CVE-2025-68670
- EPSS 1.32%
- Veröffentlicht 27.01.2026 15:52:41
- Zuletzt bearbeitet 06.02.2026 19:59:50
xrdp is an open source RDP server. xrdp before v0.10.5 contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exp...
CVE-2026-24061
- EPSS 98.87%
- Veröffentlicht 21.01.2026 06:42:17
- Zuletzt bearbeitet 11.02.2026 15:40:42
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.
CVE-2026-23490
- EPSS 0.68%
- Veröffentlicht 16.01.2026 19:16:19
- Zuletzt bearbeitet 30.06.2026 03:17:31
pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This vulnerability is fixed in 0.6.2.
CVE-2025-68615
- EPSS 42.69%
- Veröffentlicht 22.12.2025 23:55:30
- Zuletzt bearbeitet 19.02.2026 16:09:15
net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5...
CVE-2025-6966
- EPSS 0.13%
- Veröffentlicht 05.12.2025 13:16:05
- Zuletzt bearbeitet 07.01.2026 22:20:56
NULL pointer dereference in TagSection.keys() in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service (process crash) via a crafted deb822 file with a malformed non-UTF-8 key.
CVE-2025-63498
- EPSS 0.24%
- Veröffentlicht 24.11.2025 00:00:00
- Zuletzt bearbeitet 30.12.2025 17:32:50
alinto SOGo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the "userName" parameter.
CVE-2025-64512
- EPSS 0.31%
- Veröffentlicht 10.11.2025 21:58:37
- Zuletzt bearbeitet 08.01.2026 22:16:02
Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious ...
CVE-2025-62230
- EPSS 0.27%
- Veröffentlicht 30.10.2025 05:19:40
- Zuletzt bearbeitet 01.07.2026 15:13:56
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can c...
CVE-2025-62231
- EPSS 0.28%
- Veröffentlicht 30.10.2025 05:15:39
- Zuletzt bearbeitet 01.07.2026 15:17:04
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation m...
CVE-2025-10934
- EPSS 0.45%
- Veröffentlicht 29.10.2025 20:15:35
- Zuletzt bearbeitet 04.11.2025 13:12:43
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability i...