VIR Vulnerability Intelligence Relay

Search

Found 27,219 results in 1351ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-25724 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: libarchive security update
CVE-2025-24495 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-20623 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-20012 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-45332 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2024-43420 medium 5.5 FIX rhel rocky sles 1y ago RHSA-2025:10991: microcode_ctl security update (Moderate)
CVE-2025-6498 medium 5.5 5.5 debian debian htacg 1y ago A vulnerability classified as problematic has been found in HTACG tidy-html5 5.8.0. Affected is the function defaultAlloc of the file src/alloc.c. The manipulation leads to memory leak. It is possibl…
CVE-2025-3891 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:4597: mod_auth_openidc:2.3 security update (Moderate)
CVE-2025-37738 medium 5.5 FIX rhel rocky sles 1y ago Moderate: kernel security update
CVE-2025-23150 medium 5.5 FIX rhel rocky sles 1y ago Moderate: kernel security update
CVE-2025-22104 medium 5.5 FIX rhel sles rocky 1y ago Moderate: kernel security update
CVE-2025-21919 medium 5.5 FIX rhel rocky sles 1y ago Moderate: kernel security update
CVE-2025-21883 medium 5.5 FIX rhel sles rocky 1y ago Moderate: kernel security update
CVE-2025-6375 medium 5.5 5.5 FIX slesdebian debian pocoproject 1y ago A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation…
CVE-2025-38083 medium 4.7 4.7 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the…
CVE-2025-6270 medium 5.3 5.3 debian debian sles hdfgroup 1y ago A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads t…
CVE-2025-6269 medium 5.3 5.3 debian debian sles hdfgroup 1y ago A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to he…
CVE-2022-49957 unknown FIX slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: kcm: fix strp_init() order and cleanup strp_init() is called just a few lines above this csk->sk_user_data check, it also initial…
CVE-2025-38071 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is < 4 MiB of …
CVE-2025-38067 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseq_cs is non-zero The rseq_cs field is documented as being set to 0 by user-space prior…
CVE-2025-38063 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused by REQ_PREFLUSH When a bio with REQ_PREFLUSH is submitted to dm, __send_empty_flush() ge…
CVE-2025-38058 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock ... or we risk stealing final mntput from sync umount - …
CVE-2025-49124 unknown FIX slesdebian debian 1y ago Untrusted Search Path vulnerability in Apache Tomcat installer for Windows. During installation, the Tomcat installer for Windows used icacls.exe without specifying a full path. This issue affects A…
CVE-2025-6120 medium 5.3 5.3 debian debian sles assimp 1y ago A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/Ha…
CVE-2025-6119 medium 5.3 5.3 debian debian assimp 1y ago A vulnerability classified as critical has been found in Open Asset Import Library Assimp up to 5.4.3. Affected is the function Assimp::BVHLoader::ReadNodeChannels in the library assimp/code/AssetLib…
CVE-2025-4748 medium 5.5 FIX arch archdebian debian sles 1y ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is as…
CVE-2025-41234 unknown FIX debian debian 1y ago Spring Framework vulnerable to a reflected file download (RFD)
CVE-2025-49146 unknown FIX debian debian sles 1y ago pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration
CVE-2022-49395 medium 5.5 FIX rocky slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscall_stub_data() expects the data_count parameter to be the number of longs, not bytes…
CVE-2025-5899 medium 5.3 5.3 debian debian 1y ago A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_variables_option of the file utilities/pspp…
CVE-2025-5898 medium 5.3 5.3 slesdebian debian 1y ago A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The m…
CVE-2025-4802 medium 5.5 FIX rhel rockydebian debian 1y ago RHSA-2025:8686: glibc security update (Moderate)
CVE-2025-32433 unknown 2.5 KEVEXPFIX debian debian sles 1y ago Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially l…
CVE-2024-42009 unknown 1.5 KEVFIX debian debian 1y ago RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desan…
CVE-2025-49128 unknown FIX debian debian 1y ago Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation
CVE-2025-5419 unknown 1.5 KEVFIX debian debian 1y ago Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-35036 unknown debian debian 1y ago Hibernate Validator may interpolate user-supplied input in a constraint violation message with Expression Language
CVE-2025-48387 unknown FIX debian debianubuntu ubuntu 1y ago tar-fs vulnerabilities
CVE-2023-24824 medium 5.5 FIX rockydebian debian rhel 1y ago RHSA-2025:8427: pandoc security update (Moderate)
CVE-2020-16156 medium 5.5 FIX arch arch rocky sles 1y ago CPAN 2.28 allows Signature Verification Bypass.
