Lucene search
+L
AlpinelinuxRecent

13061 matches found

AlpineLinux
AlpineLinux
•added 2025/10/10 10:11 p.m.•20 views

CVE-2025-52885

Poppler ia a library for rendering PDF files, and examining or modifying their structure. A use-after-free write vulnerability has been detected in versions Poppler prior to 25.10.0 within the StructTreeRoot class. The issue arises from the use of raw pointers to elements of a std::vector, which...

8.6CVSS6.7AI score0.00159EPSS
Exploits0References4
AlpineLinux
AlpineLinux
•added 2025/10/10 10:4 p.m.•2 views

CVE-2025-61912

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

6.9CVSS6.6AI score0.00427EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/10 10:2 p.m.•4 views

CVE-2025-61911

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...

6.9CVSS6.6AI score0.00301EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/08 8:15 p.m.•11 views

CVE-2025-11495

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elfx8664relocatesection of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclos...

5.5CVSS4.6AI score0.0022EPSS
Exploits1References8
AlpineLinux
AlpineLinux
•added 2025/10/08 8:15 p.m.•32 views

CVE-2025-11494

A vulnerability was found in GNU Binutils 2.45. Impacted is the function bfdx86elflatesizesections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Th...

5.5CVSS6.5AI score0.00198EPSS
Exploits1References8
AlpineLinux
AlpineLinux
•added 2025/10/08 2:55 p.m.•7 views

CVE-2025-61672

Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...

5.3CVSS7AI score0.00434EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/08 12:59 a.m.•6 views

CVE-2025-61787

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions prior to 2.5.3 and 2.2.15 are vulnerable to Command Line Injection attacks on Windows when batch files are executed. In Windows, CreateProcess always implicitly spawns cmd.exe if a batch file .bat, .cmd, etc. is being executed ev...

8.1CVSS7.8AI score0.02084EPSS
Exploits1References5
AlpineLinux
AlpineLinux
•added 2025/10/08 12:49 a.m.•4 views

CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

3.3CVSS6.6AI score0.00182EPSS
Exploits1References5
AlpineLinux
AlpineLinux
•added 2025/10/08 12:37 a.m.•8 views

CVE-2025-61785

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtim...

3.3CVSS6.7AI score0.00184EPSS
Exploits1References5
AlpineLinux
AlpineLinux
•added 2025/10/07 11:15 p.m.•4 views

CVE-2025-11414

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function getlinkhashentry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and...

5.5CVSS6.6AI score0.00189EPSS
Exploits1References7
AlpineLinux
AlpineLinux
•added 2025/10/07 10:15 p.m.•3 views

CVE-2025-11412

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfdelfgcrecordvtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and...

5.5CVSS7AI score0.00189EPSS
Exploits1References7
AlpineLinux
AlpineLinux
•added 2025/10/07 10:15 p.m.•9 views

CVE-2025-11413

A vulnerability was found in GNU Binutils 2.45. Affected is the function elflinkaddobjectsymbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used...

5.5CVSS6.5AI score0.00203EPSS
Exploits1References8
AlpineLinux
AlpineLinux
•added 2025/10/07 9:15 p.m.•8 views

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

3.3CVSS7AI score0.00164EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2025/10/07 9:15 p.m.•6 views

CVE-2025-62186

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary commands when playing audio because of URL scheme mishandling...

7.8CVSS7.6AI score0.00132EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2025/10/07 9:15 p.m.•5 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

7.8CVSS6.8AI score0.0014EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2025/10/06 8:9 a.m.•8 views

CVE-2025-59734

It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion storedframe. Stored frames can later be referenced by FTCH chunks. For files using subversion storedframe. Leaving ctx-hasdimensions set to false. A subsequent chunk with type...

8.7CVSS7.1AI score0.00167EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 8:9 a.m.•12 views

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS7.3AI score0.00171EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 8:9 a.m.•4 views

CVE-2025-59732

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...

8.7CVSS7.2AI score0.00155EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 8:9 a.m.•4 views

CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS7.1AI score0.0016EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 8:9 a.m.•5 views

CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS7.1AI score0.00149EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 8:8 a.m.•6 views

CVE-2025-59729

When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before the start of the allocated buffer. If we load a DHAV file that is larger than MAXDURATIONBUFFERSIZE bytes 0x100000 for example 0x101000 bytes, then at 0 we ha...

5.7CVSS7AI score0.00149EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 8:8 a.m.•6 views

CVE-2025-59728

When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...

8.7CVSS7.2AI score0.00172EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/06 12:0 a.m.•21 views

CVE-2025-61984

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. A configuration...

3.6CVSS7.8AI score0.00284EPSS
Exploits2References9
AlpineLinux
AlpineLinux
•added 2025/10/06 12:0 a.m.•13 views

CVE-2025-61985

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used...

3.6CVSS7.6AI score0.00118EPSS
Exploits0References4
AlpineLinux
AlpineLinux
•added 2025/10/05 1:32 a.m.•3 views

CVE-2025-11277

A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched locally. The exploit...

7.8CVSS5.8AI score0.00222EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/05 12:32 a.m.•3 views

CVE-2025-11275

A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. Such manipulation leads to heap-based buffer overflow. The...

7.8CVSS7.1AI score0.00225EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/05 12:2 a.m.•10 views

CVE-2025-11274

A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack is restricted to local execution. The exploit has been...

5.5CVSS6.5AI score0.00188EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/04 12:0 a.m.•6 views

CVE-2025-61962

In fetchmail before 6.5.6, the SMTP client can crash when authenticating upon receiving a 334 status code in a malformed context...

