Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/05 4:15 p.m.•5 views

CVE-2025-66418

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory...

8.9CVSS6.8AI score0.00622EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/05 1:16 p.m.•4 views

CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

7.5CVSS7.5AI score0.00836EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2025/12/05 5:16 a.m.•1 views

CVE-2025-32898

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 5...

4.7CVSS5.8AI score0.0013EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•1 views

CVE-2025-32900

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...

4.3CVSS5.8AI score0.00102EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•6 views

CVE-2025-6966

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

6.9CVSS5.9AI score0.00122EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•4 views

CVE-2025-32899

In KDE Connect before 1.33.0 on Android, a packet can be crafted that causes two paired devices to unpair. Specifically, it is an invalid discovery packet sent over broadcast UDP...

4.3CVSS5.9AI score0.00158EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•4 views

CVE-2025-32901

In KDE Connect before 1.33.0 on Android, malicious device IDs sent via broadcast UDP could cause an application crash...

4.3CVSS5.8AI score0.00158EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•3 views

CVE-2025-59775

Server-Side Request Forgery SSRF vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes...

7.5CVSS7AI score0.00771EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•2 views

CVE-2025-55753

An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: fro...

7.5CVSS7.1AI score0.00402EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•2 views

CVE-2025-65082

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

6.5CVSS6.8AI score0.00758EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•5 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS7AI score0.015EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/05 12:0 a.m.•2 views

CVE-2025-66200

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

5.4CVSS6.6AI score0.00569EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/04 11:15 p.m.•3 views

CVE-2025-66564

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits via a call to strings.Split an optionally-provided OID which is untrusted data on periods. Similarly, function api.getContentType splits the Content-Type heade...

7.5CVSS5.9AI score0.00411EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/04 10:15 p.m.•2 views

CVE-2025-66506

Fulcio is a free-to-use certificate authority for issuing code signing certificates for an OpenID Connect OIDC identity. Prior to 1.8.3, function identity.extractIssuerURL splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious...

7.5CVSS6.8AI score0.00191EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/12/04 8:16 p.m.•1 views

CVE-2025-63499

Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting XSS via the theme parameter...

6.1CVSS5.9AI score0.00269EPSS
Exploits2References3
UbuntuCve
UbuntuCve
•added 2025/12/04 7:16 p.m.•4 views

CVE-2025-65637

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving...

7.5CVSS7.1AI score0.00585EPSS
Exploits1References10
UbuntuCve
UbuntuCve
•added 2025/12/04 5:15 p.m.•4 views

CVE-2025-66287

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling...

8.8CVSS7.1AI score0.004EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/04 5:15 p.m.•4 views

CVE-2025-66516

Critical XXE in Apache Tika tika-core 1.13-3.2.1, tika-pdf-module 2.0.0-3.2.1 and tika-parsers 1.13-1.28.5 modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. This CVE covers the same vulnerability as in CVE-2025-54988...

9.8CVSS7.2AI score0.79807EPSS
Exploits5References4
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40235

In the Linux kernel, the following vulnerability has been resolved: btrfs: directly free partially initialized fsinfo in btrfscheckleakedroots If fsinfo-supercopy or fsinfo-superforcommit allocated failed in btrfsgettreesubvol, then no need to call btrfsfreefsinfo. Otherwise btrfscheckleakedroots...

5.7AI score0.00172EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40230

In the Linux kernel, the following vulnerability has been resolved: mm: prevent poison consumption when splitting THP When performing memory error injection on a THP Transparent Huge Page mapped to userspace on an x86 server, the kernel panics with the following trace. The expected behavior is to...

5.8AI score0.00186EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40233

In the Linux kernel, the following vulnerability has been resolved: ocfs2: clear extent cache after moving/defragmenting extents The extent map cache can become stale when extents are moved or defragmented, causing subsequent operations to see outdated extent flags. This triggers a BUGON in...

5.7AI score0.00184EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40238

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix IPsec cleanup over MPV device When we do mlx5edetachnetdev we eventually disable blocking events notifier, among those events are IPsec MPV events from IB to core. So before disabling those blocking events, make sur...

5.7AI score0.00172EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40237

In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...

5.7AI score0.00174EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40241

In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes, which are related to the new encoded extents introduced in Linux 6.15: - The first one 1 has plen !...

5.7AI score0.00161EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40236

In the Linux kernel, the following vulnerability has been resolved: virtio-net: zero unused hash fields When GSO tunnel is negotiated virtionethdrtnlfromskb tries to initialize the tunnel metadata but forget to zero unused rxhash fields. This may leak information to another side. Fixing this by...

5.7AI score0.00162EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40234

In the Linux kernel, the following vulnerability has been resolved: platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers Devices without the AWCC interface don't initialize awcc. Add a check before dereferencing it in sleep handlers...

5.7AI score0.00162EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40242

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlmputlock In gdlmputlock, there is a small window of time in which the DFLUNMOUNT flag has been set but the lockspace hasn't been released, yet. In that window, dlm may still call gdlmast and gdlmbast...

