Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.10 views

CVE-2025-33221

NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successful exploit of this vulnerability might lead to data tampering and denial of service...

4.4CVSS5.8AI score0.00175EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.12 views

CVE-2026-24182

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could leak held driver locks. A successful exploit of this vulnerability might lead to denial of service...

6.5CVSS5.8AI score0.00125EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.10 views

CVE-2026-24197

NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU MIG partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.11 views

CVE-2026-24199

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...

4.7CVSS5.8AI score0.00092EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.21 views

CVE-2026-48695

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the MikroTik router integration plugin. The log function in src/mikrotikplugin/fastnetmonmikrotik.php lines 107-108 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

8.1CVSS5.9AI score0.0107EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.15 views

CVE-2026-48694

FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...

8.1CVSS6AI score0.00234EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.10 views

CVE-2026-24193

NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, data tampering, and code execution...

7.8CVSS5.9AI score0.00197EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.11 views

CVE-2026-48696

FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689...

6.2CVSS6AI score0.00124EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.14 views

CVE-2026-48697

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The executewebrequestsecure function in src/fastlibrary.cpp creates a boost::asio::ssl::context with tlsclient mode and calls setdefaultverifypaths to load CA certificates, but never calls...

7.4CVSS5.8AI score0.00164EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.15 views

CVE-2026-45836

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.7AI score0.00122EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.17 views

CVE-2026-48690

FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packetstorage.hpp, the allocatebuffer function computes memorysizeinbytes as 'buffersizeinpackets maxcapturedpacketsize + sizeoffastnetmonpcappkthdrt +...

7.1CVSS5.9AI score0.00116EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.12 views

CVE-2026-48691

FastNetMon Community Edition through 1.2.9 contains an integer overflow in the BGP ASPATH attribute encoder. In src/bgpprotocol.hpp, the IPv4UnicastAnnounce::getattributes function computes attributelength as 'sizeofbgpaspathsegmentelementt + this-aspathasns.size sizeofuint32t' and stores it in a...

9.8CVSS6.2AI score0.00308EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.16 views

CVE-2026-45835

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsocknewconnectioncb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.8AI score0.00123EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.10 views

CVE-2026-45834

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockstatechangecb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...

5.8AI score0.00123EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.20 views

CVE-2026-48693

FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' src/fastnetmon.cpp line 159. The printscreencontentsintofile function src/fastnetmonlogic.cpp line 2186 opens this path...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 5:16 p.m.11 views

CVE-2026-48864

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within .solv files due to insufficient input validation. An attacker can provide a specially crafted .solv file, which, when processed by a vulnerable application, can lea...

7.8CVSS5.9AI score0.00205EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.15 views

CVE-2026-48683

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflowplugin/netflowv9collector.cpp, the Data template branch lines 1695-1702 iterates over flow records without performing a per-iteration bounds check agains...

6.5CVSS5.9AI score0.00331EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.16 views

CVE-2026-48692

FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials src/fastnetmon.cpp line 477 and a source code comment explicitly acknowledges 'Listen on the given address without an...

8.1CVSS6.2AI score0.00233EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.15 views

CVE-2026-48688

FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...

7.5CVSS5.9AI score0.00283EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.19 views

CVE-2026-48684

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In processnetflowv9optionstemplate src/netflowplugin/netflowv9collector.cpp, the scope parsing loop lines 224-229 iterates until scopesoffset reaches the attacker-controlled...

6.5CVSS5.8AI score0.00264EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.14 views

CVE-2026-48686

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI Network Layer Reachability Information decoder. The function decodebgpsubnetencodingipv4raw in src/bgpprotocol.cpp reads prefixbitlength directly from the BGP packet line 99 without validating it is ...

9.8CVSS6.3AI score0.00565EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.16 views

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

9.8CVSS5.9AI score0.01645EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2026/05/26 4:16 p.m.15 views

CVE-2026-48685

FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgpprotocol.hpp, the parserawbgpattribute function correctly identifies when extendedlengthbit is set and sets lengthoflengthfield...

6.5CVSS5.8AI score0.00295EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 3:16 p.m.11 views

CVE-2026-40033

FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using unclamped cache entry...

