- EPSS 96.27%
- Veröffentlicht 22.04.2026 08:15:10
- Zuletzt bearbeitet 01.07.2026 17:30:58
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-pl...
CVE-2025-62230
- EPSS 0.27%
- Veröffentlicht 30.10.2025 05:19:40
- Zuletzt bearbeitet 01.07.2026 15:13:56
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can c...
CVE-2025-62231
- EPSS 0.28%
- Veröffentlicht 30.10.2025 05:15:39
- Zuletzt bearbeitet 01.07.2026 15:17:04
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation m...
CVE-2025-31277
- EPSS 1.48%
- Veröffentlicht 29.07.2025 23:29:31
- Zuletzt bearbeitet 01.07.2026 14:46:04
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-3183
- EPSS 2.05%
- Veröffentlicht 12.06.2024 09:15:18
- Zuletzt bearbeitet 21.11.2024 09:29:05
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted us...
CVE-2024-0229
- EPSS 1.23%
- Veröffentlicht 09.02.2024 07:16:00
- Zuletzt bearbeitet 04.11.2025 19:16:26
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if...
CVE-2023-47038
- EPSS 0.83%
- Veröffentlicht 18.12.2023 14:15:08
- Zuletzt bearbeitet 04.11.2025 19:16:05
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
CVE-2023-3972
- EPSS 0.26%
- Veröffentlicht 01.11.2023 16:15:08
- Zuletzt bearbeitet 21.11.2024 08:18:25
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered...
CVE-2023-0494
- EPSS 0.9%
- Veröffentlicht 27.03.2023 21:15:10
- Zuletzt bearbeitet 24.02.2025 18:15:16
A vulnerability was found in X.Org. This issue occurs due to a dangling pointer in DeepCopyPointerClasses that can be exploited by ProcXkbSetDeviceInfo() and ProcXkbGetDeviceInfo() to read and write into freed memory. This can lead to local privilege...
CVE-2021-3669
- EPSS 0.28%
- Veröffentlicht 26.08.2022 16:15:09
- Zuletzt bearbeitet 03.11.2025 22:15:50
A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.