Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/02/06 11:15 p.m.6 views

CVE-2026-25749

Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution logic when processing the 'helpfile' option. The vulnerability is located in the gettagfname function in src/tag.c. When processing help file tags,...

6.6CVSS6AI score0.00213EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2026/02/06 10:16 p.m.6 views

CVE-2026-2069

A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llamagrammaradvancestack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer overflow. The attack needs to be launched locally. The exploi...

4.8CVSS5.8AI score0.00124EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/02/06 9:16 p.m.4 views

CVE-2026-25635

calibre is an e-book manager. Prior to 9.2.0, Calibre's CHM reader contains a path traversal vulnerability that allows arbitrary file writes anywhere the user has write permissions. On Windows haven't tested on other OS's, this can lead to Remote Code Execution by writing a payload to the Startup...

8.6CVSS6.1AI score0.00438EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/06 9:16 p.m.6 views

CVE-2026-25636

calibre is an e-book manager. In 9.1.0 and earlier, a path traversal vulnerability in Calibre's EPUB conversion allows a malicious EPUB file to corrupt arbitrary existing files writable by the Calibre process. During conversion, Calibre resolves CipherReference URI from META-INF/encryption.xml to...

8.2CVSS6AI score0.00209EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/06 9:16 p.m.4 views

CVE-2026-25731

calibre is an e-book manager. Prior to 9.2.0, a Server-Side Template Injection SSTI vulnerability in Calibre's Templite templating engine allows arbitrary code execution when a user converts an ebook using a malicious custom template file via the --template-html or --template-html-index...

7.8CVSS6.4AI score0.00241EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2026/02/06 8:16 p.m.6 views

CVE-2026-1709

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

9.8CVSS5.8AI score0.0575EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/06 8:16 p.m.6 views

CVE-2026-25727

time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used features that are...

6.8CVSS5.9AI score0.00291EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/02/06 5:16 p.m.5 views

CVE-2026-25556

MuPDF versions 1.23.0 through 1.27.0 contain a double-free vulnerability in fzfillpixmapfromdisplaylist when an exception occurs during display list rendering. The function accepts a caller-owned fzpixmap pointer but incorrectly drops the pixmap in its error handling path before rethrowing the...

7.5CVSS6AI score0.00477EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2026/02/06 5:16 p.m.5 views

CVE-2026-23739

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the astxmlopen function in xml.c parses XML documents using libxml with unsafe parsing options that enable entity expansion and XInclude processing...

6.5CVSS5.7AI score0.00176EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/06 5:16 p.m.7 views

CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/astcoredumper runs as root, as noted by the NOTES tag on line 689 of the astcoredumper file. The script will source the conten...

8.8CVSS5.9AI score0.00173EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/06 5:16 p.m.4 views

CVE-2026-23738

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, user supplied/control values for Cookies and any GET variable query Parameter are directly interpolated into the HTML of the page using aststrappend. The...

6.1CVSS5.7AI score0.0016EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/06 5:16 p.m.4 views

CVE-2026-23740

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, when astcoredumper writes its gdb init and output files to a directory that is world-writable for example /tmp, an attacker with write permissionwhich is a...

7.8CVSS5.9AI score0.00112EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/06 7:16 a.m.5 views

CVE-2026-1998

A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name:...

5.5CVSS5.4AI score0.00203EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/06 6:15 a.m.5 views

CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

5.5CVSS5.4AI score0.0018EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2026/02/06 5:16 a.m.6 views

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

5.5CVSS5.6AI score0.00153EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2026/02/05 11:15 p.m.6 views

CVE-2025-68458

Webpack is a module bundler. From version 5.49.0 to before 5.104.1, when experiments.buildHttp is enabled, webpack’s HTTPS resolver HttpUriPlugin can be bypassed to fetch resources from hosts outside allowedUris by using crafted URLs that include userinfo username:password@host. If allowedUris...

3.7CVSS6.9AI score0.002EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/02/05 11:15 p.m.4 views

CVE-2025-68157

Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTPS resolver HttpUriPlugin enforces allowedUris only for the initial URL, but does not re-validate allowedUris after following HTTP 30x redirects. As a result, an import that...

3.7CVSS6.9AI score0.002EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/02/05 6:16 p.m.3 views

CVE-2025-58190

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

5.3CVSS6.8AI score0.00482EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2026/02/05 6:16 p.m.5 views

CVE-2025-47911

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service DoS if an attacker provides specially crafted HTML content...

5.3CVSS6.8AI score0.00502EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/02/05 6:16 p.m.8 views

CVE-2025-68121

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the...

10CVSS6.8AI score0.00765EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/05 5:16 p.m.4 views

CVE-2020-37127

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcprelease utility that allows attackers to cause a denial of service by supplying excessive input. Attackers can trigger a core dump and terminate the dhcprelease process by sending a crafted input string longer than 16...

6.9CVSS6.1AI score0.00182EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/05 5:16 p.m.6 views

CVE-2020-37121

CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler with crafted Unicode characters. Attackers can create a malicious M3U playlist file with 536 bytes of buffer and shellcode to trigger remote code...

