Lucene search
K

22107 matches found

Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

HID: wacom: fix when get product name maybe null pointer

...

5.5CVSS7.4AI score0.00207EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•1 views

net/smc: fix LGR and link use-after-free issue

...

7.8CVSS7.3AI score0.00222EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

gpio: grgpio: Add NULL check in grgpio_probe

...

5.5CVSS7.4AI score0.0025EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

net: inet: do not leave a dangling sk pointer in inet_create()

...

7.8CVSS7.3AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

leds: class: Protect brightness_show() with led_cdev->led_access mutex

...

5.5CVSS7.2AI score0.00249EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

af_packet: avoid erroring out after sock_init_data() in packet_create()

...

7.8CVSS7.3AI score0.00238EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

ftrace: Fix regression with module command in stack_trace_filter

...

5.5CVSS7.2AI score0.00229EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

tcp: Fix use-after-free of nreq in reqsk_timer_handler().

...

7.8CVSS8.4AI score0.0022EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•2 views

EDAC/bluefield: Fix potential integer overflow

...

5.5CVSS7.2AI score0.00219EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•8 views

net: inet6: do not leave a dangling sk pointer in inet6_create()

...

7.8CVSS7.3AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

media: imx-jpeg: Ensure power suppliers be suspended before detach them

...

5.5CVSS7.4AI score0.00231EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init()

...

5.5CVSS7.4AI score0.00217EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

Virtual environment (venv) activation scripts don't quote paths

...

7.8CVSS7.3AI score0.00647EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•5 views

wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()

...

5.5CVSS7.4AI score0.00224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•5 views

iommu/arm-smmu: Defer probe of clients after smmu device bound

...

4.7CVSS7.2AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•7 views

hfsplus: don't query the device logical block size multiple times

...

7.8CVSS7.2AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•6 views

jfs: array-index-out-of-bounds fix in dtReadFirst

...

7.8CVSS7.2AI score0.00245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

jfs: fix array-index-out-of-bounds in jfs_readdir

...

7.8CVSS7.4AI score0.0023EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•1 views

scsi: qla2xxx: Fix use after free on unload

...

7.8CVSS7.4AI score0.00216EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•5 views

xsk: fix OOB map writes when deleting elements

...

7.8CVSS7.4AI score0.00252EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•5 views

NFSD: Prevent NULL dereference in nfsd4_process_cb_update()

...

5.5CVSS7.3AI score0.00243EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•2 views

ALSA: 6fire: Release resources at card release

...

7.8CVSS7.2AI score0.00281EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•4 views

ionic: Fix netdev notifier unregister on failure

...

5.5CVSS7.3AI score0.00245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl

...

7.1CVSS7.1AI score0.00535EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•3 views

net: hsr: avoid potential out-of-bound access in fill_frame_info()

...

5.5CVSS7.4AI score0.00244EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 8:0 a.m.•5 views

bpf: fix OOB devmap writes when deleting elements

...

7.8CVSS7.4AI score0.00257EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 12:0 a.m.•1 views

CVE-2024-50051

...

7.8CVSS8.8AI score0.00226EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/08 12:0 a.m.•3 views

CVE-2024-40982

...

6.9AI score
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•22 views

Chromium: CVE-2025-1915 Improper Limitation of a Pathname to a Restricted Directory in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.1CVSS6.9AI score0.00415EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•12 views

Chromium: CVE-2025-1914 Out of bounds read in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.00379EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•7 views

Chromium: CVE-2025-1923 Inappropriate Implementation in Permission Prompts

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6.9AI score0.00206EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•12 views

Chromium: CVE-2025-1922 Inappropriate Implementation in Selection

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6.9AI score0.00287EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•6 views

Chromium: CVE-2025-1921 Inappropriate Implementation in Media Stream

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS6.9AI score0.00318EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•12 views

Chromium: CVE-2025-1919 Out of bounds read in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.00379EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•19 views

Chromium: CVE-2025-1918 Out of bounds read in PDFium

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.00384EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•11 views

Chromium: CVE-2025-1917 Inappropriate Implementation in Browser UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS6.9AI score0.0033EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•7 views

Chromium: CVE-2025-1916 Use after free in Profiles

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.9AI score0.00273EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/07 8:0 a.m.•16 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

The UI performs the wrong action in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS5.2AI score0.00657EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/04 8:0 a.m.•2 views

Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos

...

5.3CVSS6.7AI score0.01025EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/04 8:0 a.m.•3 views

Go JOSE's Parsing Vulnerable to Denial of Service

...

8.7CVSS6.7AI score0.00369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/04 8:0 a.m.•5 views

An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user (with access to the endpoint) to perform a remote Denial of service attack. The crash happens because of a NULL pointer dereference when 0 (from the Content-Length) is passed to the function cfl_sds_len, which in turn tries to cast a NULL pointer into struct cfl_sds. This is related to process_payload_metrics_ng() at prom_rw_prot.c.

...

7.5CVSS7.9AI score0.01037EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/03/04 8:0 a.m.•5 views

An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user (with access to the endpoint) to perform a remote Denial of service attack. The crash happens because of a NULL pointer dereference when 0 (from the Content-Length) is passed to the function cfl_sds_len, which in turn tries to cast a NULL pointer into struct cfl_sds. This is related to process_payload_traces_proto_ng() at opentelemetry_prot.c.

...

7.5CVSS7.9AI score0.01037EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/03/04 8:0 a.m.•3 views

SSH SFTP packet size not verified properly in Erlang OTP

...

7CVSS7.2AI score0.0046EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/02 8:0 a.m.•1 views

Openssh: denial-of-service in openssh

...

7.5CVSS7AI score0.38474EPSS
Exploits4
Microsoft CVE
Microsoft CVE
•added 2025/02/28 8:0 a.m.•4 views

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

...

7.8CVSS6.3AI score0.01059EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/02/27 8:0 a.m.•3 views

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.

...

7.8CVSS6.7AI score0.03185EPSS
Exploits2
Microsoft CVE
Microsoft CVE
•added 2025/02/27 8:0 a.m.•2 views

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

...

7.5CVSS6.5AI score0.01009EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/02/27 8:0 a.m.•1 views

heap-use-after-free in function str_to_reg in vim/vim

...

4.2CVSS4.3AI score0.00223EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/02/27 8:0 a.m.•4 views

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

...

9.8CVSS6.6AI score0.0113EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/02/27 8:0 a.m.•1 views

pam_cap: Fix potential configuration parsing error

...

6.1CVSS6.4AI score0.00149EPSS
Exploits0
Total number of security vulnerabilities22107