VIR Vulnerability Intelligence Relay

Search

Found 4,680 results in 614ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-3909 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:8756: thunderbird security update (Important)
CVE-2025-3887 high 8.0 FIX rheldebian debian sles 1y ago RHSA-2025:8201: gstreamer1-plugins-bad-free security update (Important)
CVE-2025-3877 high 8.0 rhel rocky 1y ago RHSA-2025:8756: thunderbird security update (Important)
CVE-2025-3875 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:8756: thunderbird security update (Important)
CVE-2025-4948 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:8132: libsoup security update (Important)
CVE-2025-32914 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8132: libsoup security update (Important)
CVE-2025-32049 high 8.0 rhel rocky sles 1y ago RHSA-2025:8132: libsoup security update (Important)
CVE-2025-2784 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8132: libsoup security update (Important)
CVE-2025-4919 high 8.0 FIX rhel rockydebian debian 1y ago An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ES…
CVE-2025-4918 high 8.0 FIX rhel rockydebian debian 1y ago An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbi…
CVE-2025-37749 high 8.0 FIX rhel slesdebian debian 1y ago Important: kernel security update
CVE-2025-31205 high 8.0 FIX rhel rockyarch arch 1y ago The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A malicious website may exfiltra…
CVE-2025-21966 high 8.0 FIX rhel slesdebian debian 1y ago Important: kernel security update
CVE-2025-21756 high 7.8 7.8 FIX rhel rocky sles 1y ago Important: kernel security update
CVE-2025-47287 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8254: pcs security update (Important)
CVE-2025-26646 high 8.0 FIX rhel rockyalmalinux almalinux 1y ago RHSA-2025:7589: .NET 8.0 security update (Important)
CVE-2025-46421 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:4560: libsoup security update (Important)
CVE-2025-46420 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:4560: libsoup security update (Important)
CVE-2025-32913 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-32911 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-32907 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-32906 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-3277 high 8.0 FIX rhel rocky sles 1y ago Important: nodejs:22 security update
CVE-2025-32053 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-32052 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-32050 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8292: mingw-freetype and spice-client-win security update (Important)
CVE-2025-3155 high 8.0 FIX rhel slesdebian debian 1y ago A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrat…
CVE-2025-31498 high 8.0 FIX rhel rockydebian debian 1y ago Important: nodejs:22 security update
CVE-2025-31492 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:3997: mod_auth_openidc:2.3 security update (Important)
CVE-2025-21993 high 8.0 FIX rhel slesdebian debian 1y ago Important: kernel security update
CVE-2025-21633 high 8.0 FIX rhel slesalmalinux almalinux 1y ago Important: kernel security update
CVE-2025-21605 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:7686: redis:6 security update (Important)
CVE-2024-58069 high 8.0 FIX rhel slesdebian debian 1y ago Important: kernel security update
CVE-2024-58007 high 8.0 FIX rhel slesdebian debian 1y ago Important: kernel security update
CVE-2024-57929 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dm_array_cursor_end When dm_bm_read_lock() fails due to locking or checksum…
CVE-2024-56631 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Fix slab-use-after-free read in sg_release() Fix a use-after-free bug in sg_release(), detected by syzbot with KASAN: …
CVE-2024-53213 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xx_probe(), the buffer `buf` was being freed tw…
CVE-2024-53166 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by b…
CVE-2024-53141 high 8.0 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exis…
CVE-2024-53059 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() 1. The size of the response packet is not validated. 2. …
CVE-2024-53057 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed t…
CVE-2024-50151 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOBs when building SMB2_IOCTL request When using encryption, either enforced by the server or when using 'seal' …
CVE-2024-50150 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmode should keep reference to parent The altmode device release refers to its parent device, but without keeping a…
CVE-2024-50127 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()', 'admin' pointer may become dangling due to sched switch /…
CVE-2024-50121 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net In the normal case, when we excute `echo 0 > /proc/fs/…
CVE-2024-50035 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: ppp: fix ppp_async_encode() illegal access syzbot reported an issue in ppp_async_encode() [1] In this case, pppoe_sendmsg() is c…
CVE-2024-50033 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets syzbot found that slhc_remember() was missing checks against mal…
CVE-2024-49930 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with …
CVE-2024-49889 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid use-after-free in ext4_ext_show_leaf() In ext4_find_extent(), path may be freed by error or be reallocated, so using …
CVE-2024-49884 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix slab-use-after-free in ext4_split_extent_at() We hit the following use-after-free: ===================================…
CVE-2024-49883 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is …
CVE-2024-49882 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse() the buffer of the extents path In ext4_ext_try_to_merge_up(), set path[1].p_bh to NULL after it has bee…
CVE-2024-47745 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, w…
CVE-2024-47718 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: always wait for both firmware loading attempts In 'rtw_wait_firmware_completion()', always wait for both (regular an…
CVE-2024-46871 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX [Why & How] It actually exposes '6' types in enum dmu…
CVE-2024-46853 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the da…
CVE-2024-46759 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow…
CVE-2024-46743 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When of_irq_parse_raw() is invoked with a device address …
CVE-2024-44987 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in ip6_send_skb() [1] After ip6_local_out() has returned, we no longe…
CVE-2024-43882 high 7.0 7.0 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is…
CVE-2024-42302 high 7.8 7.8 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal Keith reports a use-after-free when a DPC event occurs concurrently…
CVE-2024-42094 high 7.1 7.1 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask var…
CVE-2024-39279 high 8.0 FIX rocky rheldebian debian 1y ago RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important)
CVE-2024-35967 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix not validating setsockopt user input syzbot reported sco_sock_setsockopt() is copying data without checking u…
CVE-2024-35966 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: Fix not validating setsockopt user input syzbot reported rfcomm_sock_setsockopt_old() is copying data without …
CVE-2024-35965 high 7.1 7.1 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix not validating setsockopt user input Check user input length before copying data.
