Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/09/26 9:15 a.m.•1 views

CVE-2025-11021

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

7.5CVSS6.8AI score0.00594EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/26 4:15 a.m.•2 views

CVE-2025-11000

A vulnerability was determined in Open Babel up to 3.1.1. This affects the function PQSFormat::ReadMolecule of the file /src/formats/PQSformat.cpp. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been publicly disclosed and may be...

5.5CVSS5.5AI score0.00189EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 3:15 a.m.•1 views

CVE-2025-10996

A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and ma...

7.8CVSS6AI score0.00224EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 3:15 a.m.•2 views

CVE-2025-10998

A vulnerability has been found in Open Babel up to 3.1.1. The affected element is the function ChemKinFormat::ReadReactionQualifierLines of the file /src/formats/chemkinformat.cpp. The manipulation leads to null pointer dereference. The attack can only be performed from a local environment. The...

5.5CVSS5.3AI score0.00187EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 3:15 a.m.•2 views

CVE-2025-10997

A flaw has been found in Open Babel up to 3.1.1. Impacted is the function ChemKinFormat::CheckSpecies of the file /src/formats/chemkinformat.cpp. Executing manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used...

7.8CVSS6AI score0.00224EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 3:15 a.m.•2 views

CVE-2025-10999

A vulnerability was found in Open Babel up to 3.1.1. The impacted element is the function CacaoFormat::SetHilderbrandt of the file /src/formats/cacaoformat.cpp. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been made public an...

5.5CVSS5.6AI score0.00188EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 2:15 a.m.•2 views

CVE-2025-10994

A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and...

7.8CVSS5.8AI score0.00196EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 2:15 a.m.•1 views

CVE-2025-10995

A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlibstream::basicunzipstreambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit...

7.8CVSS5.5AI score0.00202EPSS
Exploits1References6
UbuntuCve
UbuntuCve
•added 2025/09/26 12:0 a.m.•1 views

CVE-2025-59830

Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its paramslimit only for parameters separated by &, while still splitting on both & and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters...

7.5CVSS6.6AI score0.00535EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 8:15 p.m.•4 views

CVE-2025-57632

libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...

7.5CVSS6.1AI score0.00549EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•1 views

CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

7.5CVSS7AI score0.00381EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•2 views

CVE-2025-55556

TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application...

6.5CVSS5.9AI score0.00161EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•2 views

CVE-2025-55559

An issue was discovered TensorFlow v2.18.0. A Denial of Service DoS occurs when padding is set to 'valid' in tf.keras.layers.Conv2D...

7.5CVSS5.9AI score0.00204EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•2 views

CVE-2025-55552

pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randnlike are used together...

7.5CVSS6.4AI score0.0039EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•4 views

CVE-2025-60019

glib-networking's OpenSSL backend fails to properly check the return value of memory allocation routines. An out of memory condition could potentially result in writing to an invalid memory location...

3.7CVSS5.9AI score0.00331EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•1 views

CVE-2025-55560

An issue in pytorch v2.7.0 can lead to a Denial of Service DoS when a PyTorch model consists of torch.Tensor.tosparse and torch.Tensor.todense and is compiled by Inductor...

7.5CVSS7.1AI score0.00381EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•3 views

CVE-2025-55554

pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nantonum-.long...

5.3CVSS5.9AI score0.00294EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•2 views

CVE-2025-60018

glib-networking's OpenSSL backend fails to properly check the return value of a call to BIOwrite, resulting in an out of bounds read...

4.8CVSS5.9AI score0.00288EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•1 views

CVE-2025-55557

A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service DoS...

7.5CVSS7.1AI score0.00381EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•1 views

CVE-2025-55558

A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv and is compiled by Inductor, leading to a Denial of Service DoS...

7.5CVSS7.3AI score0.0042EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 4:15 p.m.•3 views

CVE-2025-10911

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

5.5CVSS6.2AI score0.00161EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/25 3:16 p.m.•2 views

CVE-2025-46150

In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results...

5.3CVSS7.1AI score0.0036EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/25 3:16 p.m.•2 views

CVE-2025-46152

In PyTorch before 2.7.0, bitwiserightshift produces incorrect output for certain out-of-bounds values of the "other" argument...

