Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/10/01 8:18 p.m.•1 views

CVE-2025-59149

Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community. In version 8.0.0, rules using keyword ldap.responses.attributetype which is long with transforms can lead to a stack buffer overflow during Suricata startup or duri...

6.2CVSS6.1AI score0.00189EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/01 7:15 p.m.•1 views

CVE-2025-46205

A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...

8.1CVSS5.8AI score0.0037EPSS
Exploits1References3
UbuntuCve
UbuntuCve
•added 2025/10/01 5:15 p.m.•3 views

CVE-2025-11233

Starting from Rust 1.87.0 and before Rust 1.89.0, the tier 3 Cygwin target x8664-pc-cygwin didn't correctly handle path separators, causing the standard library's Path API to ignore path components separated by backslashes. Due to this, programs compiled for Cygwin that validate paths could...

6.3CVSS5.9AI score0.00482EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/01 2:0 p.m.•4 views

CVE-2025-59681

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

9.8CVSS7.2AI score0.00583EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/01 2:0 p.m.•2 views

CVE-2025-59682

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract function, used by the "startapp --template" and "startproject --template" commands, allows partial directory traversal via an archive with file paths sharing a common...

6.5CVSS7.1AI score0.0085EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50455

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53490

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix disconnect vs accept race Despite commit 0ad529d9fd2b "mptcp: fix possible divide by zero in recvmsg", the mptcp protocol is still prone to a race between disconnect or shutdown and accept. The root cause is that the...

4.7CVSS6.1AI score0.00103EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53448

In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded releasememregion Remove unnecessary releasememregion from the error path to prevent mem region from being released twice, which could avoid resource leak or other unexpected issues...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50442

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indxread is called when we have some NTFS directory operations that need more information from the index buffers. This adds a sanity check to make sure the returned index buffe...

7.1CVSS6.7AI score0.00149EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50450

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50430

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53464

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Check that sock is valid before iscsisetparam The validity of sock should be checked before assignment to avoid incorrect values. Commit 57569c37f0ad "scsi: iscsi: iscsitcp: Fix null-ptr-deref while calling...

5.5CVSS5.9AI score0.00151EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53475

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: 167.057718 BUG: sleeping function called from invalid context at include/linux/sched/mm.h:229 167.057872...

5.5CVSS5.8AI score0.00145EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50421

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Avoid double destroy of default endpoint The rpmsgdevremove in rpmsgcore is the place for releasing this default endpoint. So need to avoid destroying the default endpoint in rpmsgchrdeveptdevdestroy, this should be...

7.8CVSS6.6AI score0.00147EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•3 views

CVE-2023-53510

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

7.8CVSS5.7AI score0.00144EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50429

In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in oflpddr3getddrtimings We should add the ofnodeput when breaking out of foreachchildofnode as it will automatically increase and decrease the refcount...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53449

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasdeckdinit dasdreservereq is allocated before dasdvolinforeq, and it also needs to be freed before the error returns, just like the other cases in this function...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•3 views

CVE-2023-53455

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: drop all currently held locks if deadlock happens If vc4hdmiresetlink returns -EDEADLK, it means that a deadlock happened in the locking context. This situation should be addressed by dropping all currently held locks an...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53453

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: free iio for atombios when driver shutdown Fix below kmemleak when unload radeon driver: unreferenced object 0xffff9f8608ede200 size 512: comm "systemd-udevd", pid 326, jiffies 4294682822 age 716.338s hex dump first 3...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53469

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

7AI score0.00027EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53473

In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4dirhash The ext4dirhash will almost never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, casefolded file names, that...

7.8CVSS6.5AI score0.00154EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53516

In the Linux kernel, the following vulnerability has been resolved: macvlan: add forgotten nlapolicy for IFLAMACVLANBCCUTOFF The previous commit 954d1fa1ac93 "macvlan: Add netlink attribute for broadcast cutoff" added one additional attribute named IFLAMACVLANBCCUTOFF to allow broadcast cutfoff...

7.8CVSS6.6AI score0.00133EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53531

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. 1 BUG: kernel NULL pointer dereference, address:...

5.5CVSS5.9AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53456

In the Linux kernel, the following vulnerability has been resolved: scsi: qla4xxx: Add length check when parsing nlattrs There are three places that qla4xxx parses nlattrs: - qla4xxxsetchapentry - qla4xxxifacesetparam - qla4xxxsysfsddbsetparam and each of them directly converts the nlattr to...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53496

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Use alternate source for socket to node data The UV code attempts to build a set of tables to allow it to do bidirectional socketnode lookups. But when nrcpus is set to a smaller number than actually present, the...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50428

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off-by-one errors in fast-commit block filling Due to several different off-by-one errors, or perhaps due to a late change in design that wasn't fully reflected in the code that was actually merged, there are several ve...

5.5CVSS6AI score0.00146EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•3 views

CVE-2022-50434

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix possible memleak when register 'hctx' failed There's issue as follows when do fault injection test: unreferenced object 0xffff888132a9f400 size 512: comm "insmod", pid 308021, jiffies 4324277909 age 509.733s hex dump...

