Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/10/31 12:0 a.m.•3 views

CVE-2025-57106

Kitware VTK Visualization Toolkit up to 9.5.0 is vulnerable to Buffer Overflow in vtkGLTFDocumentLoader. The vulnerability occurs in the BufferDataExtractionWorker template function when processing GLTF accessor data...

7.5CVSS5.8AI score0.00392EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/30 7:16 p.m.•2 views

CVE-2025-57109

Kitware VTK Visualization Toolkit 9.5.0 is vulnerable to Heap Use-After-Free in vtkGLTFImporter::ImportActors. When processing GLTF files with invalid scene node references, the application accesses string members of mesh objects that have been previously freed during actor import operations...

6.5CVSS5.8AI score0.00256EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/30 6:15 p.m.•1 views

CVE-2025-64118

node-tar is a Tar for Node.js. In 7.5.1, using .t aka .list with sync: true to read tar entry contents returns uninitialized memory contents if tar file was changed on disk to a smaller size while being read. This vulnerability is fixed in 7.5.2...

6.1CVSS6.8AI score0.00128EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/30 5:15 p.m.•5 views

CVE-2025-12060

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

8.9CVSS7.2AI score0.00593EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/30 11:15 a.m.•5 views

CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

8.5CVSS5.8AI score0.0055EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40101

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST At the end of btrfsloadblockgroupzoneinfo the first thing we do is to ensure that if the mapping type is not a SINGLE one and there is no RAID stripe...

5.8AI score0.00181EPSS
Exploits0References20
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40086

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds An array of VM binds can potentially evict other buffer objects BOs within the same VM under certain conditions, which may lead to NULL pointer dereferences late...

5.9AI score0.0017EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40090

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix recursive locking in RPC handle list access Since commit 305853cce3794 "ksmbd: Fix race condition in RPC handle list access", ksmbdsessionrpcmethod attempts to lock sess-rpclock. This causes hung connections / tasks wh...

5.5CVSS5.9AI score0.00138EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40098

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41getacpimutestate Return value of a function acpievaluatedsm is dereferenced without checking for NULL, but it is usually checked for this function. acpievaluatedsm may...

5.7AI score0.0017EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40089

In the Linux kernel, the following vulnerability has been resolved: cxl/features: Add check for no entries in cxlfeatureinfo cxl EDAC calls cxlfeatureinfo to get the feature information and if the hardware has no Features support, cxlfs may be passed in as NULL. 51.957498 BUG: kernel NULL pointer...

5.7AI score0.0017EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40097

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix missing pointer check in hdacomponentmanagerinit function The componentmatchadd function may assign the 'matchptr' pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack leading to...

5.7AI score0.00181EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40096

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drmschedjobaddresvdependencies When adding dependencies with drmschedjobadddependency, that function consumes the fence reference both on success and failure, so in the latter case the...

6.7AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40104

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: fix mailbox API compatibility by negotiating supported features There was backward compatibility in the terms of mailbox API. Various drivers from various OSes supporting 10G adapters from Intel portfolio could easily...

5.8AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40100

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not assert we found block group item when creating free space tree Currently, when building a free space tree at populatefreespacetree, if we are not using the block group tree feature, we always expect to find block...

5.7AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•6 views

CVE-2025-40087

In the Linux kernel, the following vulnerability has been resolved: NFSD: Define a proclayoutcommit for the FlexFiles layout type Avoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT operation on a FlexFiles layout...

5.7AI score0.00193EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40091

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

5.7AI score0.0017EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40088

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplusstrcasecmp The hfsplusstrcasecmp logic can trigger the issue: 117.317703 T9855 ================================================================== 117.318353 T9855 BUG: KASAN:...

5.7AI score0.00193EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40095

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: frndis: Refactor bind path to use free After an bind/unbind cycle, the rndis-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

5.7AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40092

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Refactor bind path to use free After an bind/unbind cycle, the ncm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

5.7AI score0.00188EPSS
Exploits0References37
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•3 views

CVE-2025-40093

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fecm: Refactor bind path to use free After an bind/unbind cycle, the ecm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

5.7AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40103

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink needs to be called after successful calls to cifssbtlink. Three calls...

5.7AI score0.00188EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40105

In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount When user calls openbyhandleat on some inode that is not cached, we will create disconnected dentry for it. If such dentry is a directory, exportfsdecodefhraw will then try to conne...

5.7AI score0.00193EPSS
Exploits0References39
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•4 views

CVE-2025-40094

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: facm: Refactor bind path to use free After an bind/unbind cycle, the acm-notifyreq is left stale. If a subsequent bind fails, the unified error label attempts to free this stale request, leading to a NULL pointer...

