Lucene search
+L
AlpinelinuxRecent

13061 matches found

AlpineLinux
AlpineLinux
added 2025/12/01 12:55 p.m.6 views

CVE-2025-27232

An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss...

6.8CVSS6.8AI score0.00311EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/29 2:28 a.m.4 views

CVE-2025-66221

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory...

6.3CVSS5.8AI score0.00474EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/29 2:15 a.m.4 views

CVE-2025-58436

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue...

5.5CVSS6.9AI score0.00195EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/11/29 2:15 a.m.3 views

CVE-2025-61915

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config a...

6.7CVSS6.9AI score0.00409EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/11/26 11:5 p.m.5 views

CVE-2025-64344

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected wh...

7.5CVSS7AI score0.00313EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 11:3 p.m.9 views

CVE-2025-64330

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires t...

7.5CVSS7AI score0.00327EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 11:0 p.m.4 views

CVE-2025-64331

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow can occur on large HTTP file transfers if the user has increased the HTTP response body limit and enabled the...

7.5CVSS7AI score0.00284EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 10:59 p.m.17 views

CVE-2025-64332

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in version...

7.5CVSS7AI score0.00327EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 10:57 p.m.4 views

CVE-2025-64333

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions...

7.5CVSS6.8AI score0.00284EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 10:39 p.m.3 views

CVE-2025-64335

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64data. This issue has been patched in...

7.5CVSS6.8AI score0.00367EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 10:39 p.m.4 views

CVE-2025-64334

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In versions from 8.0.0 to before 8.0.2, compressed HTTP data can lead to unbounded memory growth during decompression. This issue has been patched in version 8.0.2....

7.5CVSS6.8AI score0.00313EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 10:34 p.m.4 views

CVE-2025-40934

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are omitted. An attacker can remove the signature from the XML document to make it pass the verification check. XML-Sig is a Perl module to validate signatures on XML files. An unsigned XML file should retur...

9.3CVSS6.9AI score0.00146EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/26 5:33 p.m.7 views

CVE-2025-2486

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in Secure Boot environments, possibly allowing bypass of Secure Boot constraints. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some previous versions inserted a secure-boot-based...

8.8CVSS7AI score0.00256EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/11/26 11:33 a.m.3 views

CVE-2025-13674

BPv7 dissector crash in Wireshark 4.6.0 allows denial of service...

5.5CVSS6.8AI score0.00098EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/26 12:0 a.m.5 views

CVE-2025-59820

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer overflow in plugins/impex/tga/kistgaimport.cpp aka KisTgaImport. Control flow proceeds even when a number of pixels becomes negative...

6.7CVSS7.4AI score0.00184EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/11/26 12:0 a.m.2 views

CVE-2025-63938

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the stripreturnport function within src/reqs.c...

6.5CVSS7.3AI score0.00234EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2025/11/25 11:15 p.m.5 views

CVE-2025-64713

WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, an out-of-bounds array access issue exists in WAMR's fast interpreter mode during WASM bytecode loading. When framerefbottom and frameoffsetbottom arrays are at capacity and a GETGLOBALI32...

7.4CVSS6.9AI score0.0029EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/11/25 11:15 p.m.8 views

CVE-2025-64704

WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. Prior to version 2.4.4, WAMR is susceptible to a segmentation fault in v128.store instruction. This issue has been patched in version 2.4.4...

5.5CVSS6.8AI score0.00164EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/11/25 7:36 p.m.5 views

CVE-2025-65965

Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting versions 0.68.0 through 0.104.0. If registry credentials are defined and the output of grype is written using the --file or --output json= option, the registr...

8.2CVSS6.6AI score0.00133EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/25 1:15 a.m.4 views

CVE-2025-64761

OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...

7.5CVSS6.8AI score0.00322EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2025/11/24 11:50 p.m.10 views

CVE-2025-65018

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function pngimagefinishread when processing...

7.1CVSS7.3AI score0.00229EPSS
Exploits4References5
AlpineLinux
AlpineLinux
added 2025/11/24 11:45 p.m.13 views

CVE-2025-64720

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in pngimagereadcomposite when processing palette images with PNGFLAGOPTIMIZEALP...

7.1CVSS7AI score0.0036EPSS
Exploits4References4
AlpineLinux
AlpineLinux
added 2025/11/24 11:41 p.m.12 views

CVE-2025-64506

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From version 1.6.0 to before 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngwriteimage8bit function when processing 8-bit images through t...