5.3CVSS5.8AI score0.00423EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 3:16 p.m.•2 views

CVE-2025-46149

In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error...

5.3CVSS7.1AI score0.00338EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/25 3:16 p.m.•3 views

CVE-2025-46148

In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistancep=2 produces incorrect results...

5.3CVSS5.8AI score0.00374EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/25 3:16 p.m.•1 views

CVE-2025-46153

PyTorch before 3.7.0 has a bernoullip decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallbackrandom=True...

5.3CVSS7.1AI score0.00391EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/25 3:16 p.m.•4 views

CVE-2025-55551

An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service DoS when performing a slice operation...

7.5CVSS6.4AI score0.00391EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/25 12:0 a.m.•5 views

CVE-2025-39890

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kservicereadyextevent Currently, in ath12kservicereadyextevent, svcrdyext.macphycaps is not freed in the failure case, causing a memory leak. The following trace is observed in kmemleak:...

5.5CVSS5.9AI score0.00137EPSS
Exploits0References25
UbuntuCve
UbuntuCve
•added 2025/09/24 6:15 p.m.•2 views

CVE-2025-59343

tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.1.1, 2.1.3, and 1.16.5 are vulnerable to symlink validation bypass if the destination directory is predictable with a specific tarball. This issue has been patched in version 3.1.1, 2.1.4, and 1.16.6. A workaround involves...

8.7CVSS6.7AI score0.00516EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/24 6:15 p.m.•1 views

CVE-2025-57352

A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the proto property, an attacker can manipulate the prototype chain of JavaScript objects,...

5.3CVSS6.9AI score0.00329EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•4 views

CVE-2025-10500

Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00256EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•1 views

CVE-2025-10502

Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

8.8CVSS7.4AI score0.00261EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•1 views

CVE-2025-10891

Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.06608EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•3 views

CVE-2025-10501

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.0027EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•2 views

CVE-2025-10585

Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

9.8CVSS7.3AI score0.05419EPSS
Exploits1References2
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•5 views

CVE-2025-10890

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

9.1CVSS7.2AI score0.00293EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/24 5:15 p.m.•2 views

CVE-2025-10892

Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS7.2AI score0.00266EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/24 3:15 p.m.•5 views

CVE-2025-8869

When extracting a tar archive pip may not check symbolic links point into the extraction directory if the tarfile module doesn't implement PEP 706. Note that upgrading pip to a "fixed" version for this vulnerability doesn't fix all known vulnerabilities that are remediated by using a Python versi...

5.9CVSS6.8AI score0.00438EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•2 views

CVE-2025-23275

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful exploit of this vulnerability may lead to denial of service and information disclosure...

7.1CVSS5.9AI score0.00127EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•2 views

CVE-2025-23255

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service...

3.3CVSS5.9AI score0.00146EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23339

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may cause a stack-based buffer overflow by getting the user to run cuobjdump on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege leve...

7.8CVSS6.7AI score0.00306EPSS
Exploits1References4
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23248

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service...

3.3CVSS5.9AI score0.00146EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23273

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a divide by zero error by submitting a specially crafted JPEG file. A successful exploit of this vulnerability may lead to denial of service...

4.7CVSS5.9AI score0.0012EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•2 views

CVE-2025-23272

NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service...

5.7CVSS5.9AI score0.00141EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23308

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may cause a heap-based buffer overflow by getting the user to run nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to arbitrary code execution at the privilege level o...

7.8CVSS6.6AI score0.00207EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23346

NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a NULL pointer dereference. A successful exploit of this vulnerability may lead to a limited denial of service...

3.3CVSS5.9AI score0.00146EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23271

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service...

3.3CVSS5.9AI score0.00167EPSS
Exploits0References1
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23338

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service...

5.5CVSS5.9AI score0.00171EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•1 views

CVE-2025-23274

NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service...

4.5CVSS5.9AI score0.00122EPSS
Exploits0References2
UbuntuCve
UbuntuCve
•added 2025/09/24 2:15 p.m.•3 views

CVE-2025-23340

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service...

3.3CVSS5.9AI score0.00167EPSS
Exploits0References4
Total number of security vulnerabilities68528