Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2026/01/15 5:16 p.m.•3 views

CVE-2025-70310

A heap overflow in the vorbistointern function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .ogg file...

5.5CVSS5.9AI score0.00141EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/15 5:16 p.m.•6 views

CVE-2025-70308

An out-of-bounds read in the GSF demuxer filter component of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .gsf file...

7.5CVSS5.9AI score0.00323EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/15 5:16 p.m.•4 views

CVE-2025-66417

GLPI is a free asset and IT management software package. From 11.0.0, 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 11.0.3...

9.8CVSS5.9AI score0.00436EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/15 5:16 p.m.•3 views

CVE-2025-70304

A buffer overflow in the vobsubgetsubpicduration function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted packet...

7.5CVSS6AI score0.00343EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/15 5:16 p.m.•2 views

CVE-2025-70305

A stack overflow in the dmxsaf function of GPAC v2.4.0 allows attackers to cause a Denial of Service DoS via a crafted .saf file...

5.5CVSS5.9AI score0.00188EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/15 5:16 p.m.•4 views

CVE-2025-70298

GPAC v2.4.0 was discovered to contain an out-of-bounds read in the oggdmxparsetags function...

8.2CVSS5.9AI score0.00394EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/15 4:16 p.m.•4 views

CVE-2025-64516

GLPI is a free asset and IT management software package. Prior to 10.0.21 and 11.0.3, an unauthorized user can access GLPI documents attached to any item ticket, asset, .... If the public FAQ is enabled, this unauthorized access can be performed by an anonymous user. This vulnerability is fixed i...

7.5CVSS5.8AI score0.00277EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2026/01/15 3:15 p.m.•3 views

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS5.9AI score0.00419EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/15 3:15 p.m.•6 views

CVE-2026-0990

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

5.9CVSS5.9AI score0.00755EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/01/15 3:15 p.m.•3 views

CVE-2026-0992

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to...

2.9CVSS5.9AI score0.00308EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/01/15 2:16 p.m.•3 views

CVE-2026-0897

Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...

7.5CVSS6.8AI score0.00299EPSS
Exploits3References2
UbuntuCve
UbuntuCve
•added 2026/01/14 9:15 p.m.•2 views

CVE-2026-0961

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

6.5CVSS5.8AI score0.00174EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/01/14 9:15 p.m.•2 views

CVE-2026-0962

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

6.5CVSS6.1AI score0.00206EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2026/01/14 9:15 p.m.•1 views

CVE-2026-0960

HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service...

5.5CVSS5.9AI score0.00122EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/14 9:15 p.m.•3 views

CVE-2026-0959

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

6.5CVSS5.9AI score0.00178EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/01/14 9:15 p.m.•4 views

CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

8.4CVSS6AI score0.00352EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/14 7:16 p.m.•3 views

CVE-2025-11224

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.10 before 18.3.6, 18.4 before 18.4.4, and 18.5 before 18.5.2 that could have allowed an authenticated user to execute stored cross-site scripting through improper input validation in the Kubernetes proxy functionality...

7.7CVSS6.1AI score0.00313EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2026/01/14 7:16 p.m.•5 views

CVE-2026-22036

Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This...

7.5CVSS6.7AI score0.00433EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•4 views

CVE-2026-22853

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR’s NDR array reader does not perform bounds checking on the on‑wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

9.8CVSS6.1AI score0.00662EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•4 views

CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

9.1CVSS6AI score0.00756EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•1 views

CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

9.1CVSS5.8AI score0.00599EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•3 views

CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out‑of‑bounds read. This vulnerability is...

9.1CVSS5.9AI score0.00756EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•1 views

CVE-2026-22854

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap...

9.8CVSS6AI score0.00453EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•1 views

CVE-2026-22856

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it. This vulnerability is fixed in 3.20.1...

8.1CVSS5.9AI score0.00286EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•3 views

CVE-2026-22851

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

8.2CVSS5.9AI score0.00247EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•2 views

CVE-2026-22857

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

9.8CVSS5.9AI score0.00453EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 6:16 p.m.•2 views

CVE-2026-22852

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS...

9.8CVSS5.9AI score0.00365EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2026/01/14 5:16 p.m.•3 views

CVE-2025-70968

FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE...

9.8CVSS5.8AI score0.00451EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2026/01/14 4:15 p.m.•3 views

CVE-2025-14242

A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence...

6.5CVSS7.2AI score0.00737EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•6 views

CVE-2025-71117

In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...

5.5CVSS5.8AI score0.00083EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71130

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915gemdoexecbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb-vmai.vma pointers to NULL, simplifying...

5.5CVSS6AI score0.00121EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71144

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure context reset on disconnect After the blamed commit below, if the MPC subflow is already in TCPCLOSE status or has fallback to TCP at mptcpdisconnect time, mptcpdofastclose skips setting the sendfastclose flag and t...

5.5CVSS5.9AI score0.00116EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•1 views

CVE-2025-71119

In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Waking offline cpu 228...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•4 views

CVE-2025-71137

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" This patch ensures that the RX ring size rxpending is not set below the permitted length. This avoids UBSAN shift-out-of-bounds errors when users passes small or zero ring size...

7.8CVSS5.7AI score0.00157EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71132

In the Linux kernel, the following vulnerability has been resolved: smc91x: fix broken irq-context in PREEMPTRT When smc91x.c is built with PREEMPTRT, the following splat occurs in FVPRevC: 13.055000 smc91x LNRO0003:00 eth0: link up, 10Mbps, half-duplex, lpa 0x0000 13.062137 BUG: workqueue leaked...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•5 views

CVE-2025-71122

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMUTESTOPADDRESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARNON by corrupting the reserved interval tree. This only effects test kernels with...

7.8CVSS5.8AI score0.00182EPSS
Exploits0References24
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•4 views

CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•5 views

CVE-2025-71114

In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•2 views

CVE-2025-71125

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•4 views

CVE-2025-71136

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It's possible for cpread and hdmiread to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•6 views

CVE-2025-71126

In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted --------------------------------------------...

5.5CVSS5.9AI score0.00111EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71111

In the Linux kernel, the following vulnerability has been resolved: hwmon: w83791d Convert macros to functions to avoid TOCTOU The macro FANFROMREG evaluates its arguments multiple times. When used in lockless contexts involving shared driver data, this leads to Time-of-Check to Time-of-Use TOCTO...

4.7CVSS5.9AI score0.00089EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•1 views

CVE-2025-71143

In the Linux kernel, the following vulnerability has been resolved: clk: samsung: exynos-clkout: Assign .num before accessing .hws Commit f316cdff8d67 "clk: Annotate struct clkhwonecelldata with countedby" annotated the hws member of 'struct clkhwonecelldata' with countedby, which informs the...

7.8CVSS5.9AI score0.00122EPSS
Exploits0References24
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•5 views

CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71134

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: change all pageblocks migrate type on coalescing When a page is freed it coalesces with a buddy into a higher order page while possible. When the buddy page migrate type differs, it is expected to be updated to matc...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71120

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•2 views

CVE-2025-71112

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlandelfailbmap is BITSTOLONGSVLANNVID. It may cause...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References35
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•2 views

CVE-2025-71129

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2026/01/14 3:16 p.m.•1 views

CVE-2025-71123

In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...

7.8CVSS6AI score0.00153EPSS
Exploits0References24
Total number of security vulnerabilities68528