5.5CVSS5.9AI score0.00168EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50435

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid crash when inline data creation follows DIO write When inode is created and written to using direct IO, there is nothing to clear the EXT4STATEMAYINLINEDATA flag. Thus when inode gets truncated later to say 1 byte and...

5.5CVSS6AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•5 views

CVE-2022-50436

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set up encryption key during jbd2 transaction Commit a80f7fcf1867 "ext4: fixup ext4fctrack functions' signature" extended the scope of the transaction in ext4unlink too far, making it include the call to ext4findentry...

5.5CVSS5.9AI score0.00095EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53468

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in allocwbufs kmemleak reported a sequence of memory leaks, and show them as following: unreferenced object 0xffff8881575f8400 size 1024: comm "mount", pid 19625, jiffies 4297119604 age 20.383s hex dump fir...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53508

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublkctrlstartdev, if waitforcompletioninterruptible is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDSTARTDEV, otherwise kernel...

7.8CVSS6.6AI score0.00151EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50458

In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210clockinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50422

In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However, if the timer handler sastaskinternaltimedout is running, the deltim...

7.8CVSS6.2AI score0.0015EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50427

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix possible memory leak in sndac97devregister If deviceregister fails in sndac97devregister, it should call putdevice to give up reference, or the name allocated in devsetname is leaked...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50441

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Lag, fix failure to cancel delayed bond work Commit 0d4e8ed139d8 "net/mlx5: Lag, avoid lockdep warnings" accidentally removed a call to cancel delayed bond work thus it may cause queued delay to expire and fall on an...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50432

In the Linux kernel, the following vulnerability has been resolved: kernfs: fix use-after-free in kernfsremove Syzkaller managed to trigger concurrent calls to kernfsremovebynamens for the same file resulting in a KASAN detected use-after-free. The race occurs when the root node is freed during...

7.8CVSS6.2AI score0.0015EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50452

In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cakeinit fails When the default qdisc is cake, if the qdisc of devqueue fails to be inited during mqprioinit, cakereset is invoked to clear resources. In this case, the tins is...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2022-50457

In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error in delmtddevice delmtddevice will call ofnodeput to mtdgetofnodemtd, which is mtd-dev.ofnode. However, memset&mtd-dev, 0 is called before ofnodeput. As the result, ofnodeput won't do anything in...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2022-50454

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveaugemprimeimportsgtable nouveauboinit is backed by ttmboinit and ferries its return code back to the caller. On failures, ttm will call nouveaubodelttm and free the memory.Thus, when...

7.8CVSS6.2AI score0.0015EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53450

In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUGON in ext4mbreleasegrouppa If a malicious fuzzer overwrites the ext4 superblock while it is mounted such that the sfirstdatablock is set to a very large number, the calculation of the block group can underflow,...

5.5CVSS5.9AI score0.0015EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53467

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential leak in rtw89appendprobereqie Do kfreeskbnew before goto out to prevent potential leak...

5.5CVSS5.9AI score0.00143EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53492

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not ignore genmask when looking up chain by id When adding a rule to a chain referring to its ID, if that chain had been deleted on the same batch, the rule might end up referring to a deleted chain. This...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53488

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work before freeing memory...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53529

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Fix memory leak in rtw88usb Kmemleak shows the following leak arising from routine in the usb probe routine: unreferenced object 0xffff895cb29bba00 size 512: comm "udev-worker", pid 534, jiffies 4294903932 age...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53513

In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg without verification. The UBSAN warning calltrace like below: UBSAN: Undefined behaviour in fs/buffer.c:1709:35 signed integer...

5.5CVSS6.1AI score0.00136EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53511

In the Linux kernel, the following vulnerability has been resolved: iouring: fix fget leak when fs don't support nowait buffered read Heming reported a BUG when using iouring doing link-cp on ocfs2. 1 Do the following steps can reproduce this BUG: mount -t ocfs2 /dev/vdc /mnt/ocfs2 cp testfile...

5.5CVSS5.9AI score0.00134EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•1 views

CVE-2023-53514

In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix memory leak of device names The device names allocated by devsetname need be freed before module unloading, but they can not be freed because the kobject's refcount which was set in deviceinitialize has not be...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53515

In the Linux kernel, the following vulnerability has been resolved: virtio-mmio: don't break lifecycle of vmdev vmdev has a separate lifecycle because it has a 'struct device' embedded. Thus, having a release callback for it is correct. Allocating the vmdev struct with devres totally breaks this...

7.8CVSS6.2AI score0.00139EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53530

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC0: controller connect complete localhost kernel: BUG: using smpprocessorid in preemptible...

5.5CVSS6.2AI score0.00135EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/10/01 12:15 p.m.•2 views

CVE-2023-53532

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix deinitialization of firmware resources Currently, in ath11kahbfwresourcesinit, iommu domain mapping is done only for the chipsets having fixed firmware memory. Also, for such chipsets, mapping is done only if it...

5.5CVSS5.8AI score0.00135EPSS
Exploits0References6
Total number of security vulnerabilities68528