA4...

6.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/24 12:0 a.m.13 views

PT-2025-39340

CVE-2025-00456 UNDER DEVELOPMENT - USE AT YOUR OWN RISK!!! Enhanced Incident Summary Report Executive Summary On September 18, 2025, a medium-severity incident Risk Score https://t.co/DGZmVvA9zF...

6.9AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 p.m.3 views

CVE-2025-55780

A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...

7.5CVSS5.8AI score0.00396EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39887

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.5 views

CVE-2025-39888

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

7.8CVSS6.6AI score0.00136EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39878

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method" by moving code from cephwritepagesstart to this...

5.5CVSS6AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.4 views

CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39871

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxdfree The call to idxdfree introduces a duplicate putdevice leading to a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15 PID: 4428 at lib/refcount.c:28...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References16
Patchstack
Patchstack
added 2025/09/22 6:45 p.m.5 views

WordPress Verowa Connect plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Verowa Connect versions = 3.2.3...

6.5CVSS5.9AI score0.00196EPSS
Exploits0Affected Software1
UbuntuCve
UbuntuCve
added 2025/09/19 8:15 p.m.2 views

CVE-2025-59431

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...

9.8CVSS5.9AI score0.00391EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39859

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...

7.8CVSS6.6AI score0.00136EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.1 views

CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

7.8CVSS6.6AI score0.00141EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39851

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object VXLAN FDB entries can point to either a remote destination or an FDB nexthop group. The latter is usually used in EVPN deployments where learning is disabled...

5.5CVSS6AI score0.00145EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39847

In the Linux kernel, the following vulnerability has been resolved: ppp: fix memory leak in padcompressskb If allocskb fails in padcompressskb, it returns NULL without releasing the old skb. The caller does: skb = padcompressskbppp, skb; if !skb goto drop; drop: kfreeskbskb; When padcompressskb...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39849

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

7.8CVSS6.3AI score0.00144EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.3 views

CVE-2025-39866

In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use-after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...

7.8CVSS6.4AI score0.00286EPSS
Exploits1References27
Rows per page
Query Builder