Lucene search
K

21727 matches found

Microsoft CVE
Microsoft CVE
•added 2025/10/02 6:10 a.m.•5 views

ypserv allows a local user to modify the GECOS and login shells of other users.

...

7.2CVSS7AI score0.00412EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 6:10 a.m.•4 views

ypserv allows local administrators to modify password tables.

...

7.2CVSS7AI score0.00429EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 6:10 a.m.•7 views

Race condition in xterm allows local users to modify arbitrary files via the logging option.

...

6.2CVSS7AI score0.00334EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 6:10 a.m.•3 views

In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

...

7.2CVSS7AI score0.00441EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:8 a.m.•3 views

mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer

...

5.5CVSS7AI score0.0014EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:7 a.m.•5 views

net: phylink: add lock for serializing concurrent pl->phydev writes with resolver

...

7CVSS7AI score0.00102EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:7 a.m.•2 views

af_unix: Fix null-ptr-deref in unix_stream_sendpage().

...

7AI score0.00027EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:7 a.m.•4 views

can: j1939: implement NETDEV_UNREGISTER notification handler

...

5.5CVSS7AI score0.0012EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•6 views

mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()

...

5.5CVSS7AI score0.00093EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•4 views

i40e: remove read access to debugfs files

...

7.1CVSS7AI score0.00141EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•7 views

ceph: fix race condition validating r_parent before applying state

...

4.7CVSS7AI score0.001EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•9 views

hv_netvsc: Don't free decrypted memory

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•3 views

Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•5 views

net: hns3: fix kernel crash when devlink reload during initialization

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:6 a.m.•4 views

net: hns3: fix kernel crash when devlink reload during pf initialization

...

5.5CVSS7AI score0.00222EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:5 a.m.•4 views

Timing side-channel in SM2 algorithm on 64 bit ARM

...

6.5CVSS7AI score0.02234EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:5 a.m.•9 views

A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS).

...

7.5CVSS7AI score0.0042EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:5 a.m.•8 views

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results.

...

5.3CVSS7AI score0.0036EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:5 a.m.•6 views

A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS).

...

7.5CVSS7AI score0.00381EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:5 a.m.•6 views

In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error.

...

5.3CVSS7AI score0.00338EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:4 a.m.•6 views

PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True.

...

5.3CVSS7AI score0.00391EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:4 a.m.•5 views

GNU Binutils objdump.c dump_dwarf_section out-of-bounds

...

5.5CVSS7AI score0.00189EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:4 a.m.•6 views

leds: mlxreg: Use devm_mutex_init() for mutex initialization

...

5.5CVSS7AI score0.00227EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:4 a.m.•6 views

leds: an30259a: Use devm_mutex_init() for mutex initialization

...

5.5CVSS7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/02 1:4 a.m.•3 views

net/mlx5e: Avoid field-overflowing memcpy()

...

7.8CVSS7AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•5 views

The filename of uploaded files vulnerable to stored XSS in Bolt CMS

...

7.4CVSS7AI score0.02026EPSS
Exploits3
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•4 views

CSRF issue on preview pages in Bolt CMS

...

8.6CVSS7AI score0.01766EPSS
Exploits3
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•6 views

GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.

...

5.5CVSS7AI score0.00401EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•7 views

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion

...

7.5CVSS7AI score0.02447EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•14 views

Bolt before 3.6.10 has XSS via createFolder or createFile in Controller/Async/FilesystemManager.php

...

6.1CVSS7AI score0.00861EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•7 views

Bolt before 3.6.10 has XSS via an image's alt or title field.

...

6.1CVSS7AI score0.00861EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•8 views

Bolt before 3.6.10 has XSS via a title that is mishandled in the system log

...

6.1CVSS7AI score0.00861EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:11 p.m.•7 views

PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element.

...

7.8CVSS7AI score0.02088EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•3 views

WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service

...

5.5CVSS7AI score0.02846EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•4 views

Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

5.5CVSS7AI score0.03024EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•6 views

Integer overflow in sfcommands/sfconvert.c in Audio File Library

...

5.5CVSS7AI score0.02951EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•6 views

Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

5.5CVSS7AI score0.02869EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•5 views

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

5.5CVSS7AI score0.02994EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•6 views

Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

5.5CVSS7AI score0.0261EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•3 views

Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service via a crafted file.

...

5.5CVSS7AI score0.0277EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•3 views

Vulnerability in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service

...

5.5CVSS7AI score0.02813EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•3 views

Heap-based buffer overflow in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service

...

5.5CVSS7AI score0.02979EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•5 views

The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

5.5CVSS7AI score0.02846EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•5 views

Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact

...

7.8CVSS7AI score0.03241EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•4 views

Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service (crash) via a crafted file.

...

5.5CVSS7AI score0.03091EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•4 views

libplist allows attackers to cause a denial of service (large memory allocation and crash) via vectors involving an offset size of zero.

...

7.5CVSS7AI score0.02926EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•4 views

The parse_dict_node function in bplist.c in libplist allows attackers to cause a denial of service

...

5.5CVSS7AI score0.01297EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•4 views

The plist_free_data function libplist allows attackers to cause a denial of service

...

7.5CVSS7AI score0.02657EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•6 views

Heap-based buffer overflow in audiofile allows remote attackers to have unspecified impact via a crafted audio file

...

7.8CVSS7AI score0.0294EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/10/01 11:10 p.m.•4 views

The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service

...

7.5CVSS7AI score0.05259EPSS
Exploits1
Total number of security vulnerabilities21727