Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•1 views

CVE-2022-50538

In the Linux kernel, the following vulnerability has been resolved: vme: Fix error not catched in fakeinit In fakeinit, rootdeviceregister is possible to fail but it's ignored, which can cause unregistering vmeroot fail when exit. general protection fault, probably for non-canonical address...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•4 views

CVE-2022-50548

In the Linux kernel, the following vulnerability has been resolved: media: i2c: hi846: Fix memory leak in hi846parsedt If any of the checks related to the supported link frequencies fail, then the V4L2 fwnode resources don't get released before returning, which leads to a memleak. Fix this by...

5.5CVSS5.9AI score0.00184EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•1 views

CVE-2023-53636

In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab "peci: cpu: Fix use-after-free in adevrelease", the auxiliary device is not torn down in the correct order. If auxiliarydeviceadd fails,...

7.8CVSS6.6AI score0.00188EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•4 views

CVE-2023-53662

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leaks in ext4fnamesetupfilename,preparelookup If the filename casefolding fails, we'll be leaking memory from the fscryptname struct, namely from the 'cryptobuf.name' member. Make sure we free it in the error pat...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References18
UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•2 views

CVE-2023-53683

In the Linux kernel, the following vulnerability has been resolved: fs: hfsplus: remove WARNON from hfspluscatread,writeinode syzbot is hitting WARNON in hfspluscatread,writeinode, for crafted filesystem image can contain bogus length. There conditions are not kernel bugs that can justify kernel ...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•2 views

CVE-2023-53667

In the Linux kernel, the following vulnerability has been resolved: net: cdcncm: Deal with too low values of dwNtbOutMaxSize Currently in cdcncmchecktxmax, if dwNtbOutMaxSize is lower than the calculated "min" value, but greater than zero, the logic sets txmax to dwNtbOutMaxSize. This is then use...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/07 4:15 p.m.•4 views

CVE-2023-53651

In the Linux kernel, the following vulnerability has been resolved: Input: exc3000 - properly stop timer on shutdown We need to stop the timer on driver unbind or probe failures, otherwise we get UAF/Oops...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/07 3:16 p.m.•3 views

CVE-2025-61770

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffers the entire multipart preamble bytes before the first boundary in memory without any size limit. A client can send a large preamble followed by a valid boundary, causing...

7.5CVSS6.8AI score0.00868EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/07 3:16 p.m.•2 views

CVE-2025-61771

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser stores non-file form fields parts without a filename entirely in memory as Ruby String objects. A single large text field in a multipart/form-data request hundreds of megabytes or...

7.5CVSS6.8AI score0.00528EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/07 3:16 p.m.•4 views

CVE-2025-61772

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser can accumulate unbounded data when a multipart part’s header block never terminates with the required blank line CRLFCRLF. The parser keeps appending incoming bytes to memory witho...

7.5CVSS6.8AI score0.00868EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/06 11:15 p.m.•2 views

CVE-2025-61774

PyVista provides 3D plotting and mesh analysis through an interface for the Visualization Toolkit VTK. Version 0.46.3 of the PyVista Project is vulnerable to remote code execution via dependency confusion. Two pieces of code use--extra-index-url. But when --extra-index-url is used, pip always...

9.3CVSS6.4AI score0.00606EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/06 7:15 p.m.•16 views

CVE-2025-61985

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used...

3.6CVSS6.8AI score0.00113EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/06 7:15 p.m.•11 views

CVE-2025-61984

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. A configuration...

3.6CVSS6.6AI score0.00211EPSS
Exploits2References6
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•1 views

CVE-2025-61224

Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'56.1 allows a remote attacker to execute arbitrary code via the q parameter...

6.5CVSS6.2AI score0.01272EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•3 views

CVE-2025-59729

When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before the start of the allocated buffer. If we load a DHAV file that is larger than MAXDURATIONBUFFERSIZE bytes 0x100000 for example 0x101000 bytes, then at 0 we ha...

