Lucene search
K

32 matches found

UbuntuCve
UbuntuCve
added 2025/11/19 10:16 p.m.6 views

CVE-2025-11001

7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on...

7.8CVSS7.4AI score0.27017EPSS
Exploits11References3
UbuntuCve
UbuntuCve
added 2025/10/28 12:15 p.m.3 views

CVE-2025-40073

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not validate SSPP when it is not ready Current code will validate current plane and previous plane to confirm they can share a SSPP with multi-rect mode. The SSPP is already allocated for previous plane, while current...

5.8AI score0.0017EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/10/27 6:15 p.m.1 views

CVE-2025-61795

Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...

5.3CVSS6.7AI score0.01139EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/10/23 12:15 p.m.3 views

CVE-2025-62400

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information...

6.5CVSS5.9AI score0.00246EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/22 2:15 p.m.4 views

CVE-2023-53698

In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xpalloctxdescs fails, and it can only fail due to not having enough memory,...

6.4AI score0.00195EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/10/20 4:15 p.m.3 views

CVE-2025-40008

In the Linux kernel, the following vulnerability has been resolved: kmsan: fix out-of-bounds access to shadow memory Running sha224kunit on a KMSAN-enabled kernel results in a crash in kmsaninternalsetshadoworigin: BUG: unable to handle page fault for address: ffffbc3840291000 PF: supervisor read...

6.9AI score0.00222EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/10/17 4:15 p.m.3 views

CVE-2025-49655

Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being...

9.8CVSS7.3AI score0.0071EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/15 8:15 a.m.1 views

CVE-2025-39971

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evcconfigqueuesmsg...

6.4AI score0.00193EPSS
Exploits0References34
UbuntuCve
UbuntuCve
added 2025/10/10 11:15 p.m.2 views

CVE-2025-11626

MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service...

5.5CVSS5.9AI score0.0011EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/10/10 10:15 p.m.2 views

CVE-2025-61912

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

6.9CVSS6.3AI score0.00418EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2025/10/07 4:15 p.m.2 views

CVE-2023-53665

In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after exportrdev Except for initial reference, mddev-kobject is referenced by rdev-kobject, and if the last rdev is freed, there is no guarantee that mddev is still valid. Hence mddev should not be use...

5.5CVSS6.2AI score0.00116EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/10/07 4:15 p.m.1 views

CVE-2023-53624

In the Linux kernel, the following vulnerability has been resolved: net/sched: schfq: fix integer overflow of "credit" if schfq is configured with "initial quantum" having values greater than INTMAX, the first assignment of "credit" does signed integer overflow to a very negative value. In this...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/10/07 4:15 p.m.1 views

CVE-2023-53664

In the Linux kernel, the following vulnerability has been resolved: OPP: Fix potential null ptr dereference in devpmoppgetrequiredpstate "opp" pointer is dereferenced before the ISERRORNULL check. Fix it by removing the dereference to cache opptable and dereference it directly where opptable is...

5.5CVSS6.2AI score0.00116EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.1 views

CVE-2023-53554

In the Linux kernel, the following vulnerability has been resolved: staging: ks7010: potential buffer overflow in kswlansetencodeext The "exc-keylen" is a u16 that comes from the user. If it's over IWENCODINGTOKENMAX 64 that could lead to memory corruption...

7.8CVSS6.4AI score0.00169EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.2 views

CVE-2022-50473

In the Linux kernel, the following vulnerability has been resolved: cpufreq: Init completion before kobjectinitandadd In cpufreqpolicyalloc, it will call uninitialed completion in cpufreqsysfsrelease when kobjectinitandadd fails. And that will cause a crash such as the following page fault in...

5.5CVSS6.2AI score0.00146EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.1 views

CVE-2022-50501

In the Linux kernel, the following vulnerability has been resolved: media: coda: Add check for dcodairamalloc As the codairamalloc may return NULL pointer, it should be better to check the return value in order to avoid NULL poineter dereference, same as the others...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.2 views

CVE-2022-50503

In the Linux kernel, the following vulnerability has been resolved: mtd: lpddr2nvm: Fix possible null-ptr-deref It will cause null-ptr-deref when resourcesizeaddrange invoked, if platformgetresource returns NULL...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.2 views

CVE-2023-53560

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers can have referenced variables without having direct variables fields. This can be the case if referenced variables are added for trigg...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.1 views

CVE-2023-53541

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write When the oob buffer length is not in multiple of words, the oob write function does out-of-bounds read on the oob source buffer at the last iteration. Fix th...

7.8CVSS6.3AI score0.00153EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/10/04 4:15 p.m.2 views

CVE-2023-53543

In the Linux kernel, the following vulnerability has been resolved: vdpa: Add max vqp attr to vdpanlpolicy for nlattr length check The vdpanlpolicy structure is used to validate the nlattr when parsing the incoming nlmsg. It will ensure the attribute being described produces a valid nlattr pointe...

7.8CVSS6.6AI score0.00154EPSS
Exploits0References5
Rows per page
Query Builder