Lucene search
K

21761 matches found

Microsoft CVE
Microsoft CVE
•added 2025/09/04 12:1 p.m.•2 views

usb: typec: altmodes/displayport: do not index invalid pin_assignments

...

5.5CVSS7AI score0.0017EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:59 a.m.•6 views

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.

...

8.8CVSS7AI score0.00387EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:58 a.m.•6 views

platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks

...

5.5CVSS7AI score0.00156EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:57 a.m.•6 views

elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c.

...

4CVSS7AI score0.00304EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:54 a.m.•7 views

Possible private key restoration in go package github.com/ecies/go

...

4.9CVSS7AI score0.00335EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:49 a.m.•2 views

usb: typec: displayport: Fix potential deadlock

...

5.5CVSS7AI score0.00129EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:47 a.m.•6 views

perf/core: Exit early on perf_mmap() fail

...

7.8CVSS6.8AI score0.00168EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:45 a.m.•5 views

drm/i915/gt: Fix timeline left held on VMA alloc error

...

7.8CVSS7AI score0.00179EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:44 a.m.•3 views

x86/sev: Evict cache lines during SNP memory validation

...

5.5CVSS7AI score0.00153EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:39 a.m.•6 views

eventpoll: Fix semi-unbounded recursion

...

5.5CVSS6.8AI score0.00153EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:35 a.m.•3 views

clk: xilinx: vcu: unregister pll_post only if registered correctly

...

5.5CVSS7AI score0.00146EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:34 a.m.•3 views

Extracting malicious crates can fill the file system

...

6.5CVSS7AI score0.00792EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:33 a.m.•8 views

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

...

8.8CVSS7AI score0.00578EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:31 a.m.•2 views

ipv6: reject malicious packets in ipv6_gso_segment()

...

7.8CVSS6.9AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:29 a.m.•6 views

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

...

7.8CVSS7AI score0.32357EPSS
Exploits11
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:25 a.m.•4 views

f2fs: fix to avoid UAF in f2fs_sync_inode_meta()

...

7.3CVSS7AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:21 a.m.•4 views

NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.

...

9CVSS7AI score0.02541EPSS
Exploits4
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:15 a.m.•5 views

powerpc/eeh: Make EEH driver device hotplug safe

...

5.5CVSS7AI score0.00149EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:15 a.m.•5 views

blk-throttle: Set BIO_THROTTLED when bio has been throttled

...

7.8CVSS7AI score0.00253EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:13 a.m.•4 views

Libssh: use of uninitialized variable in privatekey_from_file()

...

3.6CVSS7AI score0.00181EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:11 a.m.•3 views

Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()'

...

7.8CVSS7AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:9 a.m.•3 views

Improper sanitization of CSS values in html/template

...

7.3CVSS9.3AI score0.01037EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:9 a.m.•6 views

Qemu: denial of service via improper synchronization in qemu nbd server during socket closure

...

7.5CVSS7.1AI score0.01027EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:9 a.m.•7 views

RabbitMQ Node can log Basic Auth header from an HTTP request

...

6.7CVSS7AI score0.00194EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:6 a.m.•5 views

Thor before 1.4.0 can construct an unsafe shell command from library input. NOTE: this is disputed by the Supplier because "the method that was fixed can only be used with arguments that are controlled by Thor, and there is no way an attacker can take control of those arguments."

...

2.8CVSS7AI score0.00155EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:5 a.m.•4 views

Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow

...

9.8CVSS7AI score0.00442EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 11:2 a.m.•4 views

wifi: ath11k: clear initialized flag for deinit-ed srng lists

...

5.5CVSS7AI score0.00148EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:58 a.m.•1 views

scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI

...

7.8CVSS7AI score0.0025EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:58 a.m.•5 views

GNU ncurses parse_entry.c postprocess_termcap stack-based overflow

...

4.8CVSS7AI score0.00162EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:57 a.m.•2 views

net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing

...

7.8CVSS7AI score0.00154EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:53 a.m.•8 views

Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.

...

6.5CVSS7AI score0.01656EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:53 a.m.•9 views

crypto: ccp - Fix crash when rebind ccp device for ccp.ko

...

5.5CVSS7AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:52 a.m.•5 views

Domain Name Validation Bypass with Apple Native Certificate Validation

...

9.2CVSS7AI score0.00222EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:51 a.m.•4 views

staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()

...

5.5CVSS7AI score0.00159EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:47 a.m.•9 views

perf/core: Prevent VMA split of buffer mappings

...

7.8CVSS6.8AI score0.00358EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:46 a.m.•12 views

In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.

...

9.8CVSS7AI score0.00387EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:44 a.m.•2 views

Libxml: null pointer dereference leads to denial of service (dos)

...

7.5CVSS7AI score0.00475EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:44 a.m.•4 views

Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions

...

5.9CVSS7AI score0.00276EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:41 a.m.•4 views

In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.

...

10CVSS7AI score0.00365EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:37 a.m.•3 views

In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.

...

5.3CVSS7AI score0.00385EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:33 a.m.•4 views

Improper handling of JavaScript whitespace in html/template

...

9.8CVSS9.3AI score0.01548EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:33 a.m.•4 views

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow

...

6.5CVSS7AI score0.00275EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:32 a.m.•3 views

Qemu-kvm: usb: assertion failure in usb_ep_get()

...

5.5CVSS7AI score0.00286EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:32 a.m.•4 views

sunrpc: fix handling of server side tls alerts

...

7.5CVSS7AI score0.00528EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:26 a.m.•7 views

The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input.

...

5.9CVSS7AI score0.0038EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:22 a.m.•18 views

WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

...

6.9CVSS7AI score0.0061EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:20 a.m.•6 views

pptp: ensure minimal skb length in pptp_xmit()

...

7.8CVSS6.9AI score0.00167EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:16 a.m.•2 views

f2fs: fix to avoid panic in f2fs_evict_inode

...

6.6CVSS7AI score0.00161EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:15 a.m.•5 views

Insecure parsing of Windows paths with a \??\ prefix in path/filepath

...

7.5CVSS9.3AI score0.02758EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/09/04 10:14 a.m.•4 views

A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

...

7.5CVSS7AI score0.00877EPSS
Exploits0
Total number of security vulnerabilities21761