5.9CVSS7.2AI score0.00384EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/03 7:27 p.m.•6 views

CVE-2025-49844

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all...

9.9CVSS7.7AI score0.86767EPSS
Exploits14References5
AlpineLinux
AlpineLinux
•added 2025/10/03 7:12 p.m.•5 views

CVE-2025-46819

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted LUA script to read out-of-bound data or crash the server and subsequent denial of service. The problem exists in all versions of Redis with Lua...

7.1CVSS6.4AI score0.01023EPSS
Exploits0References5
AlpineLinux
AlpineLinux
•added 2025/10/03 6:38 p.m.•2 views

CVE-2025-46818

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate different LUA objects and potentially run their own code in the context of another user. The problem exists in all versions o...

7.3CVSS6.7AI score0.00701EPSS
Exploits0References3
AlpineLinux
AlpineLinux
•added 2025/10/03 5:52 p.m.•2 views

CVE-2025-46817

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting...

8.8CVSS7.9AI score0.03692EPSS
Exploits1References3
AlpineLinux
AlpineLinux
•added 2025/10/03 12:15 p.m.•39 views

CVE-2025-49641

A regular Zabbix user with no permission to the Monitoring - Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems...

5.1CVSS6.8AI score0.00274EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2025/10/03 12:15 p.m.•4 views

CVE-2025-27236

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...

6.5CVSS6.9AI score0.0035EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2025/10/03 12:15 p.m.•5 views

CVE-2025-27237

In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL...

7.3CVSS7AI score0.00325EPSS
Exploits2References1
AlpineLinux
AlpineLinux
•added 2025/10/03 12:15 p.m.•4 views

CVE-2025-27231

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change...

4.9CVSS6.8AI score0.00387EPSS
Exploits0References1
AlpineLinux
AlpineLinux
•added 2025/10/02 10:43 a.m.•4 views

CVE-2025-54293

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links...

7.1CVSS6AI score0.00541EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 9:25 a.m.•4 views

CVE-2025-54291

Information disclosure in images API in Canonical LXD before 6.5 and 5.21.4 on all platforms allows unauthenticated remote attackers to determine project existence via differing HTTP status code responses...

6.9CVSS6.9AI score0.0036EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 9:24 a.m.•4 views

CVE-2025-54290

Information disclosure in image export API in Canonical LXD before 6.5 and 5.21.4 on Linux allows network attackers to determine project existence without authentication via crafted requests using wildcard fingerprints...

6.9CVSS6.5AI score0.00317EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 9:23 a.m.•5 views

CVE-2025-54289

Privilege Escalation in operations API in Canonical LXD 6.5 on multiple platforms allows attacker with read permissions to hijack terminal or console sessions and execute arbitrary commands via WebSocket connection hijacking format...

8.1CVSS7.3AI score0.00193EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 9:20 a.m.•6 views

CVE-2025-54288

Information Spoofing in devLXD Server in Canonical LXD versions 4.0 and above on Linux container platforms allows attackers with root privileges within any container to impersonate other containers and obtain their metadata, configuration, and device information via spoofed process names in the...

6.8CVSS6.5AI score0.00326EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 9:16 a.m.•6 views

CVE-2025-54287

Template Injection in instance snapshot creation component in Canonical LXD = 4.0 allows an attacker with instance configuration permissions to read arbitrary files on the host system via specially crafted snapshot pattern templates using the Pongo2 template engine...

7.1CVSS7.2AI score0.00342EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 9:12 a.m.•3 views

CVE-2025-54286

Cross-Site Request Forgery CSRF in LXD-UI in Canonical LXD versions = 5.0 on Linux allows an attacker to create and start container instances without user consent via crafted HTML form submissions exploiting client certificate authentication...

8.8CVSS6.8AI score0.00119EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/02 12:0 a.m.•10 views

CVE-2025-49090

The Matrix specification before 1.16 i.e., with a room version before 12 and State Resolution before 2.1 has deficient state resolution...

7.1CVSS7.2AI score0.00424EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/01 8:23 p.m.•9 views

CVE-2025-59150

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Version 8.0.0's usage of the tls.subjectaltname keyword can lead to a segmentation fault when the decoded subjectaltname contains a NULL byte. This issue is fixed i...

7.5CVSS6.7AI score0.00492EPSS
Exploits1
AlpineLinux
AlpineLinux
•added 2025/10/01 8:7 p.m.•18 views

CVE-2025-59149

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...

6.2CVSS7.2AI score0.00189EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/01 7:51 p.m.•3 views

CVE-2025-59148

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 8.0.0 and below incorrectly handle the entropy keyword when not anchored to a "sticky" buffer, which can lead to a segmentation fault. This issue is fixed ...

7.5CVSS6.7AI score0.00404EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/01 7:27 p.m.•10 views

CVE-2025-59147

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. Versions 7.0.11 and below, as well as 8.0.0, are vulnerable to detection bypass when crafted traffic sends multiple SYN packets with different sequence numbers with...

7.5CVSS6.8AI score0.00344EPSS
Exploits0
AlpineLinux
AlpineLinux
•added 2025/10/01 7:15 p.m.•13 views

CVE-2025-43718

Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata such as GTSPDFEVersion of a PDF document, e.g., a regular expression for a long pdfsubver string. This occurs in Dict::lookup, Catalog::getMetadata, and associated...

2.9CVSS7AI score0.00124EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2025/10/01 12:0 a.m.•9 views

CVE-2025-59682

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...

6.5CVSS6.9AI score0.0085EPSS
Exploits0
Total number of security vulnerabilities13061