Lucene search
K

21761 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:7 a.m.•2 views

wifi: mac80211: fix NULL dereference at band check in starting tx ba session

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:6 a.m.•4 views

ksmbd: fix Preauh_HashValue race condition

...

8.5CVSS7AI score0.00391EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:4 a.m.•10 views

block: fix uaf for flush rq while iterating tags

...

7.8CVSS7AI score0.00235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:4 a.m.•2 views

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

...

3.3CVSS7AI score0.00149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:3 a.m.•3 views

mm: zswap: properly synchronize freeing resources during CPU hotunplug

...

7.8CVSS7AI score0.00191EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:3 a.m.•4 views

drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()

...

5.5CVSS7AI score0.00207EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:2 a.m.•5 views

Usage of unsafe random function in form-data for choosing boundary

...

9.4CVSS7AI score0.01735EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:1 a.m.•4 views

Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed arguments.

...

5CVSS7AI score0.11572EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:0 a.m.•5 views

BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE.

...

7.8CVSS7AI score0.00423EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 4:0 a.m.•11 views

bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG

...

5.5CVSS6.6AI score0.0021EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:57 a.m.•7 views

Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init

...

3.9CVSS6.7AI score0.00287EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:56 a.m.•2 views

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.

...

2.5CVSS7AI score0.00238EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:56 a.m.•3 views

Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library

...

8.2CVSS7AI score0.0099EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:56 a.m.•5 views

Incorrect code generation could have led to unexpected numeric conversions and potential undefined behavior.*Note:* This issue only affects 32-bit ARM devices. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

...

7.5CVSS9.1AI score0.00667EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:55 a.m.•4 views

wifi: virt_wifi: avoid reporting connection success with wrong SSID

...

3.3CVSS7AI score0.00211EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:54 a.m.•5 views

scsi: hisi_sas: Create all dump files during debugfs initialization

...

5.5CVSS7AI score0.0023EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:53 a.m.•10 views

Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker must be able to force victim to print JSON data, depending on how cJSON library is used this could be either local or over a network. This vulnerability appears to have been fixed in 1.7.3.

...

8.8CVSS7AI score0.01471EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:53 a.m.•3 views

Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip

...

9.8CVSS7AI score0.01952EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:53 a.m.•10 views

usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.

...

5.5CVSS7AI score0.00174EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:52 a.m.•2 views

An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite.

...

7.1CVSS7AI score0.00359EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:52 a.m.•9 views

drm/amd/display: Add null check for pipe_ctx->plane_state in dcn20_program_pipe

...

5.5CVSS7AI score0.00244EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:51 a.m.•2 views

uprobe: avoid out-of-bounds memory access of fetching args

...

7.8CVSS7AI score0.00233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:51 a.m.•8 views

Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc

...

3.9CVSS6.7AI score0.00302EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:50 a.m.•5 views

smb: prevent use-after-free due to open_cached_dir error paths

...

7.8CVSS7AI score0.00229EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:49 a.m.•3 views

wifi: ath10k: avoid NULL pointer error during sdio remove

...

5.5CVSS7AI score0.00217EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:48 a.m.•3 views

bnxt_en: Fix receive ring space parameters when XDP is active

...

5.5CVSS7AI score0.00217EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:47 a.m.•5 views

An unlimited recursion in DxeCore in EDK II.

...

7.8CVSS7AI score0.00399EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:45 a.m.•4 views

Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.

...

5CVSS7AI score0.01496EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:45 a.m.•1 views

Mishandling of corrupt central directory record in archive/zip

...

5.5CVSS7AI score0.00446EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:45 a.m.•7 views

Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init

...

3.9CVSS6.7AI score0.00355EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:45 a.m.•3 views

i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition

...

7.8CVSS7AI score0.00213EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:44 a.m.•3 views

atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact by running certain types of unprivileged processes while a different user runs atop.

...

2.9CVSS5.4AI score0.0019EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:44 a.m.•5 views

net: batman-adv: fix error handling

...

5.3CVSS7AI score0.00739EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:43 a.m.•5 views

Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.

...

7.5CVSS7AI score0.01346EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:43 a.m.•6 views

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

...

6.7CVSS7AI score0.00378EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:43 a.m.•12 views

HID: core: Harden s32ton() against conversion to 0 bits

...

7.1CVSS7AI score0.0015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:42 a.m.•3 views

RDMA/siw: Remove direct link to net_device

...

7.8CVSS7AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:42 a.m.•7 views

Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc

...

3.9CVSS6.7AI score0.00355EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:42 a.m.•11 views

tpm: Lock TPM chip in tpm_pm_suspend() first

...

5.5CVSS7AI score0.00171EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:41 a.m.•4 views

vfio/fsl-mc: Block calling interrupt handler without trigger

...

5.5CVSS7AI score0.00223EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:41 a.m.•7 views

kunit/overflow: Fix UB in overflow_allocation_test

...

5.5CVSS6.4AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:40 a.m.•3 views

fsdax: Fix infinite loop in dax_iomap_rw()

...

6.2CVSS7AI score0.00234EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:40 a.m.•11 views

vfio/pci: Disable auto-enable of exclusive INTx IRQ

...

5.5CVSS7AI score0.0024EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:39 a.m.•7 views

Perl: write past buffer end via illegal user-defined unicode property

...

7.8CVSS6.7AI score0.00832EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:39 a.m.•13 views

drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'

...

7.8CVSS7.2AI score0.00226EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:38 a.m.•3 views

vmci: Prevent the dispatching of uninitialized payloads

...

6.9AI score
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:38 a.m.•3 views

KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush

...

5.5CVSS6.8AI score0.00157EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:38 a.m.•1 views

An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.

...

5.3CVSS7AI score0.01264EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:38 a.m.•4 views

ksmbd: validate payload size in ipc response

...

5.5CVSS7AI score0.00262EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 3:37 a.m.•2 views

srcu: Tighten cleanup_srcu_struct() GP checks

...

7.8CVSS6.9AI score0.00235EPSS
Exploits0
Total number of security vulnerabilities21761