Количество 17 873
Количество 17 873
CVE-2025-8194
Tarfile infinite loop during parsing with negative member offset
CVE-2025-8177
LibTIFF thumbnail.c setrow buffer overflow
CVE-2025-8176
LibTIFF tiffmedian.c get_histogram use after free
CVE-2025-8114
: null pointer dereference in libssh kex session id calculation
CVE-2025-8011
Chromium: CVE-2025-8011 Type Confusion in V8
CVE-2025-8010
Chromium: CVE-2025-8010 Type Confusion in V8
CVE-2025-7783
Usage of unsafe random function in form-data for choosing boundary
CVE-2025-7657
Chromium: CVE-2025-7657 Use after free in WebRTC
CVE-2025-7656
Chromium: CVE-2025-7656 Integer overflow in V8
CVE-2025-7546
GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write
CVE-2025-7545
GNU Binutils objcopy.c copy_section heap-based overflow
CVE-2025-7519
Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write
CVE-2025-7458
SQLite integer overflow in key info allocation may lead to information disclosure.
CVE-2025-7425
Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
CVE-2025-7424
Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
CVE-2025-7395
Domain Name Validation Bypass with Apple Native Certificate Validation
CVE-2025-7394
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report.
CVE-2025-7345
Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf
CVE-2025-7339
on-headers vulnerable to http response header manipulation
CVE-2025-7207
mruby nregs codegen.c scope_new heap-based overflow
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-8194 Tarfile infinite loop during parsing with negative member offset | CVSS3: 7.5 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-8177 LibTIFF thumbnail.c setrow buffer overflow | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-8176 LibTIFF tiffmedian.c get_histogram use after free | CVSS3: 5.3 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-8114 : null pointer dereference in libssh kex session id calculation | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-8011 Chromium: CVE-2025-8011 Type Confusion in V8 | 0% Низкий | 3 месяца назад | |
| CVE-2025-8010 Chromium: CVE-2025-8010 Type Confusion in V8 | 0% Низкий | 3 месяца назад | |
| CVE-2025-7783 Usage of unsafe random function in form-data for choosing boundary | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-7657 Chromium: CVE-2025-7657 Use after free in WebRTC | 0% Низкий | 4 месяца назад | |
| CVE-2025-7656 Chromium: CVE-2025-7656 Integer overflow in V8 | 0% Низкий | 4 месяца назад | |
| CVE-2025-7546 GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-7545 GNU Binutils objcopy.c copy_section heap-based overflow | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-7519 Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write | CVSS3: 6.7 | 0% Низкий | 3 месяца назад |
| CVE-2025-7458 SQLite integer overflow in key info allocation may lead to information disclosure. | CVSS3: 9.1 | 0% Низкий | 3 месяца назад |
| CVE-2025-7425 Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-7395 Domain Name Validation Bypass with Apple Native Certificate Validation | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-7394 In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report. | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-7345 Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf | CVSS3: 7.5 | 0% Низкий | 4 месяца назад |
| CVE-2025-7339 on-headers vulnerable to http response header manipulation | 0% Низкий | около 2 месяцев назад | |
| CVE-2025-7207 mruby nregs codegen.c scope_new heap-based overflow | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу