VIR Vulnerability Intelligence Relay

Search

Found 28,497 results in 3403ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-5702 medium 5.5 FIX rheldebian debian sles 11mo ago Moderate: glibc security update
CVE-2023-52933 medium 5.5 FIX rhel slesdebian debian 11mo ago Moderate: kernel security update
CVE-2025-6858 medium 5.5 5.5 debian debian sles hdfgroup 11mo ago A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null point…
CVE-2025-6817 low 3.3 3.3 debian debian hdfgroup 11mo ago A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5C__load_entry of the file /src/H5Centry.c. The manipulation leads to resource co…
CVE-2025-6816 low 3.3 3.3 debian debian sles hdfgroup 11mo ago A vulnerability classified as problematic was found in HDF5 1.14.6. This vulnerability affects the function H5O__fsinfo_encode of the file /src/H5Ofsinfo.c. The manipulation leads to heap-based buffe…
CVE-2025-6750 low 3.3 3.3 debian debian sles hdfgroup 1y ago A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5O__mtime_new_encode of the file src/H5Omtime.c. The manipulation leads to…
CVE-2025-52890 unknown FIX debian debian 1y ago Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security optio…
CVE-2025-52889 unknown FIX debian debian 1y ago Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services (DHCP, DNS...) th…
CVE-2024-53064 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: idpf: fix idpf_vc_core_init error path In an event where the platform running the device control plane is rebooted, reset is dete…
CVE-2022-48919 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call dea…
CVE-2025-6536 low 3.3 3.3 debian debian 1y ago A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tm_to_datetime in the library src/lib/core/datetime.c. The manipu…
CVE-2025-5455 medium 5.5 FIX rhel sles rocky 1y ago Moderate: qt5-qtbase security update
CVE-2025-47268 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: iputils security update
CVE-2025-3576 medium 5.9 5.9 FIX rhel rockydebian debian 1y ago RHSA-2025:8411: krb5 security update (Moderate)
CVE-2025-25724 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: libarchive security update
CVE-2025-24495 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-20623 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-20012 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-45332 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-43420 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-4563 low 2.5 FIX arch archdebian debian sles 1y ago A vulnerability exists in the NodeRestriction admission controller where nodes can bypass dynamic resource allocation authorization checks. When the DynamicResourceAllocation feature gate is enabled,…
CVE-2025-6498 medium 5.5 5.5 debian debian htacg 1y ago A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possibl…
CVE-2025-6497 low 3.3 3.3 debian debian 1y ago A vulnerability was found in HTACG tidy-html5 5.8.0. It has been rated as problematic. This issue affects the function prvTidyParseNamespace of the file src/parser.c. The manipulation leads to reacha…
CVE-2025-6496 low 3.3 3.3 debian debian 1y ago A vulnerability was found in HTACG tidy-html5 5.8.0. It has been declared as problematic. This vulnerability affects the function InsertNodeAsParent of the file src/parser.c. The manipulation leads t…
CVE-2025-3891 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:4597: mod_auth_openidc:2.3 security update (Moderate)
CVE-2025-37738 medium 5.5 FIX rhel rocky sles 1y ago Moderate: kernel security update
CVE-2025-23150 medium 5.5 FIX rhel rocky sles 1y ago Moderate: kernel security update
CVE-2025-22104 medium 5.5 FIX rhel sles rocky 1y ago Moderate: kernel security update
CVE-2025-21919 medium 5.5 FIX rhel rocky sles 1y ago Moderate: kernel security update
CVE-2025-21883 medium 5.5 FIX rhel sles rocky 1y ago Moderate: kernel security update
CVE-2025-6494 low 3.3 3.3 FIX slesdebian debian 1y ago A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833. It has been classified as problematic. This affects the function hashmap_get_with_hash of the file gumbo-…
CVE-2025-6490 low 3.3 3.3 FIX slesdebian debian 1y ago A vulnerability was found in sparklemotion nokogiri c29c920907366cb74af13b4dc2230e9c9e23b833 and classified as problematic. This issue affects the function hashmap_set_with_hash of the file gumbo-par…
CVE-2025-6375 medium 5.5 5.5 FIX slesdebian debian pocoproject 1y ago A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation…
CVE-2025-38083 medium 4.7 4.7 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the…
CVE-2025-6275 low 3.3 3.3 debian debian webassembly 1y ago A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-inte…
CVE-2025-6274 low 3.3 3.3 debian debian webassembly 1y ago A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. The manipulatio…
CVE-2025-6273 low 3.3 3.3 debian debian webassembly 1y ago A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file src/binary-reader-objdump.cc. The manipulation leads to…
CVE-2025-6270 medium 5.3 5.3 debian debian sles hdfgroup 1y ago A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads t…
CVE-2025-6269 medium 5.3 5.3 debian debian sles hdfgroup 1y ago A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to he…
CVE-2022-49957 unknown FIX slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initial…
CVE-2025-38071 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of …
CVE-2025-38067 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseq_cs is non-zero The rseq_cs field is documented as being set to 0 by user-space prior…
CVE-2025-38063 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQ_PREFLUSH When a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush() ge…
CVE-2025-38058 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - …
CVE-2025-6141 low 3.3 3.3 FIX slesdebian debian 1y ago A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipu…
CVE-2025-6140 low 3.3 3.3 FIX slesdebian debian gabime 1y ago A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This affects the function scoped_padder in the library include/spdlog/pattern_formatter-inl.h. The manipulation…
CVE-2025-6170 low 2.5 2.5 FIX arch arch slesdebian debian redhatxmlsoft 1y ago A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, …
