Lucene search
K

22103 matches found

Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.1 views

libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read.

...

5.5CVSS6.2AI score0.00308EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.5 views

Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss

...

6.8CVSS6.9AI score0.0065EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf.

...

6.2CVSS7.9AI score0.00216EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

drm/sched: Fix fence reference count leak

...

5.5CVSS7.4AI score0.00164EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.5 views

drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()

...

5.5CVSS7.3AI score0.00175EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

gpio: aggregator: protect driver attr handlers against module unload

...

4.7CVSS7.2AI score0.00139EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

cifs: Fix integer overflow while processing acregmax mount option

...

5.5CVSS7.3AI score0.00178EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.2 views

can: ucan: fix out of bound read in strscpy() source

...

5.5CVSS7.4AI score0.00164EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

vlan: enforce underlying device type

...

7.1CVSS7.8AI score0.00202EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

ksmbd: fix type confusion via race condition when using ipc_msg_send_request

...

8.1CVSS7.2AI score0.00352EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.5 views

netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()

...

5.5CVSS7.4AI score0.00199EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.3 views

HID: appleir: Fix potential NULL dereference at raw event handle

...

5.5CVSS7.3AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.2 views

Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow

...

5.3CVSS5.5AI score0.00405EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/05/01 10:16 p.m.41 views

Chromium: CVE-2025-4052 Inappropriate implementation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

9.8CVSS7.5AI score0.0058EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/01 10:16 p.m.44 views

Chromium: CVE-2025-4051 Insufficient data validation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.3CVSS7AI score0.00296EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/01 10:15 p.m.81 views

Chromium: CVE-2025-4050 Out of bounds memory access in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS7.2AI score0.00462EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/01 10:15 p.m.37 views

Chromium: CVE-2025-4096 Heap buffer overflow in HTML

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS7.7AI score0.00474EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/05/01 7:0 a.m.22 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS6.8AI score0.00662EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.13 views

Azure Virtual Desktop Elevation of Privilege Vulnerability

Missing authorization in Azure Virtual Desktop allows an authorized attacker to elevate privileges over a network...

8.8CVSS6.9AI score0.00631EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.24 views

Azure Functions Remote Code Execution Vulnerability

Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network...

8.8CVSS7.3AI score0.00459EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.17 views

Azure AI Bot Elevation of Privilege Vulnerability

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...

9.8CVSS5.5AI score0.00879EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.29 views

Azure ML Compute Elevation of Privilege Vulnerability

Improper authorization in Azure allows an authorized attacker to elevate privileges over a network...

9.9CVSS7AI score0.00776EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.20 views

Azure Bot Framework SDK Elevation of Privilege Vulnerability

Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate privileges over a network...

9.8CVSS6.9AI score0.00709EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/30 7:0 a.m.12 views

Microsoft Dynamics Information Disclosure Vulnerability

Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network...

8.1CVSS6.5AI score0.01049EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/29 7:0 a.m.1 views

Libsoup: denial of service on libsoup through http/2 server

...

7.5CVSS7.8AI score0.00502EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/29 7:0 a.m.2 views

Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

...

7.5CVSS7.7AI score0.00824EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/29 7:0 a.m.4 views

Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

...

6.5CVSS7.5AI score0.0045EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/29 7:0 a.m.1 views

Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process

...

7.4CVSS7.7AI score0.00637EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/26 7:0 a.m.3 views

FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c.

...

9.3CVSS8.5AI score0.00566EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/24 7:0 a.m.2 views

PyTorch LossCTC.cpp torch.nn.functional.ctc_loss denial of service

...

5.5CVSS4.7AI score0.00271EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/24 7:0 a.m.8 views

PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

...

9.8CVSS9.5AI score0.01878EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.5 views

Libsoup: null pointer dereference in client when server omits the "nonce" parameter in an unauthorized response with digest authentication

...

6.5CVSS6.5AI score0.00372EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.2 views

Libsoup: null pointer dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c

...

5.3CVSS6.5AI score0.00434EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.2 views

Libsoup: null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an unauthorized response with digest authentication

...

6.5CVSS7AI score0.00372EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.5 views

PgBouncer default auth_query does not take Postgres password expiry into account

...

9.8CVSS7.9AI score0.00305EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.3 views

Field `file_table` of `struct module *module` is uninitialized

...

5.5CVSS5.3AI score0.00376EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.7 views

An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.

...

7.8CVSS5.4AI score0.00434EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.4 views

Out of bounds read in parse_module function in bfd/vms-alpha.c

...

7.1CVSS6.2AI score0.00379EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.2 views

Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`

...

5.5CVSS5.3AI score0.00384EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.4 views

An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.

...

7.8CVSS5.4AI score0.00404EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/23 7:0 a.m.3 views

A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file.

...

8.8CVSS7.9AI score0.01533EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.2 views

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sample_conv_regsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one.

...

6.8CVSS5.8AI score0.00688EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.5 views

The giflib open-source component has a buffer overflow vulnerability

...

7.3CVSS6.5AI score0.00219EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.4 views

NATS-Server Fails to Authorize Certain Jetstream Admin APIs

...

9.6CVSS8.2AI score0.00529EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.3 views

Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header

...

7.5CVSS8.1AI score0.00694EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.3 views

Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

...

10CVSS8.2AI score0.97673EPSS
Exploits36
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.3 views

Libsoup: out of bounds reads in soup_headers_parse_request()

...

7.5CVSS8.1AI score0.00787EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/22 7:0 a.m.5 views

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

...

4.3CVSS6.4AI score0.0016EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/19 7:0 a.m.6 views

GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

...

4.7CVSS5.1AI score0.00287EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2025/04/19 7:0 a.m.5 views

Perl is vulnerable to a heap buffer overflow when transliterating non-ASCII bytes

...

8.4CVSS7.7AI score0.00473EPSS
Exploits0
Total number of security vulnerabilities22103