Lucene search
K

21762 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:33 p.m.•2 views

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.

...

9.8CVSS7AI score0.02403EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:33 p.m.•4 views

drm/amd/display: Fix 'panel_cntl' could be null in 'dcn21_set_backlight_level()'

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:33 p.m.•5 views

mm: fix uprobe pte be overwritten when expanding vma

...

5.5CVSS6.8AI score0.00131EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:33 p.m.•5 views

drm/amd/display: Ensure array index tg_inst won't be -1

...

5.5CVSS7AI score0.00192EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:33 p.m.•6 views

virtio-pci: Check if is_avq is NULL

...

5.5CVSS7AI score0.00198EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:33 p.m.•5 views

wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850

...

5.5CVSS7AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:32 p.m.•4 views

drm/amd/display: Check null pointers before multiple uses

...

5.5CVSS7AI score0.00216EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:32 p.m.•7 views

S-Lang 2.3.2 was discovered to contain an arithmetic exception via the function tt_sprintf().

...

9.1CVSS7AI score0.00844EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:32 p.m.•8 views

ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()

...

5.5CVSS7AI score0.00176EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:32 p.m.•3 views

Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall

...

5.5CVSS7AI score0.00245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:32 p.m.•4 views

drm/amd/display: Skip Recompute DSC Params if no Stream on Link

...

7AI score0.00017EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•3 views

This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable.

...

6.5CVSS7.7AI score0.00516EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•2 views

Reference counting in php_request_shutdown causes Use-After-Free

...

9.2CVSS7AI score0.01263EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•5 views

udp: Deal with race between UDP socket address change and rehash

...

4.7CVSS6.9AI score0.00133EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•4 views

net: Fix icmp host relookup triggering ip_rt_bug

...

5.5CVSS7AI score0.00217EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•3 views

Arbitrary code injection vulnerability in Keras framework < 2.13

...

9.8CVSS7AI score0.01745EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•3 views

exfat: fix double free in delayed_free

...

7.8CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•3 views

qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: [email protected]" in its release description, is not vulnerable).

...

7.5CVSS7AI score0.14663EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:31 p.m.•4 views

sh: push-switch: Reorder cleanup operations to avoid use-after-free bug

...

8.4CVSS7AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:30 p.m.•4 views

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.

...

5.9CVSS7AI score0.0163EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:29 p.m.•6 views

libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.

...

4CVSS7AI score0.00233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:29 p.m.•4 views

drm/amd/display: Add NULL test for 'timing generator' in 'dcn21_set_pipe()'

...

5.5CVSS7AI score0.00227EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:29 p.m.•6 views

HDF5 H5Fint.c H5F_addr_decode_len heap-based overflow

...

7.8CVSS7AI score0.00303EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:29 p.m.•2 views

f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic

...

7.8CVSS7AI score0.00154EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:29 p.m.•2 views

PCI: imx6: Fix suspend/resume support on i.MX6QDL

...

5.5CVSS7AI score0.0021EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:28 p.m.•9 views

Cairo through 1.18.4, as used in Poppler through 25.08.0, has an "unscaled->face == NULL" assertion failure for _cairo_ft_unscaled_font_fini in cairo-ft-font.c.

...

2.9CVSS7AI score0.00205EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:28 p.m.•5 views

smb3: missing lock when picking channel

...

5.5CVSS7AI score0.00164EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:26 p.m.•11 views

bnxt_en: Mask the bd_cnt field in the TX BD properly

...

5.5CVSS6.8AI score0.0014EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:26 p.m.•5 views

nouveau: lock the client object tree.

...

5.5CVSS7AI score0.00172EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:26 p.m.•3 views

Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128.

...

8.8CVSS9.2AI score0.00448EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:25 p.m.•7 views

drm/amd/display: Handle dml allocation failure to avoid crash

...

7.8CVSS7AI score0.00201EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:25 p.m.•6 views

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

...

4.7CVSS7AI score0.00329EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:25 p.m.•4 views

ax25: fix use-after-free bugs caused by ax25_ds_del_timer

...

7.8CVSS7AI score0.00232EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:25 p.m.•5 views

arm64: errata: Add Cortex-A520 speculative unprivileged load workaround

...

4.7CVSS7AI score0.00602EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:24 p.m.•12 views

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime

...

6.8CVSS7AI score0.01625EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:24 p.m.•6 views

vLLM using built-in hash() from Python 3.12 leads to predictable hash collisions in vLLM prefix cache

...

2.6CVSS7AI score0.00176EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:24 p.m.•3 views

fbdev: efifb: Register sysfs groups through driver core

...

5.5CVSS7AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:24 p.m.•8 views

nvme-fabrics: use reserved tag for reg read/write command

...

5.5CVSS7AI score0.00226EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:23 p.m.•8 views

Unintentional exposure of environment variables to subprocesses in sentry-sdk

...

5.3CVSS7AI score0.00198EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:23 p.m.•5 views

vhost_task: Handle SIGKILL by flushing work and exiting

...

5.5CVSS7AI score0.00227EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:23 p.m.•7 views

GNU Bison scan-code.c code_free double free

...

7AI score0.00019EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:23 p.m.•3 views

Khronos Group glslang Intermediate.cpp isConversionAllowed null pointer dereference

...

4.8CVSS7AI score0.00163EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:22 p.m.•4 views

f2fs: don't set RO when shutting down f2fs

...

5.5CVSS7AI score0.00218EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:22 p.m.•7 views

Undefined Behavior in bounded Crossbeam channel

...

9.8CVSS7AI score0.02743EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:21 p.m.•5 views

wifi: ath12k: fix kernel crash during resume

...

5.5CVSS7AI score0.00255EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:21 p.m.•5 views

A prototype pollution in the lib.Logger function of eazy-logger v4.0.1 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.

...

7.5CVSS7AI score0.0053EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:21 p.m.•4 views

squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.

...

7.8CVSS7AI score0.00516EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:20 p.m.•3 views

drm/amd/display: Increase array size of dummy_boolean

...

5.5CVSS7AI score0.00206EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:20 p.m.•6 views

GNU Bison obprintf.c __obstack_vprintf_internal assertion

...

7AI score0.00019EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 10:20 p.m.•3 views

media: mtk-vcodec: potential null pointer deference in SCP

...

5.5CVSS7AI score0.00291EPSS
Exploits0
Total number of security vulnerabilities21762