CVE-2024-31157 high 8.0 FIX rocky rheldebian debian 1y ago RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important)
CVE-2024-28047 high 8.0 FIX rocky rheldebian debian 1y ago RHEA-2025:3114: microcode_ctl bug fix and enhancement update (Important)
CVE-2024-11235 high 8.0 FIX rhel slesdebian debian 1y ago Important: php:8.3 security update
CVE-2025-46727 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:8254: pcs security update (Important)
CVE-2025-4093 high 8.0 FIX rhel rockydebian debian 1y ago RHSA-2025:4797: thunderbird security update (Important)
CVE-2025-4091 high 8.0 FIX rhel rockydebian debian 1y ago Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so…
CVE-2025-4087 high 8.0 FIX rhel rockydebian debian 1y ago A vulnerability was identified in Thunderbird where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access and…
CVE-2025-4083 high 8.0 FIX rhel rockydebian debian 1y ago A process isolation vulnerability in Thunderbird stemmed from improper handling of javascript: URIs, which could allow content to execute in the top-level document's process instead of the intended f…
CVE-2025-2817 high 8.0 FIX rhel rockydebian debian 1y ago Thunderbird's update mechanism allowed a medium-integrity user process to interfere with the SYSTEM-level updater by manipulating the file-locking behavior. By injecting code into the user-privileged…
CVE-2023-53064 high 8.0 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: iavf: fix hang on reboot with ice When a system with E810 with existing VFs gets rebooted the following hang may be observed. P…
CVE-2025-21927 high 8.0 FIX rhel sles rocky 1y ago Important: kernel security update
CVE-2024-42322 high 8.0 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ip_vs_add_service Use pe directly to resolve sparse warning: net/netfilter/ipvs/ip_vs_ctl.c:1…
CVE-2024-42292 high 7.1 7.1 FIX rhel rocky sles 1y ago In the Linux kernel, the following vulnerability has been resolved: kobject_uevent: Fix OOB access within zap_modalias_env() zap_modalias_env() wrongly calculates size of memory block to move, so w…
CVE-2025-3523 high 8.0 FIX rhel sles rocky 1y ago RHSA-2025:4649: thunderbird security update (Important)
CVE-2025-3522 high 8.0 FIX rhel sles rocky 1y ago RHSA-2025:4649: thunderbird security update (Important)
CVE-2025-2830 high 8.0 FIX rhel sles rocky 1y ago RHSA-2025:4649: thunderbird security update (Important)
CVE-2024-55549 high 8.0 FIX rhel rocky sles 1y ago RHSA-2025:3615: libxslt security update (Important)
CVE-2025-22866 high 8.0 FIX rheldebian debian sles google 1y ago Important: delve and golang security update
CVE-2025-30427 high 8.0 FIX rhel rocky sles 1y ago A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS…
CVE-2025-24216 high 8.0 FIX rhel rocky sles 1y ago The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processi…
CVE-2025-24209 high 8.0 FIX rhel rocky sles 1y ago A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. Processi…
CVE-2025-24208 high 8.0 FIX rhel rocky sles 1y ago A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4. Loading a malicious iframe may lead to a cross-site scripting attack.
CVE-2025-24189 high 8.0 FIX rhel slesdebian debian 1y ago The issue was addressed with improved checks. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted w…
CVE-2024-54551 high 8.0 FIX rhel rocky sles 1y ago The issue was addressed with improved memory handling. This issue is fixed in Safari 17.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing web content m…
CVE-2024-54467 high 8.0 FIX rhel rocky sles 1y ago A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website …
CVE-2024-44192 high 8.0 FIX rhel rocky sles 1y ago The issue was addressed with improved checks. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. Processing maliciously crafted web content may…
CVE-2025-3030 high 8.0 FIX rhel rockydebian debian 1y ago Memory safety bugs present in Firefox 136, Thunderbird 136, Firefox ESR 128.8, and Thunderbird 128.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort so…
CVE-2025-3029 high 8.0 FIX rhel rockydebian debian 1y ago A crafted URL containing specific Unicode characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability was fixed in Firefox 137, Firefox ESR …
CVE-2025-3028 high 8.0 FIX rhel rockydebian debian 1y ago JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free. This vulnerability was fixed in Firefox 137, Firefox ESR 115.22, Firefox ESR 128.9, Thunde…
CVE-2025-27363 high 9.5 KEVFIX rhel rockyarch arch 1y ago FreeType contains an out-of-bounds write vulnerability when attempting to parse font subglyph structures related to TrueType GX and variable font files that may allow for arbitrary code execution.
CVE-2025-1080 high 8.0 FIX rhel rocky sles 1y ago LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In th…
CVE-2023-53012 high 8.0 FIX rhel slesdebian debian 1y ago In the Linux kernel, the following vulnerability has been resolved: thermal: core: call put_device() only after device_register() fails put_device() shouldn't be called before a prior call to devic…
CVE-2025-30204 high 8.0 FIX rheldebian debian sles 1y ago RHSA-2025:7967: osbuild-composer security update (Important)
CVE-2025-29786 high 8.0 rheldebian debian sles 1y ago Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire strin…