Lucene search
K

21762 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:15 a.m.•6 views

Linux Kernel BlueZ jlink.c jlink_init denial of service

...

5.5CVSS7AI score0.00257EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:14 a.m.•4 views

spi: Fix null dereference on suspend

...

4.7CVSS7AI score0.00181EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:14 a.m.•4 views

An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution.

...

9.8CVSS7AI score0.00609EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:13 a.m.•4 views

Apache Commons Compress: OutOfMemoryError unpacking broken Pack200 file

...

5.5CVSS7AI score0.00898EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:13 a.m.•4 views

net/sched: flower: Fix chain template offload

...

7.1CVSS7AI score0.00238EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:12 a.m.•2 views

ksmbd: fix use-after-free in ksmbd_session_rpc_open

...

7.8CVSS7AI score0.00195EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:11 a.m.•0 views

Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3.

...

9.8CVSS7AI score0.01233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:10 a.m.•7 views

WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild.

...

5.5CVSS7AI score0.00278EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:10 a.m.•4 views

ECDSA remote timing attack

...

4.7CVSS7AI score0.01188EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:7 a.m.•4 views

f2fs: quota: fix to avoid warning in dquot_writeback_dquots()

...

5.5CVSS6.8AI score0.0013EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:7 a.m.•2 views

media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko

...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:6 a.m.•5 views

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory.

...

7.5CVSS7AI score0.00453EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:4 a.m.•5 views

ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

...

7.1CVSS6.8AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:3 a.m.•5 views

Set-Cookie response headers were being incorrectly honored in multipart HTTP responses. If an attacker could control the Content-Type response header, as well as control part of the response body, they could inject Set-Cookie response headers that would have been honored by the browser. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

...

6.1CVSS9.2AI score0.00743EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:2 a.m.•4 views

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1.

...

9.8CVSS9.2AI score0.22935EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:2 a.m.•3 views

riscv: save the SR_SUM status over switches

...

5.5CVSS7AI score0.00132EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:1 a.m.•6 views

drm/amd/display: Fix disable_otg_wa logic

...

5.5CVSS7AI score0.00195EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:0 a.m.•7 views

fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr()

...

5.5CVSS7AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:0 a.m.•6 views

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.

...

9.8CVSS9.5AI score0.08609EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:0 a.m.•6 views

Service workers could reveal script base URL due to dynamic `import()`. This vulnerability affects Firefox < 113.

...

5.3CVSS7AI score0.00524EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:0 a.m.•1 views

Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code

...

9.3CVSS9.3AI score0.0052EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:57 p.m.•6 views

drm/amdgpu: Fixed bug on error when unloading amdgpu

...

5.5CVSS7AI score0.00205EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:56 p.m.•9 views

DNSSEC validation may accept broken authentication chains

...

7.1CVSS7AI score0.0026EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:56 p.m.•3 views

interconnect: qcom: sc8180x: Mark CO0 BCM keepalive

...

5.5CVSS7AI score0.00227EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:54 p.m.•5 views

powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW

...

5.5CVSS7AI score0.00201EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:54 p.m.•6 views

Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks.

...

6.1CVSS7AI score0.01197EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:52 p.m.•4 views

loop: implement ->free_disk

...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:50 p.m.•4 views

um: work around sched_yield not yielding in time-travel mode

...

5.5CVSS6.8AI score0.00147EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:49 p.m.•8 views

GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.

...

6.7CVSS7AI score0.00378EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:49 p.m.•3 views

net: atlantic: Fix DMA mapping for PTP hwts ring

...

5.5CVSS7AI score0.00228EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:49 p.m.•5 views

Auth Bypass in Google's Closure-Library

...

6.5CVSS7.7AI score0.00524EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:48 p.m.•6 views

GNU Binutils ld libbfd.c bfd_putl64 memory corruption

...

7.5CVSS7AI score0.00523EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:48 p.m.•7 views

sched: fix warning in sched_setaffinity

...

5.5CVSS7AI score0.00189EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:48 p.m.•10 views

NASM Netwide Assember parser.c parse_line stack-based overflow

...

7.8CVSS7AI score0.00247EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:46 p.m.•3 views

ipvlan: ensure network headers are in skb linear part

...

5.5CVSS6.8AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:45 p.m.•3 views

hwrng: cavium - fix NULL but dereferenced coccicheck error

...

5.5CVSS7AI score0.00211EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:45 p.m.•5 views

drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()

...

5.5CVSS7AI score0.00224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:45 p.m.•5 views

The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.

...

5.3CVSS9.3AI score0.03621EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:45 p.m.•11 views

bonding: check xdp prog when set bond mode

...

5.5CVSS6.8AI score0.00167EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:44 p.m.•3 views

Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox < 124.

...

3.7CVSS9.2AI score0.00437EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:43 p.m.•3 views

ceph: fix possible deadlock when holding Fwb to get inline_data

...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:43 p.m.•3 views

jfs: fix null ptr deref in dtInsertEntry

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:43 p.m.•3 views

KVM: s390: vsie: fix race during shadow creation

...

4.7CVSS7AI score0.00175EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:43 p.m.•9 views

wifi: ath6kl: remove WARN on bad firmware input

...

5.5CVSS7AI score0.00172EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:42 p.m.•3 views

SUNRPC: fix a memleak in gss_import_v2_context

...

5.5CVSS7AI score0.00275EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:40 p.m.•5 views

net: allow small head cache usage with large MAX_SKB_FRAGS values

...

5.5CVSS7.4AI score0.00176EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:40 p.m.•4 views

Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 114.

...

9.8CVSS7AI score0.0078EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:40 p.m.•8 views

thermal: intel: hfi: Add syscore callbacks for system-wide PM

...

5.5CVSS7AI score0.00227EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:40 p.m.•5 views

cpufreq: CPPC: Add u64 casts to avoid overflowing

...

5.5CVSS7AI score0.0015EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 11:39 p.m.•7 views

PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.

...

5.8CVSS7AI score0.01772EPSS
Exploits0
Total number of security vulnerabilities21762