Lucene search
K

47 matches found

UbuntuCve
UbuntuCve
added 2025/07/30 2:15 p.m.3 views

CVE-2025-54572

The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the messagemaxbytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64...

6.9CVSS7.1AI score0.00384EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/07/15 7:27 p.m.4 views

CVE-2025-50084

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

4.9CVSS6.3AI score0.00517EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/10 7:42 a.m.4 views

CVE-2025-38306

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of haslockedchildren maydecodefh is calling haslockedchildren while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespacesem and are...

4.7CVSS4.8AI score0.00106EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/07/04 6:2 p.m.4 views

CVE-2025-7067

A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5FSsinfoserializenodecb of the file src/H5FScache.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed ...

5.5CVSS4AI score0.00215EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/07/04 2:15 p.m.12 views

CVE-2025-38215

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix doregisterframebuffer to prevent null-ptr-deref in fbvideomodetovar If fbaddvideomode in doregisterframebuffer fails to allocate memory for fbvideomode, it will later lead to a null-ptr dereference in fbvideomodetovar,...

5.5CVSS6.1AI score0.00137EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2025/06/18 11:15 a.m.4 views

CVE-2022-50078

In the Linux kernel, the following vulnerability has been resolved: tracing/eprobes: Do not allow eprobes to use $stack, or % for regs While playing with event probes eprobes, I tried to see what would happen if I attempted to retrieve the instruction pointer %rip knowing that event probes do not...

5.5CVSS5.9AI score0.00195EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2025/06/17 12:0 a.m.7 views

gimp security update

2:2.99.8-4.2 - fix CVE-2025-5473 RHEL-95700 2:2.99.8-4.1 - fix CVE-2025-48797 RHEL-93521 - fix CVE-2025-48798 RHEL-93522...

7.8CVSS7.3AI score0.10561EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/06/12 11:3 a.m.5 views

CVE-2025-0673

Removed by vendor...

7.5CVSS6AI score0.00515EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2025/05/29 3:15 p.m.4 views

CVE-2024-22653

yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasmsectionbcsappend function at section.c...

4.8CVSS5.9AI score0.00215EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/05/20 6:15 p.m.6 views

CVE-2025-37987

In the Linux kernel, the following vulnerability has been resolved: pdscore: Prevent possible adminq overflow/stuck condition The pdscore's adminq is protected by the adminqlock, which prevents more than 1 command to be posted onto it at any one time. This makes it so the client drivers cannot...

5.5CVSS6.4AI score0.00151EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2025/05/16 3:15 p.m.10 views

CVE-2025-47792

Nextcloud Desktop is the desktop sync client for Nextcloud. In versions of Nextcloud Desktop prior to 3.15, 3rdparty applications already installed on a user machine can create link shares for almost all data via the socket API. These shares can then be easily sent off to an external service...

6.1CVSS5.9AI score0.00152EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/05/13 9:16 p.m.5 views

CVE-2025-20623

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some IntelR Core™ processors 10th Generation may allow an authenticated user to potentially enable information disclosure via local access...

5.7CVSS7AI score0.00147EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/05/09 7:16 a.m.14 views

CVE-2025-37874

In the Linux kernel, the following vulnerability has been resolved: net: ngbe: fix memory leak in ngbeprobe error path When ngbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in ngbeprobe function, the subsequent error paths after ngbeswinit don't free the rsskey. F...

5.5CVSS6.5AI score0.00235EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2025/05/08 12:0 a.m.7 views

CVE-2025-37825

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix out-of-bounds access in nvmetenableport When trying to enable a port that has no transport configured yet, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, causing an out-of-bounds access: 106.0586...

7.1CVSS6.3AI score0.00142EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/05/02 4:15 p.m.2 views

CVE-2023-53047

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession after sess-sessmask is set, and before setting:...

4.7CVSS6.3AI score0.00115EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/05/01 2:9 p.m.8 views

CVE-2022-49844

In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 "can: skb: drop tx skb if in listen only mode" the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the struct canpriv at startup. This...

7.1CVSS5.6AI score0.00153EPSS
Exploits0
Chainguard
Chainguard
added 2025/05/01 7:14 a.m.5 views

GHSA-W6XH-C82W-H997 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

7.5AI score
Exploits0
Debian CVE
Debian CVE
added 2025/04/18 7:1 a.m.7 views

CVE-2025-39778

In the Linux kernel, the following vulnerability has been resolved: objtool, nvmet: Fix out-of-bounds stack access in nvmetctrlstateshow The cstsstatenames array only has six sparse entries, but the iteration code in nvmetctrlstateshow iterates seven, resulting in a potential out-of-bounds stack...

7.1CVSS6.1AI score0.00206EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/04/16 2:12 p.m.8 views

CVE-2025-22073

In the Linux kernel, the following vulnerability has been resolved: spufs: fix a leak on spufsnewfile failure It's called from spufsfilldir, and caller of that will do spufsrmdir in case of failure. That does remove everything we'd managed to create, but... the problem dentry is still negative...

5.5CVSS5.6AI score0.00174EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/04/14 2:15 p.m.13 views

CVE-2025-32908

A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service DoS...

7.5CVSS7AI score0.00532EPSS
Exploits0References6
Rows per page
Query Builder