Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/10/20 4:15 p.m.•1 views

CVE-2025-40011

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix null dereference in hdmi teardown pcisetdrvdata sets the value of pdev-driverdata to NULL, after which the driverdata obtained from the same dev is dereferenced in oaktrailhdmii2cexit, and the i2cdev is extracted...

6.7AI score0.00236EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/10/20 4:15 p.m.•1 views

CVE-2025-40017

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of internal buffer li...

5.8AI score0.00214EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/20 4:15 p.m.•1 views

CVE-2025-40006

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix folio is still mapped when deleted Migration may be raced with fallocating hole. removeinodesinglefolio will unmap the folio if the folio is still mapped. However, it's called without folio lock. If the folio is...

6.6AI score0.00236EPSS
Exploits0References34
UbuntuCve
UbuntuCve
•added 2025/10/20 4:15 p.m.•3 views

CVE-2025-40015

In the Linux kernel, the following vulnerability has been resolved: media: stm32-csi: Fix dereference before NULL check In 'stm32csistart', 'csidev-ssubdev' is dereferenced directly while assigning a value to the 'srcpad'. However the same value is being checked against NULL at a later point of...

5.7AI score0.00214EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/20 4:15 p.m.•2 views

CVE-2025-40010

In the Linux kernel, the following vulnerability has been resolved: afs: Fix potential null pointer dereference in afsputserver afsputserver accessed server-debugid before the NULL check, which could lead to a null pointer dereference. Move the debugid assignment, ensuring we never dereference a...

6.7AI score0.00222EPSS
Exploits0References17
UbuntuCve
UbuntuCve
•added 2025/10/20 4:15 p.m.•2 views

CVE-2025-40012

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix warning in smcrxsplice when calling getpage smcloregisterdmb allocates DMB buffers with kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this triggers WARNONONCE in...

5.7AI score0.0022EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/20 2:15 p.m.•1 views

CVE-2025-11680

Out-of-bounds Write in unfilterscanline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

5.9CVSS6AI score0.00356EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/20 2:15 p.m.•2 views

CVE-2025-11677

Use After Free in WebSocket server implementation in lwshandshakeserver in warmcat libwebsockets may allow an attacker, in specific configurations where the user provides a callback function that handles LWSCALLBACKHTTPCONFIRMUPGRADE, to achieve denial of service...

6.3CVSS5.9AI score0.00369EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/20 2:15 p.m.•2 views

CVE-2025-11679

Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

5.9CVSS6AI score0.00356EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/20 2:15 p.m.•2 views

CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.5CVSS5.9AI score0.0027EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/20 6:15 a.m.•1 views

CVE-2025-40004

In the Linux kernel, the following vulnerability has been resolved: net/9p: Fix buffer overflow in USB transport layer A buffer overflow vulnerability exists in the USB 9pfs transport layer where inconsistent size validation between packet header parsing and actual data copying allows a malicious...

5.9AI score0.00246EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/19 1:15 a.m.•5 views

CVE-2025-62672

rplay through 3.3.2 allows attackers to cause a denial of service SIGSEGV and daemon crash or possibly have unspecified other impact. This occurs in memcpy in the RPLAYDATA case in rplayunpack in librplay/rplay.c, potentially reachable via packet data with no authentication...

5.3CVSS5.9AI score0.00533EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/18 8:15 a.m.•1 views

CVE-2025-40002

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix use-after-free in tbdpdprxwork The original code relies on canceldelayedwork in tbdpdprxstop, which does not ensure that the delayed work item tunnel-dprxwork has fully completed if it was already running. This...

5.7AI score0.00232EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/18 8:15 a.m.•6 views

CVE-2025-40003

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work The origin code calls canceldelayedwork in ocelotstatsdeinit to cancel the cyclic delayed work item ocelot-statswork. However, canceldelayedwork may fail to canc...

5.7AI score0.00222EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/18 8:15 a.m.•1 views

CVE-2025-40001

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA controller, the original code calls canceldelayedwork in mvsfree to cancel the delayed work item mwq-workq. However, if mwq-workq is...

5.7AI score0.00236EPSS
Exploits0References37
UbuntuCve
UbuntuCve
•added 2025/10/17 7:15 p.m.•2 views

CVE-2024-31573

XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...