CVE-2022-3424 medium 5.5 FIX rhel slesdebian debian 1y ago Moderate: kernel security update
CVE-2025-5278 medium 4.4 4.4 arch archdebian debian sles 1y ago A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafte…
CVE-2025-21964 medium 5.5 FIX rhel sles rocky 1y ago Moderate: kernel security update
CVE-2025-4949 unknown debian debian sles 1y ago Eclipse JGit XML External Entity (XXE) Vulnerability
CVE-2025-4969 medium 6.5 6.5 FIX debian debian sles 1y ago A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially…
CVE-2025-37968 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fix deadlock due to concurrent flag access The threaded IRQ function in this driver is reading the flag twic…
CVE-2025-37931 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1y ago In the Linux kernel, the following vulnerability has been resolved: btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing…
CVE-2025-47273 medium 5.5 FIX rhel rocky sles 1y ago Moderate: fence-agents security update
CVE-2025-31257 medium 4.7 4.7 FIX rhel rockyarch arch apple 1y ago This issue was addressed with improved memory handling. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously…
CVE-2025-22233 unknown debian debian 1y ago Spring Framework DataBinder Case Sensitive Match Exception
CVE-2025-4476 medium 4.3 4.3 FIX debian debian sles 1y ago A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a spe…
CVE-2025-47279 unknown FIX debian debian 1y ago Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6.21.2, and 7.5.0, applications that use undici to implement a webhook-like system are vulnerable. If the attacker set up a server …
CVE-2022-4055 medium 5.5 rhel slesdebian debian 1y ago Moderate: xdg-utils security update
CVE-2025-46836 medium 6.6 6.6 FIX slesdebian debian 1y ago net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (l…
CVE-2025-27832 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: ghostscript security update
CVE-2020-13790 medium 5.5 FIX rocky slesdebian debian 1y ago RHSA-2025:7540: libjpeg-turbo security update (Moderate)
CVE-2019-19012 medium 5.5 FIX rockydebian debian rhel 1y ago RHSA-2025:7539: ruby:2.5 security update (Moderate)
CVE-2025-71151 medium 5.5 FIX rhel slesdebian debian 1y ago Linux kernel (Low Latency NVIDIA) vulnerabilities
CVE-2025-68179 medium 5.5 FIX rhel slesdebian debian 1y ago Linux kernel (Xilinx) vulnerabilities
CVE-2025-30472 medium 5.5 FIX rheldebian debian sles 1y ago Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.
CVE-2025-26465 medium 6.8 6.8 FIX rhel rocky sles openbsdnetappredhat 1y ago A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occur…
CVE-2025-24528 medium 5.5 FIX rheldebian debian sles 1y ago RHSA-2025:2722: krb5 security update (Moderate)
CVE-2025-23419 medium 5.5 FIX rhel slesdebian debian 1y ago When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. Thi…
CVE-2025-22087 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix array bounds error with may_goto may_goto uses an additional 8 bytes on the stack, which causes the interpreters[] array…
CVE-2025-21888 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix a WARN during dereg_mr for DM type Memory regions (MR) of type DM (device memory) do not have an associated umem. …
CVE-2025-21694 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the numb…
CVE-2025-21689 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() This patch addresses a null-ptr-deref in qt2_process_read_urb…
CVE-2025-21669 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we mu…
CVE-2025-21668 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_blk_ctrl_remove() will continue the for loop until a…
CVE-2025-21666 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Recent reports have shown how we sometimes call vsock_*_has_data() w…
CVE-2025-21663 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-tegra: Read iommu stream id from device tree Nvidia's Tegra MGBE controllers require the IOMMU "Stream ID" (SI…
CVE-2025-21646 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: afs: Fix the maximum cell name length The kafs filesystem limits the maximum length of a cell to 256 bytes, but a problem occurs …
CVE-2025-1272 medium 5.5 FIX rheldebian debian 1y ago The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensiti…
CVE-2025-0938 medium 5.5 FIX rocky rhel sles 1y ago The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only mean…
CVE-2025-0690 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: grub2 security update
CVE-2025-0677 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: grub2 security update
CVE-2025-0622 medium 5.5 FIX rheldebian debian sles 1y ago Moderate: grub2 security update
CVE-2024-8418 medium 5.5 FIX debian debian rhel sles 1y ago A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open…
CVE-2024-58099 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame Andrew and Nikolay reported connectivity issues with Cilium's service lo…
CVE-2024-58064 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap() kunit_kzalloc() may return NULL, dere…
CVE-2024-58009 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc A NULL sock pointer is passed into l2cap_sock_alloc() when it is c…
CVE-2024-58005 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago Important: kernel security update
CVE-2024-57940 medium 5.5 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the clus…
CVE-2024-57931 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: selinux: ignore unknown extended permissions When evaluating extended permissions, ignore unknown permissions instead of calling …
CVE-2024-57903 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: restrict SO_REUSEPORT to inet sockets After blamed commit, crypto sockets could accidentally be destroyed from RCU call back…
CVE-2024-57898 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first…
CVE-2024-57890 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: RDMA/uverbs: Prevent integer overflow issue In the expression "cmd.wqe_size * cmd.wr_count", both variables are u32 values that c…
CVE-2024-57888 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: workqueue: Do not warn when cancelling WQ_MEM_RECLAIM work from !WQ_MEM_RECLAIM worker After commit 746ae46c1113 ("drm/sched: Mar…
CVE-2024-57885 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "slee…
CVE-2024-57884 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() The task sometimes continues looping in …
CVE-2024-57879 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of iso_listen_bis Since hci_get_route holds the device before returning, the hdev …
CVE-2024-57852 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") m…
CVE-2024-57843 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix overflow inside virtnet_rq_alloc When the frag just got a page, then may lead to regression on VM. Specially if t…
CVE-2024-57809 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI: imx6: Fix suspend/resume support on i.MX6QDL The suspend/resume functionality is currently broken on the i.MX6QDL platform, …
CVE-2024-57798 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() While receiving an MST up request message from one …
CVE-2024-56827 medium 5.5 FIX rhel slesdebian debian 1y ago Moderate: openjpeg2 security update
CVE-2024-56826 medium 5.5 FIX rhel slesdebian debian 1y ago Moderate: openjpeg2 security update
CVE-2024-56783 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup …
CVE-2024-56779 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur The action force umount(umount -f) will attempt to kill all rpc_ta…
CVE-2024-56760 medium 5.5 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI/MSI: Handle lack of irqdomain gracefully Alexandre observed a warning emitted from pci_msi_setup_msi_irqs() on a RISCV platfo…