6.1CVSS7.3AI score0.00121EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2025/11/24 11:38 p.m.6 views

CVE-2025-64505

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...

6.1CVSS7.2AI score0.00188EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.5 views

CVE-2025-65494

NULL pointer dereference in getsanorcnfromcert in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted X.509 certificate that causes skGENERALNAMEvalue to return NULL...

7.5CVSS6.3AI score0.00219EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.5 views

CVE-2025-65499

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS6.4AI score0.00231EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.4 views

CVE-2025-65493

NULL pointer dereference in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIOgetdata to return NULL...

7.5CVSS6.3AI score0.00338EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.3 views

CVE-2025-65498

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

4.3CVSS6.3AI score0.00231EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.4 views

CVE-2025-65496

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

4.3CVSS6.3AI score0.00231EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.4 views

CVE-2025-65497

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

4.3CVSS6.3AI score0.00231EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.7 views

CVE-2025-65495

Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...

7.5CVSS6.3AI score0.00219EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.5 views

CVE-2025-65500

NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetSSLCTX to return NULL...

4.3CVSS6.3AI score0.00231EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.19 views

CVE-2025-65501

Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...

4.3CVSS6.4AI score0.00231EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/23 7:32 p.m.4 views

CVE-2025-13566

A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function showcontentinfloatingwindow/runcmdasplugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be approached locally. The identifier of the patch is...

4.8CVSS7.1AI score0.00119EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2025/11/21 11:6 p.m.4 views

CVE-2025-12889

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...

5.4CVSS6.8AI score0.00127EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 11:1 p.m.6 views

CVE-2025-11932

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder...

4.3CVSS6.6AI score0.00245EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 10:57 p.m.4 views

CVE-2025-11931

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wcXChaCha20Poly1305Decrypt which is not used with TLS connections, only from direct calls from an application...

8.2CVSS6.9AI score0.00303EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 10:50 p.m.4 views

CVE-2025-12888

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of...

7.5CVSS6.8AI score0.00274EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 10:24 p.m.6 views

CVE-2025-11936

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...

6.3CVSS6.9AI score0.00408EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 10:19 p.m.7 views

CVE-2025-11933

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...

6.5CVSS6.8AI score0.00403EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 10:12 p.m.5 views

CVE-2025-11934

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...

2.7CVSS6.7AI score0.0015EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 10:4 p.m.5 views

CVE-2025-11935

With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing pskdheke without a keyshare...

7.5CVSS6.7AI score0.00204EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/21 9:36 p.m.18 views

CVE-2025-65102

PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may be less than that. This issue affects PJSIP users who use the Opus audio...

8.7CVSS7AI score0.00279EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/21 5:15 p.m.5 views

CVE-2025-13470

In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key PKESK packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release...

8.7CVSS7.1AI score0.00274EPSS
Exploits0References9
AlpineLinux
AlpineLinux
added 2025/11/21 6:3 a.m.3 views

CVE-2025-13499

Kafka dissector crash in Wireshark 4.6.0 and 4.4.0 to 4.4.10 allows denial of service...

7.8CVSS6.5AI score0.00103EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/11/20 6:5 p.m.3 views

CVE-2025-64524

cups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. In versions 2.0.1 and prior, a heap-buffer-overflow vulnerability in the rastertopclx filter causes the program to crash with a segmentation fault...

5.5CVSS7.8AI score0.00185EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2025/11/20 4:39 p.m.2 views

CVE-2025-12121

Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which allowed arbitrary command execution through unsanitized shell command construction. This function was used in project directory launching core.lua, drag-and-drop file handling rootview.lua, and the “open i...

7.3CVSS7.8AI score0.00341EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2025/11/20 4:38 p.m.7 views

CVE-2025-12120

Lite XL versions 2.1.8 and prior automatically execute the .liteproject.lua file when opening a project directory, without prompting the user for confirmation. The .liteproject.lua file is intended for project-specific configuration but can contain executable Lua logic. This behavior could allow...

7.3CVSS7.9AI score0.00326EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2025/11/19 8:33 p.m.7 views

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

5.3CVSS5.3AI score0.00484EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2025/11/19 8:33 p.m.3 views

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

5.3CVSS5.5AI score0.00533EPSS
Exploits0
Total number of security vulnerabilities13061