4CVSS7.3AI score0.00216EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/17 5:15 p.m.•2 views

CVE-2025-62171

ImageMagick is an open source software suite for displaying, converting, and editing raster image files. In ImageMagick versions prior to 7.1.2-7 and 6.9.13-32, an integer overflow vulnerability exists in the BMP decoder on 32-bit systems. The vulnerability occurs in coders/bmp.c when calculating...

7.5CVSS6.2AI score0.00738EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/10/17 4:15 p.m.•3 views

CVE-2025-57567

A remote code execution RCE vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the default theme directory /themes/defaut/css/minify.php. An authenticated administrator user can overwrite this file with arbitrary PHP code via the admin panel,...

9.1CVSS6.5AI score0.00895EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/17 4:15 p.m.•3 views

CVE-2025-49655

Deserialization of untrusted data can occur in versions of the Keras framework running versions 3.11.0 up to but not including 3.11.3, enabling a maliciously uploaded Keras file containing a TorchModuleWrapper class to run arbitrary code on an end user’s system when loaded despite safe mode being...

9.8CVSS7.3AI score0.0071EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/17 4:15 p.m.•2 views

CVE-2025-26625

Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Git LFS commands may write to files visible outside the current Git working tree if symbolic or hard links...

8.6CVSS6.4AI score0.00707EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/17 3:15 p.m.•1 views

CVE-2025-60361

radare2 v5.9.8 and before contains a memory leak in the function bochsopen...

3.3CVSS5.9AI score0.00149EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/17 2:15 p.m.•1 views

CVE-2025-60359

radare2 v5.9.8 and before contains a memory leak in the function rbinobjectnew...

5.5CVSS5.9AI score0.00151EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/17 2:15 p.m.•2 views

CVE-2025-60360

radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit...

5.5CVSS5.9AI score0.00151EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/16 10:15 p.m.•4 views

CVE-2025-11896

In Xpdf 4.05 and earlier, a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow...

2.1CVSS5.9AI score0.00156EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/16 8:15 p.m.•1 views

CVE-2025-60358

radare2 v.5.9.8 and before contains a memory leak in the function loadrelocations...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/16 6:15 p.m.•1 views

CVE-2025-61909

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...

4.4CVSS5.9AI score0.00196EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/16 6:15 p.m.•1 views

CVE-2025-61908

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentation fault. This can be used by any API user with access to an API endpoint that allows specifying a...

7.1CVSS5.9AI score0.00487EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/16 6:15 p.m.•1 views

CVE-2025-61907

Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would otherwise be inaccessible for the user. This allows authenticated API users to learn information tha...

7.1CVSS5.9AI score0.00365EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/16 5:15 p.m.•1 views

CVE-2025-61789

Icinga DB Web provides a graphical interface for Icinga monitoring. Before 1.1.4 and 1.2.3, an authorized user with access to Icinga DB Web, can use a custom variable in a filter that is either protected by icingadb/protect/variables or hidden by icingadb/denylist/variables, to guess values...

6.5CVSS5.9AI score0.00331EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•1 views

CVE-2025-62491

A Use-After-Free UAF vulnerability exists in the QuickJS engine's standard library when iterating over the global list of unhandled rejected promises ts-rejectedpromiselist. The function jsstdpromiserejectioncheck attempts to iterate over the rejectedpromiselist to report unhandled rejections usi...

8.8CVSS6AI score0.00371EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•2 views

CVE-2025-62496

A vulnerability exists in the QuickJS engine's BigInt string parsing logic jsbigintfromstring when attempting to create a BigInt from a string with an excessively large number of digits. The function calculates the necessary number of bits nbits required to store the BigInt using the formula:...

8.8CVSS6AI score0.00437EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•1 views

CVE-2025-62493

A vulnerability exists in the QuickJS engine's BigInt string conversion logic jsbiginttostring1 due to an incorrect calculation of the required number of digits, which in turn leads to reading memory past the allocated BigInt structure. The function determines the number of characters ndigits...

6.5CVSS5.8AI score0.00348EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•2 views

CVE-2025-62492

A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS engine's implementation of TypedArray.prototype.indexOf when a negative fromIndex argument is supplied. The fromIndex argument read as a double variable, $d$ is used to calculate the starting position f...