5.7AI score0.00188EPSS
Exploits0References37
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•2 views

CVE-2025-40102

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

5.8AI score0.00183EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/30 12:0 a.m.•1 views

CVE-2025-40099

In the Linux kernel, the following vulnerability has been resolved: cifs: parsedfsreferrals: prevent oob on malformed input Malicious SMB server can send invalid reply to FSCTLDFSGETREFERRALS - reply smaller than sizeofstruct getdfsreferralrsp - reply with number of referrals smaller than...

5.7AI score0.00183EPSS
Exploits0References22
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•6 views

CVE-2025-58189

When Conn.Handshake fails during ALPN negotiation the error contains attacker controlled information the ALPN protocols sent by the client which is not escaped...

5.3CVSS7.1AI score0.00443EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•5 views

CVE-2025-47912

The Parse function permits values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed within square brackets. For example: "http://::1/". IPv4 addresses and hostnames mus...

5.3CVSS7AI score0.00443EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•3 views

CVE-2025-58187

Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...

7.5CVSS7AI score0.00384EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•8 views

CVE-2025-58183

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

4.3CVSS7.1AI score0.00419EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•4 views

CVE-2025-58188

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains...

7.5CVSS7AI score0.00361EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•4 views

CVE-2025-61725

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS6.8AI score0.00613EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•4 views

CVE-2025-61723

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs...

7.5CVSS6.9AI score0.00626EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•4 views

CVE-2025-58185

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion...

5.3CVSS7.1AI score0.00526EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•5 views

CVE-2025-58186

Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does not have a limit. By sending a lot of very small cookies such as "a=;", an attacker can make an HTTP server allocate a large amount of structs, causing large memory consumption...

5.3CVSS7.1AI score0.00534EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 11:16 p.m.•3 views

CVE-2025-61724

The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a response is large, this can cause excessive CPU consumption...

5.3CVSS7.1AI score0.00526EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•1 views

CVE-2025-10923

GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.4AI score0.00371EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•3 views

CVE-2025-10920

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

7.8CVSS7.4AI score0.00371EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•2 views

CVE-2025-10921

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.00452EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•1 views

CVE-2025-10934

GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.00452EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•2 views

CVE-2025-10924

GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS7.6AI score0.00371EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•4 views

CVE-2025-10922

GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS7.4AI score0.00644EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/29 8:15 p.m.•2 views

CVE-2025-10925

GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

7.8CVSS7.5AI score0.02751EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/29 6:15 p.m.•1 views

CVE-2025-11232

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "^A-Za-z0-9.-"; "hostname-char-replacement" must be empty the default; and "ddns-qualifying-suffix" must NOT be empty the default is empty. DDNS...

7.5CVSS5.8AI score0.00387EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/29 2:15 p.m.•1 views

CVE-2025-40085

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in trytoregistercard In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check, which will lead to a NULL pointer dereference...

5.7AI score0.00188EPSS
Exploits0References37
UbuntuCve
UbuntuCve
•added 2025/10/29 2:15 p.m.•1 views

CVE-2025-40084

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

5.7AI score0.00183EPSS
Exploits0References21
UbuntuCve
UbuntuCve
•added 2025/10/29 2:15 p.m.•1 views

CVE-2023-7324

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix possible addldescptr out-of-bounds accesses Sanitize possible addldescptr out-of-bounds accesses in sesenclosuredataprocess...

5.9AI score0.00193EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/29 2:15 p.m.•1 views

CVE-2025-40083

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue To prevent a potential crash in aggdequeue net/sched/schqfq.c when cl-qdisc-ops-peekcl-qdisc returns NULL, we check the return value before using it, similar to the existing approac...

6AI score0.00188EPSS
Exploits0References23
UbuntuCve
UbuntuCve
•added 2025/10/29 9:15 a.m.•2 views

CVE-2025-12058

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS7.4AI score0.00239EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/29 7:15 a.m.•5 views

CVE-2025-11702

GitLab has remediated an issue in EE affecting all versions from 17.1 before 18.3.5, 18.4 before 18.4.3, and 18.5 before 18.5.1 that could have allowed an authenticated attacker with specific permissions to hijack project runners from other projects...

8.8CVSS7.3AI score0.00572EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/10/28 9:15 p.m.•2 views

CVE-2025-62727

Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion...

7.5CVSS6.5AI score0.00638EPSS
Exploits0References3
Total number of security vulnerabilities68528