- EPSS 96.27%
- Veröffentlicht 22.04.2026 08:15:10
- Zuletzt bearbeitet 01.07.2026 17:30:58
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-pl...
CVE-2025-62230
- EPSS 0.27%
- Veröffentlicht 30.10.2025 05:19:40
- Zuletzt bearbeitet 01.07.2026 15:13:56
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can c...
CVE-2025-62231
- EPSS 0.28%
- Veröffentlicht 30.10.2025 05:15:39
- Zuletzt bearbeitet 01.07.2026 15:17:04
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation m...
CVE-2025-31277
- EPSS 1.48%
- Veröffentlicht 29.07.2025 23:29:31
- Zuletzt bearbeitet 01.07.2026 14:46:04
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
CVE-2024-3183
- EPSS 2.05%
- Veröffentlicht 12.06.2024 09:15:18
- Zuletzt bearbeitet 21.11.2024 09:29:05
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted us...
CVE-2024-0229
- EPSS 1.23%
- Veröffentlicht 09.02.2024 07:16:00
- Zuletzt bearbeitet 04.11.2025 19:16:26
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if...
CVE-2023-4806
- EPSS 1.44%
- Veröffentlicht 18.09.2023 17:15:55
- Zuletzt bearbeitet 12.05.2026 11:16:15
A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethos...
CVE-2023-4527
- EPSS 1.51%
- Veröffentlicht 18.09.2023 17:15:55
- Zuletzt bearbeitet 12.05.2026 11:16:15
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack con...
CVE-2021-20316
- EPSS 0.76%
- Veröffentlicht 23.08.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 05:46:21
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.
CVE-2020-25717
- EPSS 1.61%
- Veröffentlicht 18.02.2022 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:18:33
A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.