Lucene search
K

24 matches found

AlpineLinux
AlpineLinux
added 2025/07/29 9:19 p.m.1 views

CVE-2025-4674

The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contains metadata for another VCS e.g. Mercurial...

8.6CVSS6.9AI score0.00273EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/07/23 7:15 p.m.2 views

CVE-2025-46686

Redis through 8.0.3 allows memory consumption via a multi-bulk command composed of many bulks, sent by an authenticated user. This occurs because the server allocates memory for the command arguments of every bulk, even when the command is skipped because of insufficient permissions. NOTE: this i...

3.5CVSS5.9AI score0.00263EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/10 9:15 a.m.3 views

CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was rounded up to the allocation size...

7.1CVSS6.5AI score0.00139EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/07/10 9:15 a.m.3 views

CVE-2025-38343

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities suc...

5.5CVSS6.5AI score0.00145EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/07/10 8:15 a.m.2 views

CVE-2025-38269

In the Linux kernel, the following vulnerability has been resolved: btrfs: exit after state insertion failure at btrfsconvertextentbit If insertstate state failed it returns an error pointer and we call extentiotreepanic which will trigger a BUG call. However if CONFIGBUG is disabled, which is an...

5.5CVSS6AI score0.00154EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.3 views

CVE-2025-38202

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld in bpfmaplookuppercpuelem bpfmaplookuppercpuelem helper is also available for sleepable bpf program. When BPF JIT is disabled or under 32-bit host, bpfmaplookuppercpuelem will not be inlined. Using...

5.5CVSS6.1AI score0.00147EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.4 views

CVE-2025-38192

In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol A not-so-careful NAT46 BPF program can crash the kernel if it indiscriminately flips ingress packets from v4 to v6: BUG: kernel NULL pointer dereference, address: 0000000000000000...

5.5CVSS6.2AI score0.00148EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2025/06/26 12:0 a.m.9 views

CVE-2024-6174

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

8.8CVSS5.9AI score0.00203EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/06/23 5:15 p.m.3 views

CVE-2025-52969

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/06/18 11:15 a.m.2 views

CVE-2022-50001

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttproxy: restrict to prerouting hook TPROXY is only allowed from prerouting, but nfttproxy doesn't check this. This fixes a crash null dereference when using tproxy from e.g. output...

5.5CVSS5.9AI score0.00156EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/06/18 10:15 a.m.2 views

CVE-2025-38048

In the Linux kernel, the following vulnerability has been resolved: virtioring: Fix data race by tagging eventtriggered as racy for KCSAN syzbot reports a data-race when accessing the eventtriggered, here is the simplified stack when the issue occurred:...

4.7CVSS6.3AI score0.00112EPSS
Exploits0References39
UbuntuCve
UbuntuCve
added 2025/06/18 10:15 a.m.2 views

CVE-2025-38036

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Perform early GT MMIO initialization to read GMDID VFs need to communicate with the GuC to obtain the GMDID value and existing GuC functions used for that assume that the GT has it's MMIO members already setup. However...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.8 views

CVE-2022-49497

In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.10 views

CVE-2022-49565

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. 7763.384369 unchecked MSR access error: WRMSR to 0x689 tried to write 0x1fffffff8101349e at rIP: 0xffffffff810704a4...

5.5CVSS6.3AI score0.00209EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.10 views

CVE-2022-49288

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no protection against concurrent PCM buffer preallocation changes via proc files, and it may potentially lead to UAF or some weird problem. This patch applies the...

7.8CVSS6.3AI score0.00267EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.8 views

CVE-2022-49365

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Off by one in dmdmuboutbox1lowirq The ARRAYSIZE should be = ARRAYSIZE to prevent an out of bounds access...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.10 views

CVE-2022-49340

In the Linux kernel, the following vulnerability has been resolved: ipgre: test csumstart instead of transport header GRE with TUNNELCSUM will apply local checksum offload on CHECKSUMPARTIAL packets. ipgrexmit must validate csumstart after an optional skbpull, else lcocsum may trigger an overflow...

5.5CVSS6.3AI score0.00267EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2024/12/12 12:0 a.m.13 views

CVE-2024-47603

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gstmatroskademuxupdatetracks function within matroska-demux.c. The vulnerability occurs when the gstcapsisequal function is called with invalid caps...

7.5CVSS6.5AI score0.00848EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/11/07 10:15 a.m.7 views

CVE-2024-50156

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in msmdispstatedumpregs failed then block-state can be NULL. The msmdispstateprintregs function does have code to try to handle it with: if reg dumpaddr =...

5.5CVSS6.4AI score0.00216EPSS
Exploits0References33
UbuntuCve
UbuntuCve
added 2024/10/21 8:15 p.m.8 views

CVE-2022-48954

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix use-after-free in hsci KASAN found that addr was dereferenced after br2deveventwork was freed. ================================================================== BUG: KASAN: use-after-free in...

7.8CVSS6.6AI score0.00238EPSS
Exploits0References5
Rows per page
Query Builder