22103 matches found
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...
Chromium: CVE-2025-2476 Use after free in Lens
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
No cwe for this issue in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...
Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an authorized attacker to elevate privileges locally...
Microsoft Dataverse Remote Code Execution Vulnerability
Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute code over a network...
Microsoft Partner Center Elevation of Privilege Vulnerability
Improper authorization in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network...
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
...
llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.
...
In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host.
...
Apache Subversion: mod_dav_svn denial-of-service via control characters in paths
...
Vitess allows HTML injection in /debug/querylogz & /debug/env
...
In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies.
...
In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method.
...
list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale.
...
Arbitrary Code Execution via Crafted Keras Config for Model Loading
...
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form of digit string with NaN (e.g., "1 NaN123" immediately followed by many more digits).
...
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.
...
net: rose: lock the socket in rose_bind()
...
gpio: xilinx: Convert gpio_lock to raw spinlock
...
net/mlx5: Clear port select structure when fail to create
...
vsock/virtio: discard packets if the transport changes
...
net: rose: fix timer races against user threads
...
NFC: nci: Add bounds checking in nci_hci_create_pipe()
...
usbnet: ipheth: fix possible overflow in DPE length check
...
mptcp: consolidate suboption status
...
openvswitch: fix lockup on tx to unregistering netdev with carrier
...
ptp: Ensure info->enable callback is always set
...
ksmbd: fix integer overflows on 32 bit systems
...
wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()
...
nilfs2: fix possible int overflows in nilfs_fiemap()
...
scsi: storvsc: Ratelimit warning logs to prevent VM denial of service
...
net/rose: prevent integer overflows in rose_setsockopt()
...
drm/v3d: Ensure job pointer is set to NULL after job completion
...
Timing side-channel in ECDSA signature computation
...
net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
...
HTTP Request Smuggling in waitress
...
libpng before 1.6.32 does not properly check the length of chunks against the user limit.
...
The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service
...
The id3_field_parse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service
...
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic
...
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact
...
id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS).
...
Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service
...
The id3_ucs4_length function in ucs4.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service
...
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
...
The libpng 0.71 allows context-dependent attackers to cause a NULL pointer dereference vectors
...
Buffer overflow in libpng allows remote attackers to cause a denial of service
...
Multiple buffer overflows in libpng allow remote attackers to cause a denial of service
...
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic
...