Lucene search
K

341 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-19251

Malware in sbrugna...

9.8CVSS9.2AI score0.02566EPSS
Exploits0References11
AlpineLinux
AlpineLinux
added 2025/09/18 6:41 p.m.3 views

CVE-2025-47906

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

6.5CVSS6.2AI score0.00489EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/08/05 5:15 p.m.5 views

CVE-2025-8585

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been...

5.3CVSS5.6AI score0.00211EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2025/08/03 2:15 a.m.6 views

CVE-2025-54349

In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow...

10CVSS6.4AI score0.00381EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/08/02 10:15 p.m.6 views

CVE-2025-23286

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure...

4.4CVSS5.9AI score0.00139EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/08/01 6:15 p.m.3 views

CVE-2025-49832

Asterisk is an open source private branch exchange and telephony toolkit. In versions up to and including 18.26.2, between 20.00.0 and 20.15.0, 20.7-cert6, 21.00.0, 22.00.0 through 22.5.0, there is a remote DoS and possible RCE condition in asterisk/res/resstirshaken /verification.c that can be...

6.5CVSS6AI score0.00446EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38462

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transportg2h,h2g TOCTOU vsockfindcid and vsockdevdoioctl may race with module unload. transportg2h,h2g may become NULL after the NULL check. Introduce vsocktransportlocalcid to protect from a potential null-ptr-deref...

4.7CVSS6.3AI score0.00112EPSS
Exploits0References40
UbuntuCve
UbuntuCve
added 2025/07/25 3:15 p.m.1 views

CVE-2025-38421

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead to a double free when unloading amd-pmf. This is because dev-buf was freed but never set to NULL and is again...

7.8CVSS6.6AI score0.00155EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/07/25 3:15 p.m.4 views

CVE-2025-38430

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure...

5.5CVSS6.3AI score0.00174EPSS
Exploits0References41
UbuntuCve
UbuntuCve
added 2025/07/25 2:15 p.m.2 views

CVE-2025-38405

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak of bio integrity If nvmet receives commands with metadata there is a continuous memory leak of kmalloc-128 slab or more precisely bio-biintegrity. Since commit bf4c89fc8797 "block: don't call biouninit from...

5.5CVSS5.9AI score0.00154EPSS
Exploits0References27
UbuntuCve
UbuntuCve
added 2025/07/25 2:15 p.m.4 views

CVE-2025-38404

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of crostypecaltmodedata::mutex. The call chain is as follows: 1. crostypecaltmodework acquires the mutex 2. typecaltmodevd...

5.5CVSS6.2AI score0.00129EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38396

In the Linux kernel, the following vulnerability has been resolved: fs: export anoninodemakesecureinode and fix secretmem LSM bypass Export anoninodemakesecureinode to allow KVM guestmemfd to create anonymous inodes with proper security context. This replaces the current pattern of calling...

7.8CVSS6.3AI score0.00163EPSS
Exploits0References29
UbuntuCve
UbuntuCve
added 2025/07/25 1:15 p.m.3 views

CVE-2025-38357

In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncatefoliobatchexceptionals The WARNONONCE is introduced on truncatefoliobatchexceptionals to capture whether the filesystem has removed all DAX entries or not. And the fix has been applied on the...

7.8CVSS6.2AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/25 1:15 p.m.2 views

CVE-2025-38398

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: reallocate BAM transactions Using the mtdnandbiterrs module for testing the driver occasionally results in weird things like below. 1. swiotlb mapping fails with the following message: 85.926216 qcomsnand...

5.5CVSS6.1AI score0.00129EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/07/20 3:15 a.m.3 views

CVE-2025-54314

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."...

2.8CVSS7.1AI score0.00155EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/18 5:15 p.m.8 views

CVE-2025-7783

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 -...

9.4CVSS6.8AI score0.01735EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/07/16 1:15 p.m.4 views

CVE-2025-40923

Plack-Middleware-Session before version 0.35 for Perl generates session ids insecurely. The default session id generator returns a SHA-1 hash seeded with the built-in rand function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if i...

7.3CVSS5.8AI score0.00329EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/07/15 9:15 p.m.9 views

CVE-2025-53906

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS6.9AI score0.00731EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/07/15 12:0 a.m.8 views

CVE-2025-6965

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above...

9.8CVSS6.8AI score0.73495EPSS
Exploits3References3
UbuntuCve
UbuntuCve
added 2025/07/14 8:15 p.m.6 views

CVE-2025-53019

ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's magick stream command, specifying multiple consecutive %d format specifiers in a filename template causes a memory leak. Versions 7.1.2-0 and...

7.5CVSS5.9AI score0.00466EPSS
Exploits0References3
Rows per page
Query Builder