Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2025/09/24 1:15 p.m.2 views

CVE-2025-60020

nncp before 8.12.0 allows path traversal for reading or writing during freqing and file saving via a crafted path in packet data...

6.4CVSS5.8AI score0.00243EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/24 11:15 a.m.2 views

CVE-2025-39889

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Check encryption key size on incoming connection This is required for passing GAP/SEC/SEM/BI-04-C PTS test case: Security Mode 4 Level 4, Responder - Invalid Encryption Key Size - 128 bit This tests the security...

8.1CVSS5.9AI score0.00091EPSS
Exploits0References24
UbuntuCve
UbuntuCve
added 2025/09/24 11:15 a.m.1 views

CVE-2024-58241

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Disable works on hciunregisterdev This make use of disablework on hciunregisterdev since the hcidev is about to be freed new submissions are not disarable...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/24 10:15 a.m.2 views

CVE-2025-58457

Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...

4.3CVSS7AI score0.00294EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/09/23 8:15 p.m.2 views

CVE-2025-59825

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which...

8.6CVSS5.9AI score0.00202EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 7:15 p.m.3 views

CVE-2025-51005

A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at dochecksummathliveplay in tcpliveplay.c, leading to a possible denial of service...

7.5CVSS5.9AI score0.00359EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/09/23 7:15 p.m.2 views

CVE-2025-58674

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WordPress allows Stored XSS. WordPress core security team is aware of the issue and working on a fix. This is low severity vulnerability that requires an attacker to have Author or higher user...

5.9CVSS6AI score0.00203EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 p.m.3 views

CVE-2025-58246

Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to...

4.3CVSS5.9AI score0.0025EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 p.m.2 views

CVE-2025-55780

A null pointer dereference occurs in the function breakwordforoverflowwrap in MuPDF 1.26.4 when rendering a malformed EPUB document. Specifically, the function calls fzhtmlsplitflow to split a FLOWWORD node, but does not check if node-next is valid before accessing node-next-overflowwrap, resulti...

7.5CVSS5.8AI score0.00399EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/23 5:15 p.m.3 views

CVE-2025-9900

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

8.8CVSS6.8AI score0.00739EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39879

In the Linux kernel, the following vulnerability has been resolved: ceph: always call cephshiftunusedfoliosleft The function cephprocessfoliobatch sets foliobatch entries to NULL, which is an illegal state. Before foliobatchrelease crashes due to this API violation, the function...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39875

In the Linux kernel, the following vulnerability has been resolved: igb: Fix NULL pointer dereference in ethtool loopback test The igb driver currently causes a NULL pointer dereference when executing the ethtool loopback test. This occurs because there is no associated qvector for the test ring...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39878

In the Linux kernel, the following vulnerability has been resolved: ceph: fix crash after fscryptencryptpagecacheblocks error The function movedirtyfolioinpagearray was created by commit ce80b76dd327 "ceph: introduce cephprocessfoliobatch method" by moving code from cephwritepagesstart to this...

5.5CVSS6AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39867

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39872

In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...

5.5CVSS5.9AI score0.00135EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39888

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

7.8CVSS6.6AI score0.00136EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39882

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: fix potential OF node use-after-free The foreachchildofnode helper drops the reference it takes to each node as it iterates over children and an explicit ofnodeput is only needed when exiting the loop early. Drop th...

7.8CVSS6.6AI score0.00138EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39884

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix subvolume deletion lockup caused by inodes xarray race There is a race condition between inode eviction and inode caching that can cause a live struct btrfsinode to be missing from the root-inodes xarray. Specifically,...

4.7CVSS5.7AI score0.001EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.5 views

CVE-2025-39886

In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...

5.5CVSS6AI score0.00139EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39887

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix null-ptr-deref in bitmapparselist A crash was observed with the following output: BUG: kernel NULL pointer dereference, address: 0000000000000010 Oops: Oops: 0000 1 SMP NOPTI CPU: 2 UID: 0 PID: 92 Comm:...

5.5CVSS5.9AI score0.00119EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39880

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

7.8CVSS6.6AI score0.00144EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39883

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VMBUGONPAGEPagePoisonedpage kernel BUG at include/linux/page-flags.h:616! Oops:...

7.1CVSS6.3AI score0.00143EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39873

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

7.8CVSS6.8AI score0.00148EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39871

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxdfree The call to idxdfree introduces a duplicate putdevice leading to a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15 PID: 4428 at lib/refcount.c:28...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39876

In the Linux kernel, the following vulnerability has been resolved: net: fec: Fix possible NPD in fecenetphyresetafterclkenable The function ofphyfinddevice may return NULL, so we need to take care before dereferencing phydev...

5.5CVSS5.9AI score0.0014EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39877

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow stateshow reads kdamond-damonctx without holding damonsysfslock. This allows a use-after-free race: CPU 0 CPU 1 ----- ----- stateshow damonsysfsturndamonon ctx = kdamond-damonctx;...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39885

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FSIOCFIEMAP of the extent list on a specially crafted mmap file. contextswitch kernel/sched/core.c:5357 inline...

5.5CVSS6AI score0.0011EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39870

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix double free in idxdsetupwqs The clean up in idxdsetupwqs has had a couple bugs because the error handling is a bit subtle. It's simpler to just re-write it in a cleaner way. The issues here are: 1 If...