CVE-2025-49124 unknown FIX slesdebian debian 1y ago Untrusted Search Path vulnerability in Apache Tomcat installer for Windows. During installation, the Tomcat installer for Windows used icacls.exe without specifying a full path. This issue affects A…
CVE-2025-6120 medium 5.3 5.3 debian debian sles assimp 1y ago A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/Ha…
CVE-2025-6119 medium 5.3 5.3 debian debian assimp 1y ago A vulnerability classified as critical has been found in Open Asset Import Library Assimp up to 5.4.3. Affected is the function Assimp::BVHLoader::ReadNodeChannels in the library assimp/code/AssetLib…
CVE-2025-4748 medium 5.5 FIX arch archdebian debian sles 1y ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is as…
CVE-2025-6052 low 3.7 3.7 FIX debian debian sles gnome 1y ago A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation.…
CVE-2025-41234 unknown FIX debian debian 1y ago Spring Framework vulnerable to a reflected file download (RFD)
CVE-2025-49146 unknown FIX debian debian sles 1y ago pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration
CVE-2022-49395 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes…
CVE-2025-5899 medium 5.3 5.3 debian debian 1y ago A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_variables_option of the file utilities/pspp…
CVE-2025-5898 medium 5.3 5.3 slesdebian debian 1y ago A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The m…
CVE-2025-5889 low 3.1 3.1 FIX slesdebian debian 1y ago A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The man…
CVE-2025-4802 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:8686: glibc security update (Moderate)
CVE-2025-32433 unknown 2.5 KEVEXPFIX debian debian sles 1y ago Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially l…
CVE-2024-42009 unknown 1.5 KEVFIX debian debian 1y ago RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desan…
CVE-2025-49128 unknown FIX debian debian 1y ago Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation
CVE-2025-48432 low 2.5 FIX arch arch slesdebian debian 1y ago An issue was discovered in Django 5.2 before 5.2.3, 5.1 before 5.1.11, and 4.2 before 4.2.23. Internal HTTP response logging does not escape request.path, which allows remote attackers to potentially…
CVE-2025-5419 unknown 1.5 KEVFIX debian debian 1y ago Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-35036 unknown debian debian 1y ago Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language
CVE-2023-24824 medium 5.5 FIX rockydebian debian rhel 1y ago RHSA-2025:8427: pandoc security update (Moderate)
CVE-2020-16156 medium 5.5 FIX arch arch rocky sles 1y ago CPAN 2.28 allows Signature Verification Bypass.
CVE-2022-3424 medium 5.5 FIX rhel slesdebian debian 1y ago Moderate: kernel security update
CVE-2025-5278 medium 4.4 4.4 arch archdebian debian sles 1y ago A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafte…
CVE-2025-21964 medium 5.5 FIX rhel sles rocky 1y ago Moderate: kernel security update
CVE-2025-4949 unknown debian debian sles 1y ago Eclipse JGit XML External Entity (XXE) Vulnerability
CVE-2025-4969 medium 6.5 6.5 FIX debian debian sles 1y ago A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially…
CVE-2025-37968 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fix deadlock due to concurrent flag access The threaded IRQ function in this driver is reading the flag twic…
CVE-2025-37931 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing…
CVE-2025-47273 medium 5.5 FIX rhel rocky sles 1y ago Moderate: fence-agents security update
CVE-2025-31257 medium 4.7 4.7 FIX rhel rockyarch arch apple 1y ago This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously…
CVE-2025-22233 unknown debian debian 1y ago Spring Framework DataBinder Case Sensitive Match Exception
CVE-2025-4476 medium 4.3 4.3 FIX debian debian sles 1y ago A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a spe…
CVE-2025-47279 unknown FIX debian debian 1y ago Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server …
CVE-2022-4055 medium 5.5 rhel slesdebian debian 1y ago Moderate: xdg-utils security update
CVE-2025-46836 medium 6.6 6.6 FIX slesdebian debian 1y ago net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (l…
CVE-2025-27832 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: ghostscript security update
CVE-2020-13790 medium 5.5 FIX rocky slesdebian debian 1y ago RHSA-2025:7540: libjpeg-turbo security update (Moderate)
CVE-2019-19012 medium 5.5 FIX rockydebian debian rhel 1y ago RHSA-2025:7539: ruby:2.5 security update (Moderate)
CVE-2025-71151 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3_reconfigure() In smb3_reconfigure(), if smb3_sync_session_ctx_passwords() fails, th…
CVE-2025-68179 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashe…
CVE-2025-30472 medium 5.5 FIX rheldebian debian sles 1y ago Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.
CVE-2025-26465 medium 6.8 6.8 FIX rhel rocky sles openbsdnetappredhat 1y ago A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur…
CVE-2025-24528 medium 5.5 FIX rheldebian debian sles 1y ago RHSA-2025:2722: krb5 security update (Moderate)
CVE-2025-23419 medium 5.5 FIX rhel slesdebian debian 1y ago When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. Thi…
CVE-2025-22087 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with may_goto may_goto uses an additional 8 bytes on the stack, which causes the interpreters[] array…
CVE-2025-21888 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. …
CVE-2025-21694 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the numb…
CVE-2025-21689 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-ptr-deref in qt2_process_read_urb…
CVE-2025-21669 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we mu…
CVE-2025-21668 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_blk_ctrl_remove() will continue the for loop until a…
CVE-2025-21666 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() w…
CVE-2025-21663 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SI…
CVE-2025-21646 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs …
CVE-2025-1272 medium 5.5 FIX rheldebian debian 1y ago The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensiti…