Export limit exceeded: 335011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (335011 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47712 | 2 Nbdkit Project, Redhat | 4 Nbdkit, Advanced Virtualization, Enterprise Linux and 1 more | 2026-01-08 | 6.5 Medium |
| A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service. | ||||
| CVE-2025-47711 | 2 Nbdkit Project, Redhat | 4 Nbdkit, Advanced Virtualization, Enterprise Linux and 1 more | 2026-01-08 | 6.5 Medium |
| There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service. | ||||
| CVE-2025-46400 | 2 Fig2dev Project, Redhat | 2 Fig2dev, Enterprise Linux | 2026-01-08 | 5.5 Medium |
| In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function. | ||||
| CVE-2025-46399 | 2 Fig2dev Project, Redhat | 2 Fig2dev, Enterprise Linux | 2026-01-08 | 5.5 Medium |
| A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function. | ||||
| CVE-2025-46398 | 2 Fig2dev Project, Redhat | 2 Fig2dev, Enterprise Linux | 2026-01-08 | 5.5 Medium |
| In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function. | ||||
| CVE-2025-31177 | 2 Gnuplot, Redhat | 2 Gnuplot, Enterprise Linux | 2026-01-08 | 5.5 Medium |
| gnuplot is affected by a heap buffer overflow at function utf8_copy_one. | ||||
| CVE-2025-1125 | 2 Gnu, Redhat | 3 Grub2, Enterprise Linux, Openshift | 2026-01-08 | 7.8 High |
| When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections. | ||||
| CVE-2025-0689 | 2 Gnu, Redhat | 3 Grub2, Enterprise Linux, Openshift | 2026-01-08 | 7.8 High |
| When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections. | ||||
| CVE-2025-0620 | 2 Redhat, Samba | 3 Enterprise Linux, Openshift, Samba | 2026-01-08 | 4.9 Medium |
| A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again. | ||||
| CVE-2024-7259 | 2 Ovirt, Redhat | 3 Ovirt-engine, Rhev Hypervisor, Virtualization | 2026-01-08 | 4.9 Medium |
| A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext. | ||||
| CVE-2025-5918 | 2 Libarchive, Redhat | 4 Libarchive, Enterprise Linux, Openshift and 1 more | 2026-01-08 | 3.9 Low |
| A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. | ||||
| CVE-2025-5916 | 2 Libarchive, Redhat | 4 Libarchive, Enterprise Linux, Openshift and 1 more | 2026-01-08 | 3.9 Low |
| A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. This bug affects libarchive versions prior to 3.8.0. | ||||
| CVE-2025-14874 | 2 Nodemailer, Redhat | 6 Nodemailer, Acm, Advanced Cluster Management For Kubernetes and 3 more | 2026-01-08 | 7.5 High |
| A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser. | ||||
| CVE-2025-48429 | 2 Grassroots Dicom Project, Malaterre | 2 Grassroots Dicom, Grassroots Dicom | 2026-01-07 | 7.4 High |
| An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2025-6966 | 3 Canonical, Debian, Ubuntu | 4 Python-apt, Ubuntu Linux, Debian Linux and 1 more | 2026-01-07 | 5.5 Medium |
| NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key. | ||||
| CVE-2022-32912 | 2 Apple, Redhat | 4 Ipados, Iphone Os, Safari and 1 more | 2026-01-07 | 8.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2022-32872 | 1 Apple | 2 Ipados, Iphone Os | 2026-01-07 | 2.4 Low |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, iOS 15.7 and iPadOS 15.7. A person with physical access to an iOS device may be able to access photos from the lock screen. | ||||
| CVE-2022-50802 | 1 Etaplighting | 1 Etap Safety Manager | 2026-01-07 | 6.1 Medium |
| ETAP Safety Manager 1.0.0.32 contains a cross-site scripting vulnerability in the 'action' GET parameter that allows unauthenticated attackers to inject malicious HTML and JavaScript. Attackers can craft specially formed requests to execute arbitrary scripts in victim browser sessions, potentially stealing credentials or performing unauthorized actions. | ||||
| CVE-2025-38699 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-07 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Double-free fix When the bfad_im_probe() function fails during initialization, the memory pointed to by bfad->im is freed without setting bfad->im to NULL. Subsequently, during driver uninstallation, when the state machine enters the bfad_sm_stopping state and calls the bfad_im_probe_undo() function, it attempts to free the memory pointed to by bfad->im again, thereby triggering a double-free vulnerability. Set bfad->im to NULL if probing fails. | ||||
| CVE-2025-39675 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() The function mod_hdcp_hdcp1_create_session() calls the function get_first_active_display(), but does not check its return value. The return value is a null pointer if the display list is empty. This will lead to a null pointer dereference. Add a null pointer check for get_first_active_display() and return MOD_HDCP_STATUS_DISPLAY_NOT_FOUND if the function return null. This is similar to the commit c3e9826a2202 ("drm/amd/display: Add null pointer check for get_first_active_display()"). (cherry picked from commit 5e43eb3cd731649c4f8b9134f857be62a416c893) | ||||