5.7AI score0.00174EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40248

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect if already established During connect, acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect invoking vsocktransportcancelpkt -...

5.8AI score0.00203EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40243

In the Linux kernel, the following vulnerability has been resolved: hfs: fix KMSAN uninit-value issue in hfsfindsetzerobits The syzbot reported issue in hfsfindsetzerobits: ===================================================== BUG: KMSAN: uninit-value in hfsfindsetzerobits+0x74d/0xb60...

5.8AI score0.00184EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40259

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Do not sleep in atomic context sgfinishremreq calls blkrqunmapuser. The latter function may sleep. Hence, call sgfinishremreq with interrupts enabled instead of disabled...

5.9AI score0.00175EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40253

In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fix double-kfree The function 'mpcrcvdsweepreqmpcginfo' is called conditionally from function 'ctcmpcunpackskb'. It frees passed mpcginfo. After that a call to function 'kfree' in function 'ctcmpcunpackskb' frees it...

5.7AI score0.00184EPSS
Exploits0References33
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40252

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...

5.9AI score0.00179EPSS
Exploits0References32
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40260

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix scxenable crash on helper kthread creation failure A crash was observed when the schedext selftests runner was terminated with Ctrl+\ while test 15 was running: NIP c00000000028fa58 scxenable.constprop.0+0x358/0x12b...

5.8AI score0.0015EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40255

In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generichwtstampioctllower The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampget -...

5.7AI score0.00162EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40249

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput on a file descriptor, the release action may be deferred and scheduled on a work queue. The reference count of that descriptor i...

5.7AI score0.00162EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40251

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to "Unset parent for all rate objects". However, it was only calling the driver-specific rateleafparentset or...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40261

In the Linux kernel, the following vulnerability has been resolved: nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrl nvmefcdeleteassocation waits for pending I/O to complete before returning, and an error can cause -ioerrwork to be queued after cancelworksync had been called. Mov...

5.9AI score0.00171EPSS
Exploits0References32
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40266

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...

6AI score0.00162EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40265

In the Linux kernel, the following vulnerability has been resolved: vfat: fix missing sbminblocksize return value checks When emulating an nvme device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, but without format, a kernel panic was triggered during the early boot stag...

5.7AI score0.00167EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40257

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix a race in mptcppmdeladdtimer mptcppmdeladdtimer can call skstoptimersyncsk, &entry-addtimer while another might have free entry already, as reported by syzbot. Add RCU protection to fix this issue. Also change confusin...

5.9AI score0.00171EPSS
Exploits0References32
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•9 views

CVE-2025-40256

In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...

5.9AI score0.00179EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40231

In the Linux kernel, the following vulnerability has been resolved: vsock: fix lock inversion in vsockassigntransport Syzbot reported a potential lock inversion deadlock between vsockregistermutex and sklock-AFVSOCK when vsocklinger is called. The issue was introduced by commit 687aa0c5581b "vsoc...

5.7AI score0.00179EPSS
Exploits0References38
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40222

In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling The receive error handling code is shared between RSCI and all other SCIF port types, but the RSCI overrunreg is specified as a memory offset, while for other SCIF types it is a...

5.8AI score0.00162EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40246

In the Linux kernel, the following vulnerability has been resolved: xfs: fix out of bounds memory read error in symlink repair xfs/286 produced this report on my test fleet: ================================================================== BUG: KFENCE: out-of-bounds read in memcpyorig+0x54/0x110...

6AI score0.00172EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

5.8AI score0.00179EPSS
Exploits0References37
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40226

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Account for failed debug initialization When the SCMI debug subsystem fails to initialize, the related debug root will be missing, and the underlying descriptor will be NULL. Handle this fault condition in the...

5.7AI score0.00174EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40225

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix kernel panic on partial unmap of a GPU VA region This commit address a kernel panic issue that can happen if Userspace tries to partially unmap a GPU virtual region aka drmgpuva. The VMBIND interface allows parti...

5.7AI score0.00172EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•3 views

CVE-2025-40232

In the Linux kernel, the following vulnerability has been resolved: rv: Fully convert enabledmonitors to use listhead as iterator The callbacks in enabledmonitorsseqops are inconsistent. Some treat the iterator as struct rvmonitor , while others treat the iterator as struct listhead . This causes...

5.7AI score0.00162EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•1 views

CVE-2025-40250

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clean up only new IRQ glue on requestirq failure The mlx5irqalloc function can inadvertently free the entire rmap and end up in a crash1 when the other threads tries to access this, when requestirq fails due to exhauste...

5.9AI score0.00178EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-40263

In the Linux kernel, the following vulnerability has been resolved: Input: croseckeyb - fix an invalid memory access If croseckeybregistermatrix isn't called due to buttonsswitchesonly in croseckeybprobe, ckdev-idev remains NULL. An invalid memory access is observed in croseckeybprocess when...

5.9AI score0.00167EPSS
Exploits0References33
Total number of security vulnerabilities68528