6.5CVSS6.1AI score0.00356EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•1 views

CVE-2025-62495

An integer overflow vulnerability exists in the QuickJS regular expression engine libregexp due to an inconsistent representation of the bytecode buffer size. The regular expression bytecode is stored in a DynBuf structure, which correctly uses a $\textsize\textt$ an unsigned type, typically...

8.8CVSS6.1AI score0.00417EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•1 views

CVE-2025-62494

A type confusion vulnerability exists in the handling of the string addition + operation within the QuickJS engine. The code first checks if the left-hand operand is a string. It then attempts to convert the right-hand operand to a primitive value using JSToPrimitiveFree. This conversion can...

8.8CVSS6.4AI score0.00469EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•4 views

CVE-2025-11840

A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing a manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks...

5.5CVSS5.6AI score0.00251EPSS
Exploits1References9
UbuntuCve
UbuntuCve
•added 2025/10/16 4:15 p.m.•3 views

CVE-2025-62490

In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during jsprintvalue, during which the array could get resized and len1 become ou...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/16 3:15 p.m.•1 views

CVE-2025-41254

STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: 6.2.0 - 6.2.11 6.1.0 - 6.1.23 6.0.x - 6.0.29 5.3.0 - 5.3.45 Older, unsupported versions are also affected...

4.3CVSS7AI score0.00286EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/16 2:15 p.m.•3 views

CVE-2025-11839

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing a manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks...

5.5CVSS5.5AI score0.00251EPSS
Exploits1References8
UbuntuCve
UbuntuCve
•added 2025/10/16 10:15 a.m.•1 views

CVE-2025-6338

There is an incomplete cleanup vulnerability in Qt Network's Schannel support on Windows which can lead to a Denial of Service over a long period.This issue affects Qt from 5.15.0 through 6.8.3, from 6.9.0 before 6.9.2...

9.2CVSS5.9AI score0.00403EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/16 12:0 a.m.•2 views

CVE-2025-11683

YAML::Syck versions before 1.36 for Perl has missing null-terminators which causes out-of-bounds read and potential information disclosure Missing null terminators in token.c leads to but-of-bounds read which allows adjacent variable to be read The issue is seen with complex YAML files with a has...

6.5CVSS5.8AI score0.00243EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 p.m.•3 views

CVE-2025-11568

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

4.4CVSS5.7AI score0.00093EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/15 4:15 p.m.•2 views

CVE-2025-59419

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return \r and Line Feed \n characters in user-suppli...

6.9CVSS7.1AI score0.01617EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•1 views

CVE-2025-39981

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix possible UAFs This attemps to fix possible UAFs caused by struct mgmtpending being freed while still being processed like in the following trace, in order to fix mgmtpendingvalid is introduce and use to check...

5.7AI score0.00183EPSS
Exploits0References14
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•1 views

CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

5.7AI score0.0017EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•1 views

CVE-2025-39988

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the...

7AI score0.00215EPSS
Exploits0References32
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•1 views

CVE-2025-39976

In the Linux kernel, the following vulnerability has been resolved: futex: Use correct exit on failure from futexhashallocatedefault copyprocess uses the wrong error exit path from futexhashallocatedefault. After exiting from futexhashallocatedefault, neither tasklistlock nor siglock has been...

5.8AI score0.00168EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•1 views

CVE-2025-39993

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

5.8AI score0.00213EPSS
Exploits0References40
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•2 views

CVE-2025-39999

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix blkmqtags double free while nrrequests grown In the case user trigger tags grow by queue sysfs attribute nrrequests, hctx-schedtags will be freed directly and replaced with a new allocated tags, see blkmqtagupdatedept...

5.7AI score0.00179EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/15 8:15 a.m.•1 views

CVE-2025-39967

In the Linux kernel, the following vulnerability has been resolved: fbcon: fix integer overflow in fbcondosetfont Fix integer overflow vulnerabilities in fbcondosetfont where font size calculations could overflow when handling user-controlled font parameters. The vulnerabilities occur when: 1...

7.8CVSS6.7AI score0.00156EPSS
Exploits0References34
Total number of security vulnerabilities68528