7.8CVSS6.5AI score0.00144EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.1 views

CVE-2025-39881

In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in psitriggerpoll+0x3c/0x140 Read...

7.8CVSS6.6AI score0.0014EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.2 views

CVE-2025-39869

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queueprioritymap Fix a critical memory allocation bug in edmasetupfromhw where queueprioritymap was allocated with insufficient memory. The code declared queueprioritymap as s8 ...

7.1CVSS6.6AI score0.00143EPSS
Exploits0References31
UbuntuCve
UbuntuCve
added 2025/09/23 6:15 a.m.3 views

CVE-2025-39868

In the Linux kernel, the following vulnerability has been resolved: erofs: fix runtime warning on truncatefoliobatchexceptionals Commit 0e2f80afcfa6"fs/dax: ensure all pages are idle prior to filesystem unmount" introduced the WARNONONCE to capture whether the filesystem has removed all DAX entri...

7.8CVSS6.6AI score0.00133EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/23 5:15 a.m.3 views

CVE-2025-1131

A local privilege escalation vulnerability exists in the safeasterisk script included with the Asterisk toolkit package. When Asterisk is started via this script common in SysV init or FreePBX environments, it sources all .sh files located in /etc/asterisk/startup.d/ as root, without validating...

7.8CVSS6AI score0.002EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/09/23 1:15 a.m.5 views

CVE-2025-10824

A vulnerability was determined in axboe fio up to 3.41. This impacts the function parsejobsini of the file init.c. Executing manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized...

5.3CVSS5.6AI score0.00133EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/09/23 12:15 a.m.1 views

CVE-2025-10823

A vulnerability was found in axboe fio up to 3.41. This affects the function strbufferpatterncb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used...

4.8CVSS5.5AI score0.00136EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/09/22 9:15 p.m.3 views

CVE-2025-47910

When using http.CrossOriginProtection, the AddInsecureBypassPattern method can unexpectedly bypass more requests than intended. CrossOriginProtection then skips validation, but forwards the original request path, which may be served by a different handler without the intended security protections...

5.4CVSS7.1AI score0.00308EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/09/22 8:15 p.m.1 views

CVE-2025-59432

SCRAM Salted Challenge Response Authentication Mechanism is part of the family of Simple Authentication and Security Layer SASL, RFC 4422 authentication mechanisms. Prior to version 3.2, a timing attack vulnerability exists in the SCRAM Java implementation. The issue arises because Arrays.equals...

8.7CVSS6AI score0.00835EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/22 6:15 p.m.1 views

CVE-2025-59420

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

7.5CVSS6.9AI score0.00244EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2025/09/22 2:15 p.m.3 views

CVE-2025-51006

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dltlinuxsll2cleanup function in plugins/dltlinuxsll2/linuxsll2.c. This vulnerability is triggered when tcpeditdltcleanup indirectly invokes the cleanup routine multiple times on the same memory region. By...

7.8CVSS6.1AI score0.00172EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2025/09/22 4:15 a.m.1 views

CVE-2025-59799

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...

5.5CVSS6.6AI score0.00188EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/09/22 4:15 a.m.2 views

CVE-2025-59800

In Artifex Ghostscript through 10.05.1, ocrbeginpage in devices/gdevpdfocr.c has an integer overflow that leads to a heap-based buffer overflow in ocrline8...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/22 4:15 a.m.1 views

CVE-2025-59798

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c...

5.5CVSS6.6AI score0.00188EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/09/22 4:15 a.m.1 views

CVE-2025-59801

In Artifex GhostXPS before 10.06.0, there is a stack-based buffer overflow in xpsunpredicttiff in xpstiff.c because the samplesperpixel value is not checked...

4.3CVSS6.1AI score0.00188EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/09/19 8:15 p.m.1 views

CVE-2025-59431

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...

9.8CVSS5.9AI score0.00391EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.10 views

CVE-2025-39838

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent NULL pointer dereference in UTF16 conversion There can be a NULL pointer dereference bug here. NULL is passed to cifssfumakenode without checks, which passes it unchecked to cifsstrnduptoutf16, which in turn passes ...

5.5CVSS5.9AI score0.00146EPSS
Exploits0References17
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39861

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: vhci: Prevent use-after-free by removing debugfs files early Move the creation of debugfs files into a dedicated function, and ensure they are explicitly removed during vhcirelease, before associated data structures ar...

7.8CVSS6.6AI score0.00142EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39859

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...

7.8CVSS6.6AI score0.00136EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39855

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in iceptptsirq The E810 device has support for a "low latency" firmware interface to access and read the Tx timestamps. This interface does not use the standard Tx timestamp logic, due to the...

7.8CVSS6.6AI score0.00151EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39850

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...

5.5CVSS6AI score0.00135EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2025/09/19 4:15 p.m.2 views

CVE-2025-39846

In the Linux kernel, the following vulnerability has been resolved: pcmcia: Fix a NULL pointer dereference in iodynfindioregion In iodynfindioregion, pcmciamakeresource is assigned to res and used in pcibusallocresource. There is a dereference of res in pcibusallocresource, which could lead to a...

5.5CVSS5.8AI score0.00149EPSS
Exploits0References29
Total number of security vulnerabilities68528