5.7CVSS5.9AI score0.00149EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•3 views

CVE-2025-59734

It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion storedframe. Stored frames can later be referenced by FTCH chunks. For files using subversion storedframe. Leaving ctx-hasdimensions set to false. A subsequent chunk with type...

8.7CVSS6AI score0.00167EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•2 views

CVE-2025-59728

When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...

8.7CVSS6AI score0.00172EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•3 views

CVE-2025-59730

When decoding a frame for a SANM file ANIM v0 variant, the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution width x height. A buffer of appropriate size is allocated depending on the resolution. This codec can encode the frame...

5.7CVSS6AI score0.00149EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•2 views

CVE-2025-61765

python-socketio is a Python implementation of the Socket.IO realtime client and server. A remote code execution vulnerability in python-socketio versions prior to 5.14.0 allows attackers to execute arbitrary Python code through malicious pickle deserialization in multi-server deployments on which...

6.4CVSS6.9AI score0.00446EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•4 views

CVE-2025-61766

Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to version 1.0.0, infinite recursion can occur if a user queries a bucket using the != comparator. This will result in PHP's call stack limit exceeding, and/or increased memory consumption, potentially leadin...

6.5CVSS5.9AI score0.00351EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•1 views

CVE-2025-59152

Litestar is an Asynchronous Server Gateway Interface ASGI framework. In version 2.17.0, rate limits can be completely bypassed by manipulating the X-Forwarded-For header. This renders IP-based rate limiting ineffective against determined attackers. Litestar's RateLimitMiddleware uses...

7.5CVSS6AI score0.00452EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•2 views

CVE-2025-59733

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS6.7AI score0.00171EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•3 views

CVE-2025-59732

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy loops at 0 and 1 will continue to write until the next multiple of 8. The buffer...

8.7CVSS6.6AI score0.00155EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/06 12:0 a.m.•2 views

CVE-2025-59731

When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...

6.9CVSS6.6AI score0.0016EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/05 2:15 a.m.•2 views

CVE-2025-11277

A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing a manipulation can lead to heap-based buffer overflow. The attack needs to be launched locally. The exploit...

7.8CVSS6.3AI score0.00224EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2025/10/05 1:15 a.m.•1 views

CVE-2025-11275

A vulnerability was identified in Open Asset Import Library Assimp 6.0.2. Affected by this vulnerability is the function ODDLParser::getNextSeparator in the library assimp/contrib/openddlparser/include/openddlparser/OpenDDLParserUtils.h. Such manipulation leads to heap-based buffer overflow. The...

7.8CVSS6.1AI score0.00225EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2025/10/05 1:15 a.m.•1 views

CVE-2025-11274

A vulnerability was determined in Open Asset Import Library Assimp 6.0.2. Affected is the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. This manipulation causes allocation of resources. The attack is restricted to local execution. The exploit has been...

5.5CVSS5.7AI score0.00188EPSS
Exploits1References5
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•3 views

CVE-2022-50490

In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htablockbucket to userspace In htabmaplookupanddeletebatch if htablockbucket returns -EBUSY, it will go to next bucket. Going to next bucket may not only skip the elements in current bucket silently, but...

7.1CVSS6.5AI score0.00149EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2022-50478

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix shift-out-of-bounds/overflow in nilfssb2badoffset Patch series "nilfs2: fix UBSAN shift-out-of-bounds warnings on mount time". The first patch fixes a bug reported by syzbot, and the second one fixes the remaining bug...

7.1CVSS6.2AI score0.00155EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2022-50484

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks When the driver hits -ENOMEM at allocating a URB or a buffer, it aborts and goes to the error path that releases the all previously allocated resources. However, when -ENOMEM hits at th...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2023-53590

In the Linux kernel, the following vulnerability has been resolved: sctp: add a refcnt in sctpstreampriorities to avoid a nested loop With this refcnt added in sctpstreampriorities, we don't need to traverse all streams to check if the prio is used by other streams when freeing one stream's prio ...

5.5CVSS6AI score0.00111EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2022-50474

In the Linux kernel, the following vulnerability has been resolved: macintosh: fix possible memory leak in macioaddonedevice Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically. It needs to be freed when ofdeviceregist...

