68528 matches found
CVE-2025-38500
In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...
CVE-2024-38805
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
CVE-2025-8885
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BC-FJA bc-fips on All allows Excessive Allocation. This vulnerability is associated with program files...
CVE-2025-4390
The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...
CVE-2025-55158
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...
CVE-2025-55157
Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tupleunref function may access alread...
CVE-2025-55159
slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the getdisjointmut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has...
CVE-2025-40920
Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable...
CVE-2025-51824
libcsp 2.0 is vulnerable to Buffer Overflow in the cspusartopen function at drivers/usart/zephyr.c...
CVE-2025-51823
libcsp 2.0 is vulnerable to Buffer Overflow in the cspethinit function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member ctx-name without validating the input length...
CVE-2025-38499
In the Linux kernel, the following vulnerability has been resolved: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns What we want is to verify there is that clone won't expose something hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo" may be a...
CVE-2025-8851
A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is...
CVE-2025-8672
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...
CVE-2025-8846
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parseline of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used...
CVE-2025-8845
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...
CVE-2025-8844
A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parsesmacrotemplate of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
CVE-2025-8843
A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function machonodeadstrip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used...
CVE-2025-8842
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function dodirective of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used...
CVE-2025-8837
A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpcdecdump of the file src/libjasper/jpc/jpcdec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public...
CVE-2025-8747
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
CVE-2025-8836
A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpcfloorlog2 of the file src/libjasper/jpc/jpcenc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been...
CVE-2025-8835
A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jasimagechclrspc of the file src/libjasper/base/jasimage.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack...
CVE-2024-58238
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test This fixes the tx timeout issue seen while running a stress test on btnxpuart for couple of hours, such that the interval between two HCI commands coincide...
CVE-2022-50233
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: eir: Fix using strlen with hdev-devname,shortname Both devname and shortname are not guaranteed to be NULL terminated so this instead use strnlen and then attempt to determine if the resulting string needs to be...
CVE-2025-8746
A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function strstrsse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue w...
CVE-2025-55188
7-Zip before 25.01 does not always properly handle symbolic links during extraction...
CVE-2025-8735
A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to th...
CVE-2025-8736
A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...
CVE-2025-8732
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...
CVE-2025-8734
Last updated 28 August 2025...
CVE-2025-8733
Last updated 28 August 2025...
CVE-2025-45765
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."...
CVE-2025-47806
In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash...
CVE-2025-47219
In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure...
CVE-2025-47183
In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure...
CVE-2025-47807
In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
CVE-2025-47808
In GStreamer through 1.26.1, the subparse plugin's tmplayerparseline function may dereference a NULL pointer while parsing a subtitle file, leading to a crash...
CVE-2025-47907
Cancelling a query e.g. by cancelling the context passed to one of the query methods during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with...
CVE-2025-50952
openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c...
CVE-2025-8577
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8579
Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8583
Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8578
Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-8580
Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8576
Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-8581
Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2025-8582
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2025-3770
EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...
CVE-2025-54799
Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...
CVE-2025-54798
tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4...