Wed, Jan 15 · 03:15 PM CSTCVE-2024-12084
9.8/10 · Must read/watchNVDvuln
Summary
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
CVECVE-2024-12084
SeverityCRITICAL
TypeUPDATED
PublishedWed, Jan 15 · 03:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Mon, Jun 16 · 04:15 PM CDTCVE-2025-49794
9.1/10 · Must read/watchNVDvuln
Summary
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or
CVECVE-2025-49794
SeverityCRITICAL
TypeUPDATED
PublishedMon, Jun 16 · 04:15 PM CDT
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Apr 15 · 04:16 PM CDTCVE-2025-32911
9.0/10 · Must read/watchNVDvuln
Summary
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.
CVECVE-2025-32911
SeverityCRITICAL
TypeUPDATED
PublishedTue, Apr 15 · 04:16 PM CDT
ModifiedMon, Jun 29 · 09:16 PM CDT
Wed, Feb 12 · 03:15 PM CSTCVE-2025-1244
8.8/10 · Worth your timeNVDvuln
Summary
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
CVECVE-2025-1244
SeverityHIGH
TypeUPDATED
PublishedWed, Feb 12 · 03:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Wed, Jan 22 · 05:15 AM CSTCVE-2024-11218
8.6/10 · Worth your timeNVDvuln
Summary
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
CVECVE-2024-11218
SeverityHIGH
TypeUPDATED
PublishedWed, Jan 22 · 05:15 AM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Wed, Jan 31 · 10:15 PM CSTCVE-2024-21626
8.6/10 · Worth your timeNVDvuln
Summary
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a
CVECVE-2024-21626
SeverityHIGH
TypeUPDATED
PublishedWed, Jan 31 · 10:15 PM CST
ModifiedTue, Jun 30 · 02:16 AM CDT
Tue, May 14 · 03:42 PM CDTCVE-2024-3727
8.3/10 · Worth your timeNVDvuln
Summary
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
CVECVE-2024-3727
SeverityHIGH
TypeUPDATED
PublishedTue, May 14 · 03:42 PM CDT
ModifiedTue, Jun 30 · 05:17 AM CDT
Mon, Mar 18 · 03:15 PM CDTCVE-2024-22257
8.2/10 · Worth your timeNVDvuln
Summary
In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter
CVECVE-2024-22257
SeverityHIGH
TypeUPDATED
PublishedMon, Mar 18 · 03:15 PM CDT
ModifiedTue, Jun 30 · 01:16 PM CDT
Tue, Mar 04 · 04:15 PM CSTCVE-2025-23368
8.1/10 · Worth your timeNVDvuln
Summary
A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI.
CVECVE-2025-23368
SeverityHIGH
TypeUPDATED
PublishedTue, Mar 04 · 04:15 PM CST
ModifiedTue, Jun 30 · 03:16 AM CDT
Mon, May 12 · 10:15 PM CDTCVE-2025-31223
8.0/10 · Worth your timeNVDvuln
Summary
The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to memory corruption.
CVECVE-2025-31223
SeverityHIGH
TypeUPDATED
PublishedMon, May 12 · 10:15 PM CDT
ModifiedTue, Jun 30 · 03:16 AM CDT
Mon, Mar 03 · 05:15 PM CSTCVE-2024-45782
7.8/10 · Worth your timeNVDvuln
Summary
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensit
CVECVE-2024-45782
SeverityHIGH
TypeUPDATED
PublishedMon, Mar 03 · 05:15 PM CST
ModifiedMon, Jun 29 · 11:16 PM CDT
Wed, Oct 09 · 03:15 PM CDTCVE-2024-9675
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the
CVECVE-2024-9675
SeverityHIGH
TypeUPDATED
PublishedWed, Oct 09 · 03:15 PM CDT
ModifiedMon, Jun 29 · 09:16 PM CDT
Mon, Mar 03 · 05:15 PM CSTCVE-2025-0678
7.8/10 · Worth your timeNVDvuln
Summary
A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size ca
CVECVE-2025-0678
SeverityHIGH
TypeUPDATED
PublishedMon, Mar 03 · 05:15 PM CST
ModifiedTue, Jun 30 · 12:16 AM CDT
Mon, Mar 03 · 03:15 PM CSTCVE-2025-0689
7.8/10 · Worth your timeNVDvuln
Summary
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A
CVECVE-2025-0689
SeverityHIGH
TypeUPDATED
PublishedMon, Mar 03 · 03:15 PM CST
ModifiedTue, Jun 30 · 12:16 AM CDT
Mon, Mar 03 · 03:15 PM CSTCVE-2025-1125
7.8/10 · Worth your timeNVDvuln
Summary
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow
CVECVE-2025-1125
SeverityHIGH
TypeUPDATED
PublishedMon, Mar 03 · 03:15 PM CST
ModifiedTue, Jun 30 · 12:16 AM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26594
7.8/10 · Worth your timeNVDvuln
Summary
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.
CVECVE-2025-26594
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26595
7.8/10 · Worth your timeNVDvuln
Summary
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
CVECVE-2025-26595
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26596
7.8/10 · Worth your timeNVDvuln
Summary
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.
CVECVE-2025-26596
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26597
7.8/10 · Worth your timeNVDvuln
Summary
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of
CVECVE-2025-26597
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26598
7.8/10 · Worth your timeNVDvuln
Summary
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, whi
CVECVE-2025-26598
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26599
7.8/10 · Worth your timeNVDvuln
Summary
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly in
CVECVE-2025-26599
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26600
7.8/10 · Worth your timeNVDvuln
Summary
A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.
CVECVE-2025-26600
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Tue, Feb 25 · 04:15 PM CSTCVE-2025-26601
7.8/10 · Worth your timeNVDvuln
Summary
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the n
CVECVE-2025-26601
SeverityHIGH
TypeUPDATED
PublishedTue, Feb 25 · 04:15 PM CST
ModifiedMon, Jun 29 · 09:16 PM CDT
Wed, Apr 23 · 09:15 PM CDTCVE-2025-46397
7.8/10 · Worth your timeNVDvuln
Summary
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVECVE-2025-46397
SeverityHIGH
TypeUPDATED
PublishedWed, Apr 23 · 09:15 PM CDT
ModifiedTue, Jun 30 · 05:17 AM CDT
Mon, Jun 09 · 08:15 PM CDTCVE-2025-5914
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to
CVECVE-2025-5914
SeverityHIGH
TypeUPDATED
PublishedMon, Jun 09 · 08:15 PM CDT
ModifiedTue, Jun 30 · 11:16 AM CDT