Lucene search
K

21761 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:32 a.m.•4 views

parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called.

...

5.5CVSS7AI score0.00219EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:32 a.m.•3 views

rxrpc: Fix oops due to non-existence of prealloc backlog struct

...

5.5CVSS6.8AI score0.00148EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:31 a.m.•3 views

soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled

...

5.5CVSS7AI score0.0015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:31 a.m.•6 views

Command 'go get' may unexpectedly fallback to insecure git in cmd/go

...

7.5CVSS9.3AI score0.01137EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:30 a.m.•6 views

vfio/pci: Create persistent INTx handler

...

5.5CVSS7AI score0.0024EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:27 a.m.•5 views

net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime

...

5.5CVSS7AI score0.00161EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:25 a.m.•3 views

dm-bufio: fix sched in atomic context

...

5.5CVSS7AI score0.00139EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:23 a.m.•4 views

rxrpc: Fix bug due to prealloc collision

...

5.5CVSS7AI score0.00135EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:21 a.m.•4 views

comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large

...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:21 a.m.•3 views

wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()

...

5.5CVSS6.8AI score0.00149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:16 a.m.•3 views

PCI/ASPM: Fix link state exit during switch upstream function removal

...

7.8CVSS6.8AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:16 a.m.•6 views

rxrpc: Fix recv-recv race of completed call

...

4.7CVSS7AI score0.00104EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:15 a.m.•5 views

bpf: copy_verifier_state() should copy 'loop_entry' field

...

7.8CVSS7.4AI score0.00143EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:14 a.m.•4 views

Panic on large handshake records in crypto/tls

...

7.5CVSS7AI score0.01111EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:14 a.m.•4 views

HID: core: ensure the allocated report buffer can contain the reserved report ID

...

5.5CVSS7AI score0.00198EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:12 a.m.•2 views

tracing: Add down_write(trace_event_sem) when adding trace event

...

5.5CVSS6.8AI score0.00149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:12 a.m.•5 views

Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service

...

7.5CVSS7AI score0.01677EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:11 a.m.•2 views

HID: core: do not bypass hid_hw_raw_request

...

7.8CVSS7AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:9 a.m.•5 views

Incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http

...

4.3CVSS7AI score0.0108EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:9 a.m.•5 views

HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow

...

7.8CVSS7AI score0.00361EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:9 a.m.•5 views

ksmbd: fix use-after-free in __smb2_lease_break_noti()

...

7.8CVSS6.8AI score0.00153EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:7 a.m.•5 views

kasan: remove kasan_find_vm_area() to prevent possible deadlock

...

5.5CVSS7AI score0.00137EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:7 a.m.•3 views

net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree

...

5.5CVSS7AI score0.00162EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:4 a.m.•3 views

Potential iSCSI R2T PDU Vulnerability

...

3.5CVSS7AI score0.00226EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:3 a.m.•3 views

net/sched: sch_qfq: Fix race condition on qfq_aggregate

...

4.7CVSS7AI score0.00115EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:2 a.m.•3 views

netfilter: nf_tables: reject duplicate device on updates

...

6CVSS7AI score0.00202EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:1 a.m.•7 views

firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info)

...

7.1CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 8:0 a.m.•2 views

rseq: Fix segfault on registration when rseq_cs is non-zero

...

5.5CVSS6.8AI score0.00467EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:58 a.m.•3 views

bpf: Fix oob access in cgroup local storage

...

7.1CVSS6.8AI score0.00146EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:57 a.m.•6 views

net: appletalk: Fix device refcount leak in atrtr_create()

...

5.5CVSS6.8AI score0.00148EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:57 a.m.•7 views

firmware: cs_dsp: Fix OOB memory read access in KUnit test

...

7.1CVSS7AI score0.00139EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:56 a.m.•3 views

Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c

...

6.5CVSS7AI score0.00729EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:55 a.m.•6 views

Incorrect detection of reserved device names on Windows in path/filepath

...

5.3CVSS9.3AI score0.00903EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:53 a.m.•4 views

btrfs: fix assertion when building free space tree

...

5.5CVSS6.8AI score0.00136EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:53 a.m.•5 views

blk-mq: fix IO hang from sbitmap wakeup race

...

4.7CVSS7AI score0.00186EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:53 a.m.•3 views

comedi: Fix use of uninitialized data in insn_rw_emulate_bits()

...

5.5CVSS7AI score0.00158EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:52 a.m.•4 views

block: fix race between set_blocksize and read paths

...

5.8CVSS6.8AI score0.00011EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:51 a.m.•2 views

hwmon: (corsair-cpro) Validate the size of the received input buffer

...

7.8CVSS6.8AI score0.00153EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:50 a.m.•10 views

tracing: Ensure visibility when inserting an element into tracing_map

...

5.5CVSS7AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:47 a.m.•5 views

Errors returned from JSON marshaling may break template escaping in html/template

...

5.4CVSS7AI score0.00795EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:47 a.m.•3 views

ice: add NULL check in eswitch lag check

...

5.5CVSS6.9AI score0.00145EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:44 a.m.•4 views

atm: clip: Fix memory leak of struct clip_vcc.

...

5.5CVSS6.8AI score0.00149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:44 a.m.•2 views

netfilter: nf_conntrack: fix crash due to removal of uninitialised entry

...

6.3CVSS6.8AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:41 a.m.•3 views

HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras

...

5.5CVSS6.8AI score0.00149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:40 a.m.•4 views

ping in iputils before 20250602 allows a denial of service (application error in adaptive ping mode or incorrect data collection) via a crafted ICMP Echo Reply packet, because a zero timestamp can lead to large intermediate values that have an integer overflow when squared during statistics calculations. NOTE: this issue exists because of an incomplete fix for CVE-2025-47268 (that fix was only about timestamp calculations, and it did not account for a specific scenario where the original timestamp in the ICMP payload is zero).

...

6.5CVSS7AI score0.01344EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:39 a.m.•5 views

GNU Binutils ld elf-eh-frame.c _bfd_elf_write_section_eh_frame memory corruption

...

3.1CVSS7AI score0.00644EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:39 a.m.•6 views

Improper handling of empty HTML attributes in html/template

...

7.3CVSS9.3AI score0.01037EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:38 a.m.•4 views

In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.

...

5.5CVSS7AI score0.00254EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:35 a.m.•1 views

ipv6: mcast: Delay put pmc->idev in mld_del_delrec()

...

7.8CVSS6.8AI score0.00144EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 7:32 a.m.•5 views

A flaw in Node.js 20's HTTP parser allows improper termination of HTTP/1 headers using `\r\n\rX` instead of the required `\r\n\r\n`. This inconsistency enables request smuggling, allowing attackers to bypass proxy-based access controls and submit unauthorized requests. The issue was resolved by upgrading `llhttp` to version 9, which enforces correct header termination. Impact: * This vulnerability affects only Node.js 20.x users prior to the `llhttp` v9 upgrade.

...

6.5CVSS6.9AI score0.00466EPSS
Exploits1
Total number of security vulnerabilities21761