ConnexionCVE-2025-13836 Excessive read buffering DoS in http.client
31 décembre 2025 à 01:36
Information published.
Vue normale
Reçu avant avant-hier
CVE-2025-13837 Out-of-memory when loading Plist
31 décembre 2025 à 01:36
Information published.
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
31 décembre 2025 à 01:02
Information published.
CVE-2025-12084 Quadratic complexity in node ID cache clearing
31 décembre 2025 à 01:36
Information published.
CVE-2025-68615 Net-SNMP snmptrapd crash
31 décembre 2025 à 01:37
Information published.
CVE-2025-14177 Information Leak of Memory in getimagesize
31 décembre 2025 à 01:02
Information published.
CVE-2025-14178 Heap buffer overflow in array_merge()
31 décembre 2025 à 01:02
Information published.
-
MSRC Security Update Guide
- CVE-2021-44964 Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.
-
- CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
30 décembre 2025 à 01:36
Information published.
-
- CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
30 décembre 2025 à 14:36
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
30 décembre 2025 à 14:36
Information published.
CVE-2025-68615 Net-SNMP snmptrapd crash
30 décembre 2025 à 01:36
Information published.
-
- CVE-2025-13699 MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
CVE-2025-13699 MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
30 décembre 2025 à 01:37
Information published.
-
- CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
-
- CVE-2023-52970 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
-
- CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
30 décembre 2025 à 01:36
Information published.
-
- CVE-2025-68972 In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.
CVE-2025-68972 In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.
29 décembre 2025 à 14:35
Information published.
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
29 décembre 2025 à 14:36
Information published.
