Lucene search
K

56 matches found

UbuntuCve
UbuntuCve
added 2025/10/31 2:15 a.m.9 views

CVE-2025-23050

QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read or division by zero. This is fixed in 5.15.19, 6.5.9, and 6.8.2...

3.1CVSS5.9AI score0.00172EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-3842

Malware in sbrugna...

7.5CVSS6.1AI score0.02397EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2025/07/31 9:15 p.m.4 views

CVE-2025-45768

pyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the application that uses the library admittedly, library users may benefit from a minimum value and a mechanism for opting in to strict enforcement...

7CVSS5.9AI score0.0016EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/07/28 12:15 p.m.7 views

CVE-2025-38470

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put...

5.5CVSS6.1AI score0.00161EPSS
Exploits0References38
UbuntuCve
UbuntuCve
added 2025/07/25 4:15 p.m.3 views

CVE-2025-38443

In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbdgenlconnect error path There is a use-after-free issue in nbd: block nbd6: Receive control failed result -104 block nbd6: shutting down sockets ==================================================================...

7.8CVSS6.3AI score0.00151EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2025/07/25 2:15 p.m.4 views

CVE-2025-38416

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in success path Setting tty-discdata before opening the NCI device means we need to clean it up on error paths. This also opens some short window if device starts sending data, even before...

7.8CVSS6.4AI score0.00183EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS6.3AI score0.00107EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2025/07/11 5:15 p.m.6 views

CVE-2025-45582

GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file,...

4.1CVSS6.7AI score0.00433EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/07/10 9:15 a.m.8 views

CVE-2025-38337

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, so we should change it to call ishandleabortedhandle first before dereferencing it. And the following data-race w...

5.5CVSS6.2AI score0.00159EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/07/09 11:15 a.m.6 views

CVE-2025-38245

In the Linux kernel, the following vulnerability has been resolved: atm: Release atmdevmutex after removing procfs in atmdevderegister. syzbot reported a warning below during atmdevregister. 0 Before creating a new device and procfs/sysfs for it, atmdevregister looks up a duplicated device by...

7.8CVSS6.6AI score0.00157EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2025/06/18 10:15 a.m.2 views

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, causing NULL pointer dereferences and triggering a kernel Oops...

5.5CVSS6.4AI score0.00154EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2025/06/06 12:0 a.m.11 views

CVE-2025-38000

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

7.8CVSS6.4AI score0.00179EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/06/04 3:15 a.m.12 views

CVE-2025-49223

billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

9.8CVSS6.1AI score0.00725EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/05/13 5:16 p.m.6 views

CVE-2025-3757

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...

9.8CVSS7.2AI score0.00355EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/05/09 7:16 a.m.3 views

CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

5.5CVSS6.4AI score0.00222EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2025/05/09 7:16 a.m.8 views

CVE-2025-37877

In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommudeviceregister encounters an error, it can end up tearing down already-configured groups and default domains, however this currently still leaves devices hooked up to iommu-dma and ev...

5.5CVSS6.3AI score0.00217EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/05/09 6:41 a.m.9 views

CVE-2025-37839

In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb-ssequence check Journal emptiness is not determined by sb-ssequence == 0 but rather by sb-sstart == 0 which is set a few lines above. Furthermore 0 is a valid transaction ID so the check can spuriously...

7.8CVSS5.7AI score0.00263EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/05/08 12:0 a.m.9 views

CVE-2025-37831

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...

5.5CVSS6.4AI score0.00149EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/05/02 4:15 p.m.1 views

CVE-2023-53060

In the Linux kernel, the following vulnerability has been resolved: igb: revert rtnllock that causes deadlock The commit 6faee3d4ee8b "igb: Add lock to avoid data race" adds rtnllock to eliminate a false data race shown below FREE from device detaching | USE from netdev core igbremove |...

5.5CVSS6.3AI score0.00126EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2025/05/01 2:10 p.m.6 views

CVE-2022-49906

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: Free rwi on reset success Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 "ibmvnic: retry reset if there are no other resets" introduces an issue...

5.5CVSS5.5AI score0.00164EPSS
Exploits0
Rows per page
Query Builder