Lucene search
K

21761 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:42 a.m.•4 views

net: dsa: improve shutdown sequence

...

4.7CVSS7AI score0.00173EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:42 a.m.•3 views

Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets

...

7.5CVSS8.4AI score0.17673EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:41 a.m.•4 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.

...

9.8CVSS7AI score0.02331EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:41 a.m.•4 views

watchdog: Fix possible use-after-free in wdt_startup()

...

8.8CVSS7AI score0.0116EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:40 a.m.•7 views

hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.

...

5.4CVSS7AI score0.00529EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:40 a.m.•3 views

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.

...

4.9CVSS7AI score0.00432EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:38 a.m.•5 views

serial: sc16is7xx: fix invalid FIFO access with special register set

...

5.5CVSS7AI score0.00211EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:37 a.m.•3 views

MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.

...

4.9CVSS7AI score0.00423EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:37 a.m.•3 views

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

...

5.4CVSS7AI score0.00529EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:36 a.m.•9 views

HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow

...

4.8CVSS7AI score0.00255EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:36 a.m.•1 views

ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()

...

5.5CVSS7AI score0.00237EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:35 a.m.•2 views

Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.

...

7.8CVSS7AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:35 a.m.•4 views

An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.

...

9.8CVSS7AI score0.02468EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:32 a.m.•4 views

HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow

...

5.5CVSS7AI score0.00269EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:32 a.m.•3 views

ipv6: Fix signed integer overflow in __ip6_append_data

...

5.5CVSS7AI score0.00243EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:30 a.m.•2 views

memcg: fix soft lockup in the OOM process

...

5.5CVSS6.8AI score0.0017EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:30 a.m.•3 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call.

...

9.8CVSS7AI score0.02331EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:30 a.m.•10 views

RDMA/hns: Fix UAF for cq async event

...

7.8CVSS7AI score0.00252EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:29 a.m.•5 views

HDF5 H5Fint.c H5F_addr_encode_len heap-based overflow

...

4.8CVSS7AI score0.00255EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:28 a.m.•5 views

fs/ntfs3: cancle set bad inode after removing name fails

...

5.5CVSS7AI score0.00145EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:28 a.m.•4 views

Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel

...

7.5CVSS7AI score0.0125EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:26 a.m.•6 views

RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop

...

5.5CVSS7AI score0.00213EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:25 a.m.•3 views

kprobes: Fix possible use-after-free issue on kprobe registration

...

8.8CVSS7AI score0.01167EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:25 a.m.•4 views

Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64.

...

7.8CVSS7AI score0.00233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:24 a.m.•5 views

dm cache: fix flushing uninitialized delayed_work on cache_ctr error

...

7.8CVSS7AI score0.00245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:23 a.m.•7 views

HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference

...

5.5CVSS7AI score0.00233EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:23 a.m.•4 views

drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX

...

7.8CVSS7AI score0.00215EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:23 a.m.•3 views

fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name

...

4.6CVSS7AI score0.00388EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:22 a.m.•5 views

ksmbd: fix slab out of bounds write in smb_inherit_dacl()

...

8.4CVSS7AI score0.26864EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:22 a.m.•7 views

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner and permissions of a file.

...

3.3CVSS6.6AI score0.00395EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:21 a.m.•2 views

padata: Fix pd UAF once and for all

...

7.8CVSS7AI score0.00161EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:21 a.m.•4 views

cachefiles: Fix NULL pointer dereference in object->file

...

5.5CVSS7AI score0.00216EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:20 a.m.•6 views

HDF5 H5MM.c H5MM_realloc double free

...

5.5CVSS7AI score0.00242EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:20 a.m.•7 views

ice: arfs: fix use-after-free when freeing @rx_cpu_rmap

...

7.8CVSS7AI score0.00255EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:19 a.m.•5 views

usb: typec: fix potential array underflow in ucsi_ccg_sync_control()

...

7.8CVSS7AI score0.0024EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:19 a.m.•3 views

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

...

9CVSS7AI score0.18561EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:18 a.m.•4 views

zram: fix NULL pointer in comp_algorithm_show()

...

5.5CVSS7AI score0.00217EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:18 a.m.•7 views

An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf.

...

7.8CVSS7AI score0.01715EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:17 a.m.•6 views

HDF5 H5FL.c H5FL__blk_gc_list use after free

...

5.3CVSS7AI score0.00229EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:17 a.m.•4 views

rcu-tasks: Fix access non-existent percpu rtpcp variable in rcu_tasks_need_gpcb()

...

5.5CVSS7AI score0.00233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:17 a.m.•7 views

watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()

...

8.8CVSS7AI score0.0116EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:16 a.m.•3 views

An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.

...

6.1CVSS7AI score0.00488EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:15 a.m.•7 views

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

...

6.5CVSS7AI score0.00404EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:14 a.m.•6 views

sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation.

...

7.1CVSS7AI score0.00361EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:12 a.m.•5 views

btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc()

...

5.5CVSS7AI score0.00237EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:11 a.m.•6 views

scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

...

5.5CVSS6.8AI score0.00202EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:10 a.m.•1 views

drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing

...

5.5CVSS7AI score0.00237EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:8 a.m.•2 views

netfilter: nf_tables: fix memleak in map from abort path

...

5.5CVSS7AI score0.00232EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:8 a.m.•5 views

If kernel headers need to be extracted, bcc will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default.

...

2.8CVSS7AI score0.00218EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:8 a.m.•5 views

Cri-o: pods are able to break out of resource confinement on cgroupv2

...

7.5CVSS7AI score0.00859EPSS
Exploits0
Total number of security vulnerabilities21761