Lucene search
K

65 matches found

UbuntuCve
UbuntuCve
added 2025/08/05 12:0 a.m.4 views

CVE-2025-8586

A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ffseekframebinary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local...

4.8CVSS5.2AI score0.00222EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/07/28 12:0 a.m.2 views

CVE-2025-8262

A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity. It is possible to launch...

7.5CVSS4.9AI score0.007EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/07/25 1:15 p.m.3 views

CVE-2025-38381

In the Linux kernel, the following vulnerability has been resolved: Input: cs40l50-vibra - fix potential NULL dereference in cs40l50uploadowt The cs40l50uploadowt function allocates memory via kmalloc without checking for allocation failure, which could lead to a NULL pointer dereference. Return...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/07/10 5:15 p.m.14 views

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

7.5CVSS6.7AI score0.04409EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2025/07/10 9:15 a.m.3 views

CVE-2025-38339

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline archbpftrampolinesize provides JIT size of the BPF trampoline before the buffer for JIT'ing it is allocated. The total number of instructions emitted for BPF trampoline...

5.5CVSS6.2AI score0.00127EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/06/18 11:15 a.m.3 views

CVE-2022-50097

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the value of 'screensize' is calculated by the user input. If the user provides the improper value, the value of 'screensize' may larger tha...

7.8CVSS6.2AI score0.00164EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/06/18 11:15 a.m.2 views

CVE-2022-50106

In the Linux kernel, the following vulnerability has been resolved: powerpc/cell/axonmsi: Fix refcount leak in setupmsimsgaddress ofgetnextparent returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput in the error path to avoid...

5.5CVSS5.9AI score0.00159EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/06/18 11:15 a.m.4 views

CVE-2022-50047

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6060: prevent crash on an unused port If the port isn't a CPU port nor a user port, 'cpudp' is a null pointer and a crash happened on dereferencing it in mv88e6060setupport: 9.575872 Unable to handle kernel NULL...

5.5CVSS6.2AI score0.00155EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/06/18 10:15 a.m.3 views

CVE-2025-38080

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Increase blocksequence array size Why It's possible to generate more than 50 steps in hwssbuildfastsequence, for example with a 6-pipe asic where all pipes are in one MPC chain. This overflows the blocksequence...

5.5CVSS6.5AI score0.00144EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2025/06/18 10:15 a.m.4 views

CVE-2025-38082

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix potential out-of-bound write If the caller wrote more characters, count is truncated to the max available space in "simplewritetobuffer". Check that the input size does not exceed the buffer size. Write a zero...

7.8CVSS6.7AI score0.00153EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2025/05/20 6:15 p.m.6 views

CVE-2025-37986

In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Invalidate USB device pointers on partner unregistration To avoid using invalid USB device pointers after a Type-C partner disconnects, this patch clears the pointers upon partner unregistration. This ensures a...

5.5CVSS6.3AI score0.00146EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2025/05/20 4:15 p.m.2 views

CVE-2025-37955

In the Linux kernel, the following vulnerability has been resolved: virtio-net: free xskbuffs on error in virtnetxskpoolenable The selftests added to our CI by Bui Quang Minh recently reveals that there is a mem leak on the error path of virtnetxskpoolenable: unreferenced object 0xffff88800a68a00...

5.5CVSS6.4AI score0.00148EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/05/09 7:16 a.m.2 views

CVE-2025-37884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcutaskstrace and eventmutex. Fix the following deadlock: CPU A freeevent perfkprobedestroy mutexlock&eventmutex perftraceeventunreg synchronizercutaskstrace There are several paths where freeevent grabs...

5.5CVSS6.3AI score0.00167EPSS
Exploits0References26
UbuntuCve
UbuntuCve
added 2025/05/08 4:15 p.m.8 views

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

6.1CVSS6AI score0.00202EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/05/08 12:0 a.m.3 views

CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

5.5CVSS6.3AI score0.00149EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/05/02 4:15 p.m.4 views

CVE-2023-53082

In the Linux kernel, the following vulnerability has been resolved: vpvdpa: fix the crash in hot unplug with vpvdpa While unplugging the vpvdpa device, it triggers a kernel panic The root cause is: vdpamgmtdevunregister will accesses modern devices which will cause a use after free. So need to...

7.8CVSS6.3AI score0.00168EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/05/01 3:16 p.m.7 views

CVE-2022-49917

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix WARNING in ipvsappnetcleanup During the initialization of ipvsappnetinit, if file ipvsapp fails to be created, the initialization is successful by default. Therefore, the ipvsapp file doesn't be found during the remove ...

7.8CVSS6.3AI score0.00182EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/05/01 3:16 p.m.2 views

CVE-2022-49885

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int, preventing an overflow and causing subsequent vmalloc to fail. The overflow happens in ghesestatuspoolinit when calculating len duri...

5.5CVSS6.5AI score0.0019EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/05/01 1:15 p.m.2 views

CVE-2025-37758

In the Linux kernel, the following vulnerability has been resolved: ata: patapxa: Fix potential NULL pointer dereference in pxaataprobe devmioremap returns NULL on error. Currently, pxaataprobe does not check for this case, which can result in a NULL pointer dereference. Add NULL check after...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References40
UbuntuCve
UbuntuCve
added 2025/04/27 7:15 p.m.5 views

CVE-2025-2866

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This...

5.5CVSS5.9AI score0.00096EPSS
Exploits0References3
Rows per page
Query Builder