Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/29 6:15 p.m.•5 views

CVE-2025-66877

Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8...

7.5CVSS5.9AI score0.00286EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•6 views

CVE-2025-66865

An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS5.9AI score0.00323EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•3 views

CVE-2025-66864

An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS5.9AI score0.00204EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•6 views

CVE-2025-66869

Buffer overflow vulnerability in function strcat in asaninterceptors.cpp in libming 0.4.8...

7.5CVSS5.9AI score0.00286EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•3 views

CVE-2025-66863

An issue was discovered in function ddiscriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS5.9AI score0.00323EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•3 views

CVE-2025-66862

A buffer overflow vulnerability in function gnuspecial in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6AI score0.00318EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•2 views

CVE-2025-66861

An issue was discovered in function dunqualifiedname in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file...

2.5CVSS5.9AI score0.00123EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/29 5:15 p.m.•2 views

CVE-2025-66866

An issue was discovered in function dabitags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS5.9AI score0.00279EPSS
Exploits2References2
UbuntuCve
UbuntuCve
•added 2025/12/29 3:16 p.m.•3 views

CVE-2025-60458

UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted RTSP TEARDOWN request can trigger multiple calls to free on the same memory address, potentially causing a Denial of Service...

6.5CVSS5.9AI score0.00273EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/28 5:16 p.m.•8 views

CVE-2025-68973

In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...

7.8CVSS7.1AI score0.00129EPSS
Exploits1References15
UbuntuCve
UbuntuCve
•added 2025/12/27 11:15 p.m.•5 views

CVE-2025-68972

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds although an "invalid armor" message is printed...

5.9CVSS5.9AI score0.00104EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/27 8:15 p.m.•2 views

CVE-2025-14177

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, the getimagesize function may leak uninitialized heap memory into the APPn segments e.g., APP1 when reading images in multi-chunk mode such as via php://filter. This occurs due to a...

7.5CVSS7.2AI score0.00474EPSS
Exploits3References4
UbuntuCve
UbuntuCve
•added 2025/12/27 8:15 p.m.•3 views

CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

8.2CVSS7.1AI score0.00573EPSS
Exploits2References4
UbuntuCve
UbuntuCve
•added 2025/12/27 8:15 p.m.•2 views

CVE-2025-14178

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE, due to an integer overflow in the precomputation of...

8.2CVSS6.8AI score0.00428EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•1 views

CVE-2025-68944

Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries...

5.3CVSS7.1AI score0.00253EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•3 views

CVE-2025-68943

Gitea before 1.21.8 inadvertently discloses users' login times by allowing for example the lastlogintime explore/users sort order...

5.3CVSS7.1AI score0.00328EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•2 views

CVE-2025-68945

In Gitea before 1.21.2, an anonymous user can visit a private user's project...

5.8CVSS7.1AI score0.00328EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•2 views

CVE-2025-68940

In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request...

5.3CVSS7.1AI score0.00251EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•3 views

CVE-2025-68939

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API...

8.2CVSS7.1AI score0.00295EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•1 views

CVE-2025-68942

Gitea before 1.22.2 allows XSS because the search input box for creating tags and branches is v-html instead of v-text...

5.4CVSS7.1AI score0.00222EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•3 views

CVE-2025-68941

Gitea before 1.22.3 mishandles access to a private resource upon receiving an API token with scope limited to public resources...

5.3CVSS7.1AI score0.00238EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•3 views

CVE-2025-68938

Gitea before 1.25.2 mishandles authorization for deletion of releases...

5.3CVSS7.1AI score0.00349EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/26 12:0 a.m.•4 views

CVE-2025-68946

In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS...

5.4CVSS7.1AI score0.00222EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/24 10:15 p.m.•3 views

CVE-2025-68920

C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system...

8.9CVSS6AI score0.00373EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/24 8:15 p.m.•6 views

CVE-2018-25154

GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system...

9.8CVSS6.4AI score0.00332EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2025/12/24 8:15 p.m.•2 views

CVE-2018-25153

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...

5.7AI score0.00028EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/24 4:15 p.m.•1 views

CVE-2025-68750

In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbgmaketpg The variable tpgt in usbgmaketpg is defined as unsigned long and is assigned to tpgt-tporttpgt, which is defined as u16. This may cause an integer overflow when tpgt is greater than...

5.8AI score0.0018EPSS
Exploits0References26
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•2 views

CVE-2023-54076

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix missed ses refcounting Use new cifssmbsesincrefcount helper to get an active reference of @ses and @ses-dfsrootses if set. This will prevent @ses-dfsrootses of being put in the next call to cifsputsmbses and thus...