8.8CVSS6.4AI score0.00827EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/05/26 3:16 p.m.13 views

CVE-2026-41401

libyang before 5.2.6 contains a heap use-after-free write vulnerability in lydparsersetdataflags that incorrectly updates metadata list pointers when freeing non-head default metadata entries. Attackers can trigger this vulnerability by submitting crafted YANG XML documents with specific metadata...

7.1CVSS5.9AI score0.00519EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 3:16 p.m.10 views

CVE-2026-40034

gix-submodule before 0.82.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An attacker can inject arbitrary shell commands vi...

8.5CVSS6.2AI score0.00351EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/26 2:16 p.m.13 views

CVE-2026-9541

A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...

5.3CVSS5.6AI score0.0017EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2026/05/26 12:16 a.m.13 views

CVE-2026-8376

Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds. Perlstudychunk in regcompstudy.c checked the size of the joined substring buffer in characters rather than bytes. For a quantified fixed substring with a lar...

9.8CVSS6AI score0.00398EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.14 views

CVE-2026-1933

Missing access checks on reparse point operations...

7.1CVSS5.8AI score0.00862EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.12 views

CVE-2026-2340

WORM vfs module does not block overwrites...

6.5CVSS5.8AI score0.00939EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.17 views

CVE-2026-48710

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS5.8AI score0.01438EPSS
Exploits2References5
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.17 views

CVE-2026-42496

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. makespecialfile passes the tar header's linkname to symlink without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular...

9.1CVSS5.8AI score0.0043EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.13 views

CVE-2026-9538

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

7.5CVSS5.8AI score0.00437EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.11 views

CVE-2026-3012

auto-enrolment GPO installing CA certificate over http without verification...

8CVSS5.8AI score0.00261EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.10 views

CVE-2026-4480

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.4AI score0.12797EPSS
Exploits9References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.12 views

CVE-2026-3238

Denial of service against AD DC WINS server...

5.8AI score0.02669EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.11 views

CVE-2026-4408

Unauthenticated Remote Code Execution in Samba DCE/RPC SAMR server...

9CVSS5.8AI score0.02501EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.11 views

CVE-2026-48715

Stack Buffer Overflow in radvdump Route Information Option Parser...

5.8AI score0.00203EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 12:0 a.m.19 views

CVE-2026-42497

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

7.5CVSS5.8AI score0.0043EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.9 views

CVE-2026-48589

Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value could allow an attacker to influence the redirect target in applications using the Jakarta EE module...

5.4CVSS5.8AI score0.00352EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.13 views

CVE-2026-43828

Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.11 views

CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...

5.9CVSS5.8AI score0.0032EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.12 views

CVE-2026-44598

With valid login credentials, URL Redirection to Untrusted Site 'Open Redirect', Server-Side Request Forgery SSRF vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha to 2.1.0, and 3.0.0-alpha-1, only when using shiro-jakarta-ee integration module. Users are recommended t...

5.4CVSS5.9AI score0.00383EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.18 views

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

3.1CVSS5.8AI score0.00224EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.11 views

CVE-2026-43827

Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1, or 3.0.0-alpha-2 or later, which fixes the issue. In the affected versions, when a session already...

6.5CVSS5.8AI score0.00412EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/05/25 9:16 p.m.14 views

CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/25 8:16 p.m.18 views

CVE-2026-48844

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. Support for code evaluation has been removed in 1.6.16 and 1.7.1...

7.5CVSS5.8AI score0.00414EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/25 8:16 p.m.10 views

CVE-2026-48848

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets CSS injection via an SVG document that has an animate element with the attributeName attribute...

7.2CVSS5.8AI score0.00388EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/25 8:16 p.m.17 views

CVE-2026-48842

Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape bypass...

8.1CVSS5.8AI score0.00764EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/25 8:16 p.m.10 views

CVE-2026-48847

Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1 allows pre-authentication arbitrary file deletion via redis/memcache session poisoning bypass...

3.7CVSS5.9AI score0.00433EPSS
Exploits0References6
Total number of security vulnerabilities68528