6.7CVSS6.4AI score0.00207EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/05 12:0 a.m.5 views

CVE-2025-58151

varstored: TOCTOU issues with mapped guest memory...

5.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/05 12:0 a.m.2 views

CVE-2026-25198

web2py versions 2.27.1-stable+timestamp.2023.11.16.08.03.57 and prior contain an open redirect vulnerability. If this vulnerability is exploited, the user may be redirected to an arbitrary website when accessing a specially crafted URL. As a result, the user may become a victim of a phishing atta...

5.1CVSS5.9AI score0.00294EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/05 12:0 a.m.6 views

CVE-2025-61732

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary...

8.6CVSS7.1AI score0.00472EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/04 11:15 p.m.14 views

CVE-2025-22873

It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open"../" would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained with...

3.8CVSS5.9AI score0.00238EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 10:16 p.m.7 views

CVE-2026-25547

@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, t...

9.2CVSS6.5AI score0.00481EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/04 10:15 p.m.6 views

CVE-2026-25537

jsonwebtoken is a JWT lib in rust. Prior to version 10.3.0, there is a Type Confusion vulnerability in jsonwebtoken, specifically, in its claim validation logic. When a standard claim such as nbf or exp is provided with an incorrect JSON type Like a String instead of a Number, the library’s...

7.5CVSS5.8AI score0.00443EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/02/04 6:16 p.m.4 views

CVE-2026-22247

GLPI is a free asset and IT management software package. From version 11.0.0 to before 11.0.5, a GLPI administrator can perform SSRF request through the Webhook feature. This issue has been patched in version 11.0.5...

9.1CVSS5.8AI score0.00317EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/04 6:16 p.m.5 views

CVE-2026-22044

GLPI is a free asset and IT management software package. From version 0.85 to before 10.0.23, an authenticated user can perform a SQL injection. This issue has been patched in version 10.0.23...

8.8CVSS5.8AI score0.00264EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/02/04 6:16 p.m.5 views

CVE-2026-23624

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

6.5CVSS5.8AI score0.00373EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23061

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: kvaserusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In kvaserusbset,databittiming - kvaserusbsetuprxurbs, t...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2025-71196

In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe The "index" variable is used as an index into the usbphyc-phys array which has usbphyc-nphys elements. So if it is equal to usbphyc-nphys then it is one element out of bounds. The "index...

5.7AI score0.00173EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2025-71194

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...

5.9AI score0.00173EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23105

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...

7.8CVSS6AI score0.0012EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23084

In the Linux kernel, the following vulnerability has been resolved: be2net: Fix NULL pointer dereference in becmdgetmacfromlist When the parameter pmacidvalid argument of becmdgetmacfromlist is set to false, the driver may request the PMACID from the firmware of the network card, and this functio...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References42
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23071

In the Linux kernel, the following vulnerability has been resolved: regmap: Fix race condition in hwspinlock irqsave routine Previously, the address of the shared member '&map-spinlockflags' was passed directly to 'hwspinlocktimeoutirqsave'. This creates a race condition where multiple contexts...

4.7CVSS5.9AI score0.001EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23080

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: mcbausbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In mcbausbprobe - mcbausbstart, the URBs for USB-in transfe...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23090

In the Linux kernel, the following vulnerability has been resolved: slimbus: core: fix device reference leak on report present Slimbus devices can be allocated dynamically upon reception of report-present messages. Make sure to drop the reference taken when looking up already registered devices...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.5 views

CVE-2026-23054

In the Linux kernel, the following vulnerability has been resolved: net: hvnetvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndisfilterdeviceadd does not allocate an...

5.7AI score0.00168EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23088

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix crash on synthetic stacktrace field usage When creating a synthetic event based on an existing synthetic event that had a stacktrace field and the new synthetic event used that field a kernel crash occurred: cd...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23094

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References12
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23058

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In emsusbopen, the URBs for USB-in transfers are allocated,...

5.9AI score0.00173EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.2 views

CVE-2026-23109

In the Linux kernel, the following vulnerability has been resolved: fs/writeback: skip ASNODATAINTEGRITY mappings in waitsbinodes Above the while loop in waitsbinodes, we document that we must wait for all pages under writeback for data integrity. Consequently, if a mapping, like fuse,...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23101

In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to ledslist when it is fully ready Before this change the LED was added to ledslist before ledinitcore gets called adding it the list before ledclassdev.setbrightnesswork gets initialized. This leave...

4.7CVSS5.9AI score0.0012EPSS
Exploits0References25
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.4 views

CVE-2026-23055

In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 "i2c: riic: Add suspend/resume support" added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23051

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix drm panic null pointer when driver not support atomic When driver not support atomic, fb using plane-fb rather than plane-state-fb. cherry picked from commit 2f2a72de673513247cd6fae14e53f6c40c5841ef...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23081

In the Linux kernel, the following vulnerability has been resolved: net: phy: intel-xway: fix OF node refcount leakage Automated review spotted am OF node reference count leakage when checking if the 'leds' child node exists. Call ofputnode to correctly maintain the refcount...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/04 5:16 p.m.3 views

CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
Total number of security vulnerabilities68528