5.7AI score0.00155EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•2 views

CVE-2023-54087

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix possible null-ptr-deref in ubifreevolume It willl cause null-ptr-deref in the following case: uifinit ubiaddvolume cdevadd - if it fails, call killvolumes deviceregister killvolumes - if ubiaddvolume fails call this...

5.9AI score0.00184EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•10 views

CVE-2022-50755

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call Trace: invalidatebhlru+0x99/0x150...

5.9AI score0.00239EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•3 views

CVE-2023-54102

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Prevent lpfcdebugfslockstatwrite buffer overflow A static code analysis tool flagged the possibility of buffer overflow when using copyfromuser for a debugfs entry. Currently, it is possible that copyfromuser copies...

6.2AI score0.00199EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•3 views

CVE-2023-54157

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

5.7AI score0.00168EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•5 views

CVE-2023-54142

In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...

5.9AI score0.00195EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•1 views

CVE-2022-50779

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object 0xffff8881652ba000 size 4096: comm "insmod", pid 1701, jiffies...

6AI score0.00244EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•3 views

CVE-2023-54107

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: dropping parent refcount after pdfreefn is done Some cgroup policies will access parent pd through child pd even after pdofflinefn is done. If pdfreefn for parent is called before child, then UAF can be triggered. Hen...

5.7AI score0.00156EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•2 views

CVE-2025-68735

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUPCREATE ioctl function, which arose as pointer to the group is accessed in that ioctl function after...

5.7AI score0.00181EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•5 views

CVE-2022-50772

In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimbusdevnew If deviceregister failed in nsimbusdevnew, the value of reference in nsimbusdev-dev is 1. obj-name in nsimbusdev-dev will not be released. unreferenced object 0xffff88810352c480 size 16...

5.7AI score0.00195EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•1 views

CVE-2023-54108

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...

5.7AI score0.0018EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•3 views

CVE-2022-50736

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix immediate work request flush to completion queue Correctly set send queue element opcode during immediate work request flushing in post sendqueue operation, if the QP is in ERROR state. An undefined ocode value...

5.9AI score0.00206EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•2 views

CVE-2023-54057

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrsacpihid command-line parameter The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf has no width limitation...

6.2AI score0.00206EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•9 views

CVE-2023-54144

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by correctly initializing the p2plink attr before creating the sysfs file: +0.002865 ------------ cut here...

5.7AI score0.00166EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•6 views

CVE-2023-54084

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-digi00x: prevent potential use after free This code was supposed to return an error code if initstream failed, but it instead freed dg00x-rxstream and returned success. This potentially leads to a use after free...

5.9AI score0.0018EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•2 views

CVE-2023-54141

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Add missing hwops-getringselector for IPQ5018 During sending data after clients connected, hwops-getringselector will be called. But for IPQ5018, this member isn't set, and the following NULL pointer exception will ...

5.7AI score0.00173EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•4 views

CVE-2023-54089

In the Linux kernel, the following vulnerability has been resolved: virtiopmem: add the missing REQOPWRITE for flush bio When doing mkfs.xfs on a pmem device, the following warning was ------------ cut here ------------ WARNING: CPU: 2 PID: 384 at block/blk-core.c:751 submitbionoacct Modules link...

5.7AI score0.00173EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•3 views

CVE-2022-50782

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bugon in estreesearch caused by bad quota inode We got a issue as fllows: ================================================================== kernel BUG at fs/ext4/extentsstatus.c:202! invalid opcode: 0000 1 PREEMPT SMP...

6.1AI score0.0019EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•9 views

CVE-2022-50742

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible refcount leak in afuioctl eventfdctxput need to be called to put the refcount that gotten by eventfdctxfdget when ocxlirqsethandler fails...

5.9AI score0.00211EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•3 views

CVE-2022-50753

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/showbug.cgi?id=216456 BUG: KASAN: use-after-free in recoverdata+0x63ae/0x6ae0 f2fs Read of size 4 at addr...

5.9AI score0.00206EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•4 views

CVE-2023-54043

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not add the same hwpt to the ioas-hwptlist twice The hwpt is added to the hwptlist only during its creation, it is never added again. This hunk is some missed leftover from rework. Adding it twice will corrupt the...

5.7AI score0.00189EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•4 views

CVE-2022-50780

In the Linux kernel, the following vulnerability has been resolved: net: fix UAF issue in nfqnlnfhookdrop when opsinit failed When the opsinit interface is invoked to initialize the net, but ops-init fails, data is released. However, the ptr pointer in net-gen is invalid. In this case, when...

5.9AI score0.0018EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/24 1:16 p.m.•7 views

CVE-2022-50778

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.6AI score0.00199EPSS
Exploits0References4
Total number of security vulnerabilities68528