Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Freeing arbitrary nsIInputStream's on a thread other than the one in which they were created could lead to a use-after-free, potentially causing a crash. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

6.5CVSS7AI score0.00639EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-38971

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amd/display component related to dsc eDP, which requires the implementation of a function hook check before use to ensure proper operation. Recommendations At...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-9703

Malware in sbrugna...

8.8CVSS8.8AI score0.0259EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/29 12:0 a.m.8 views

Google Chrome < 138.0.7204.183 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 138.0.7204.183. It is, therefore, affected by a vulnerability as referenced in the 202507stable-channel-update-for-desktop29 advisory. - Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a...

8.8CVSS7.8AI score0.00315EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/09 7:49 p.m.30 views

CVE-2025-5918 Libarchive: reading past eof may be triggered for piped file streams

A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memo...

3.9CVSS0.00341EPSS
Exploits0References4
CVE
CVE
added 2025/06/02 7:20 p.m.315 views

CVE-2025-48387

Summary of CVE-2025-48387 (tar-fs) : A path-traversal risk in tar-fs bindings for tar-stream affects releases prior to 3.0.9, 2.1.3, and 1.16.5, where extracting certain tarballs can write outside the intended directory. The issue has been fixed in 3.0.9, 2.1.3, and 1.16.5. As a workaround, you c...

8.7CVSS6.5AI score0.00474EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:9 p.m.10 views

CVE-2021-38380

Live555 through 1.08 mishandles huge requests for the same MP3 stream, leading to recursion and s stack-based buffer over-read. An attacker can leverage this to launch a DoS attack...

7.5CVSS6.9AI score0.01532EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/26 12:0 a.m.16 views

CVE-2025-32783

XWiki Platform is a generic wiki platform. A vulnerability in versions from 5.0 to 16.7.1 affects users with Message Stream enabled and a wiki configured as closed from selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent i...

4.7CVSS6.6AI score0.00284EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2025/03/07 8:0 a.m.6 views

Chromium: CVE-2025-1921 Inappropriate Implementation in Media Stream

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS6.9AI score0.00318EPSS
Exploits0
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2025/03/04 12:0 a.m.49 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 134 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 134.0.6998.35 Linux 134.0.6998.35/36 Windows 134.0.6998.44/45 Mac contains a number of fixes and improvements -- a list of...

8.8CVSS6.8AI score0.00415EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/24 6:43 p.m.6 views

CLSA-2024-1735065830 Fix CVE(s): CVE-2024-11233

SECURITY UPDATE: Security vulnerability in package - debian/patches/CVE-2024-11233.patch: fix error in convert.quoted printable-decode filter certain data leading to buffer overread. Fix segfault with streams and invalid data. - CVE-2024-11233...

8.2CVSS6.3AI score0.01618EPSS
Exploits1References1
OSV
OSV
added 2021/08/20 8:10 a.m.2 views

SUSE-SU-2021:2790-1 Security update for nodejs8

This update for nodejs8 fixes the following issues: - CVE-2021-22930: http2: fixes use after free on close in stream canceling bsc1188917...

9.8CVSS9.6AI score0.37286EPSS
Exploits0References3
OSV
OSV
added 2021/08/12 9:15 p.m.4 views

PYSEC-2021-772

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in boostedtreescreatequantilestreamresource by using negative arguments. The implementation does not validate that numstreams only contains non-negative numbers. I...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References2
Prion
Prion
added 2021/03/01 4:15 p.m.15 views

Input validation

An improper binary stream data handling issue was found in the core module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server...

7.8CVSS7.3AI score0.07445EPSS
Exploits1References10Affected Software1
Rows per page
Query Builder