5.5CVSS5.8AI score0.00152EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2022-50494

In the Linux kernel, the following vulnerability has been resolved: thermal: intelpowerclamp: Use getcpu instead of smpprocessorid to avoid crash When CPU 0 is offline and intelpowerclamp is used to inject idle, it generates kernel BUG: BUG: using smpprocessorid in preemptible 00000000 code:...

5.5CVSS5.8AI score0.0015EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2022-50482

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up sidomain in the initdmars error path A splat from kmemcachedestroy was seen with a kernel prior to commit ee2653bbe89d "iommu/vt-d: Remove domain and devinfo mempool" when there was a failure in initdmars,...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2022-50486

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: Fix return type of netcpndostartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•3 views

CVE-2022-50487

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.9AI score
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2023-53603

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Avoid fcport pointer dereference Klocwork reported warning of NULL pointer may be dereferenced. The routine exits when sactl is NULL and fcport is allocated after the exit call thus causing NULL fcport pointer to...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2022-50479

In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak clksrc when function run into last return NULL. s/free/kfree/ - Alex...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2023-53599

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix missing initialisation affecting gcm-aes-s390 Fix afalgallocareq to initialise areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl. Without this, the gcm-aes-s390 driver will...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2023-53568

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: don't leak memory if devsetname fails When devsetname fails, zcdncreate doesn't free the newly allocated resources. Do it...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•5 views

CVE-2023-53555

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: initialize damofilter-list from damosnewfilter damosnewfilter is not initializing the list field of newly allocated filter object. However, DAMON sysfs interface and DAMONRECLAIM are not initializing it after calli...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2023-53569

In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount Check that log of block size stored in the superblock has sensible value. Otherwise the shift computing the block size can overflow leading to undefined behavior...

7.8CVSS6.2AI score0.00143EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2023-53586

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUNRESET handling This fixes a bug where an initiator thinks a LUNRESET has cleaned up running commands when it hasn't. The bug was added in commit 51ec502a3266 "target: Delete tmr from list before...

4.7CVSS6.3AI score0.00147EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•3 views

CVE-2023-53558

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Avoid prinfo with spin lock in cblistinitgeneric prinfo is called with rtp-cbsgbllock spin lock locked. Because prinfo calls printk that might sleep, this will result in BUG like below: 0.206455 cblistinitgeneric:...

5.5CVSS5.9AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2023-53571

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Make intelgetcrtcnewencoder less oopsy The point of the WARN was to print something, not oops straight up. Currently that is precisely what happens if we can't find the connector for the crtc in the atomic state. Get th...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2023-53570

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211parsembssidelems nl80211parsembssidelems uses a u8 variable numelems to count the number of MBSSID elements in the nested netlink attribute attrs, which can lead to an integer overflo...

7.8CVSS6.5AI score0.00155EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2023-53565

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check for probe id argument being NULL The probe id argument may be NULL in 2 scenarios: 1. brcmfpciepmleaveD3 calling brcmfpcieprobe to reprobe the device. 2. If a user tries to manually bind the driver from sysf...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•1 views

CVE-2023-53574

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: delete timer and free skb queue when unloading Fix possible crash and memory leak on driver unload by deleting TX purge timer and freeing C2H queue in 'rtwcoredeinit', shrink critical section in the latter by freeing...

5.5CVSS5.7AI score0.0012EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•3 views

CVE-2023-53572

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: use safe list iterator to avoid a use after free This loop is freeing "clk" so it needs to use listforeachentrysafe. Otherwise it dereferences a freed variable to get the next item on the loop...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/04 4:15 p.m.•2 views

CVE-2023-53564

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix defrag path triggering jbd2 ASSERT code path: ocfs2ioctlmoveextents ocfs2moveextents ocfs2defragextent ocfs2moveextent + ocfs2journalaccessdi + ocfs2splitextent //sub-paths call jbd2journalrestart + ocfs2journaldirty...

5.5CVSS5.9AI score0.00136EPSS
Exploits0References10
Total number of security vulnerabilities68528