Lucene search
K

21762 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:56 p.m.•4 views

arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:56 p.m.•4 views

Path traversal via Clean on Windows in path/filepath

...

7.5CVSS7AI score0.0187EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:56 p.m.•3 views

Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()

...

6.8CVSS7AI score0.00457EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:56 p.m.•10 views

drm/msm/dpu: Add mutex lock in control vblank irq

...

7CVSS7AI score0.0016EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:56 p.m.•8 views

net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()

...

7.1CVSS6.8AI score0.00172EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:55 p.m.•3 views

smb: client: fix potential UAF in smb2_is_valid_lease_break()

...

7.8CVSS7AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:55 p.m.•4 views

Kernel: ksmbd: smb2_open out-of-bounds read information disclosure vulnerability

...

7.5CVSS7AI score0.00833EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:55 p.m.•3 views

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126.

...

5.9CVSS9.2AI score0.00218EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:54 p.m.•2 views

of: module: add buffer overflow check in of_modalias()

...

9.8CVSS7AI score0.01483EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:54 p.m.•5 views

x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer()

...

5.5CVSS7AI score0.00219EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:54 p.m.•9 views

md/raid1,raid10: don't ignore IO flags

...

5.5CVSS6.8AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:54 p.m.•2 views

fbdev: hyperv_fb: Allow graceful removal of framebuffer

...

5.5CVSS6.9AI score0.00162EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:54 p.m.•4 views

In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.

...

9.8CVSS9.2AI score0.00773EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:53 p.m.•7 views

Libssh: write beyond bounds in binary to base64 conversion functions

...

4.5CVSS7AI score0.00178EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:53 p.m.•4 views

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.

...

4.7CVSS7AI score0.00342EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:53 p.m.•5 views

GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files.

...

8.4CVSS7AI score0.00268EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:53 p.m.•4 views

Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 119.

...

9.8CVSS7AI score0.00975EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:53 p.m.•6 views

accel/ivpu: Fix locking order in ivpu_job_submit

...

5.5CVSS7AI score0.00119EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:52 p.m.•4 views

When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

...

8.8CVSS9.2AI score0.00592EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:51 p.m.•4 views

net: fix NULL pointer dereference in l3mdev_l3_rcv

...

5.5CVSS6.8AI score0.00167EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:51 p.m.•5 views

iavf: get rid of the crit lock

...

5.5CVSS6.8AI score0.00094EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•2 views

scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT

...

5.5CVSS7AI score0.00215EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•4 views

Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

...

8.8CVSS9.2AI score0.00536EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•6 views

f2fs: fix potential deadloop in prepare_compress_overwrite()

...

5.5CVSS6.8AI score0.00102EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•4 views

When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.

...

7.5CVSS7AI score0.00565EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•6 views

A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

...

6.1CVSS9.2AI score0.00575EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•4 views

drm/admgpu: fix dereferencing null pointer context

...

5.5CVSS7AI score0.0021EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•9 views

In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).

...

10CVSS7AI score0.00383EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:50 p.m.•6 views

serial: sc16is7xx: fix TX fifo corruption

...

7.8CVSS7AI score0.00179EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:49 p.m.•4 views

Das U-Boot 2022.01 has a Buffer Overflow.

...

5.5CVSS7AI score0.00439EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:49 p.m.•4 views

scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue

...

7.8CVSS6.8AI score0.00252EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:48 p.m.•4 views

fs/ntfs3: Fixed overflow check in mi_enum_attr()

...

8.4CVSS7AI score0.00295EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:48 p.m.•5 views

btrfs: fix deadlock between concurrent dio writes when low on free data space

...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:48 p.m.•5 views

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

...

7AI score
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:48 p.m.•4 views

If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability affects Firefox < 107.

...

6.5CVSS7AI score0.00369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:48 p.m.•3 views

A duplicate <code>SystemPrincipal</code> object could be created when parsing a non-system html document via <code>DOMParser::ParseFromSafeString</code>. This could have lead to bypassing web security checks. This vulnerability affects Firefox < 109.

...

6.5CVSS7AI score0.00463EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:48 p.m.•2 views

Apache Subversion: Command line argument injection on Windows platforms

...

8.2CVSS7AI score0.00604EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:47 p.m.•2 views

drm/xe: Fix potential integer overflow in page size calculation

...

5.5CVSS7AI score0.00197EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:46 p.m.•4 views

drm/amdgpu: fix use-after-free during gpu recovery

...

7.8CVSS7AI score0.00234EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:46 p.m.•4 views

drm/amdgpu/pm: fix the null pointer while the smu is disabled

...

5.5CVSS7AI score0.00209EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:46 p.m.•4 views

During garbage collection extra operations were performed on a object that should not be. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 119, Firefox ESR < 115.4, and Thunderbird < 115.4.1.

...

7.5CVSS7AI score0.01184EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:46 p.m.•3 views

The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.

...

8.8CVSS9.2AI score0.00662EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:46 p.m.•4 views

drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe

...

5.5CVSS7AI score0.00212EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:45 p.m.•4 views

drm/amd/display: Check stream_status before it is used

...

5.5CVSS7AI score0.00204EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:45 p.m.•6 views

f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC

...

7.8CVSS7AI score0.00223EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:45 p.m.•6 views

An HTTP digest authentication nonce value was generated using `rand()` which could lead to predictable values. This vulnerability affects Firefox < 126.

...

5.9CVSS9.2AI score0.00217EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:44 p.m.•6 views

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 8.3.0 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

...

7.5CVSS7AI score0.00721EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:44 p.m.•3 views

Possible SSRF and Credential Leakage via Absolute URL in axios Requests

...

8.7CVSS6.7AI score0.00759EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:44 p.m.•4 views

VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.

...

5.9CVSS7AI score0.00743EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/03 9:43 p.m.•4 views

btrfs: don't readahead the relocation inode on RST

...

5.5CVSS7AI score0.00201EPSS
Exploits0
Total number of security vulnerabilities21762