Search Results (46099 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-14512 2 Gnome, Redhat 14 Glib, Ai Inference Server, Discovery and 11 more 2026-06-29 6.5 Medium
A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.
CVE-2025-14242 1 Redhat 7 Enterprise Linux, Enterprise Linux Eus, Rhel Aus and 4 more 2026-06-29 6.5 Medium
A flaw was found in vsftpd. This vulnerability allows a denial of service (DoS) via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence.
CVE-2025-14104 1 Redhat 6 Ceph Storage, Enterprise Linux, Hummingbird and 3 more 2026-06-29 6.1 Medium
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
CVE-2025-14087 2 Gnome, Redhat 14 Glib, Ai Inference Server, Discovery and 11 more 2026-06-29 5.6 Medium
A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.
CVE-2025-13601 2 Gnome, Redhat 41 Glib, Ceph Storage, Codeready Linux Builder and 38 more 2026-06-29 7.7 High
A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.
CVE-2025-12464 1 Redhat 2 Enterprise Linux, Openshift 2026-06-29 6.2 Medium
A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This could lead to a buffer overrun in the e1000_receive_iov() function via the loopback code path. A malicious guest user could use this vulnerability to crash the QEMU process on the host, resulting in a denial of service.
CVE-2025-11568 1 Redhat 2 Enterprise Linux, Openshift 2026-06-29 4.4 Medium
A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue.
CVE-2025-0690 1 Redhat 2 Enterprise Linux, Openshift 2026-06-29 6.1 Medium
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.
CVE-2025-0689 2 Gnu, Redhat 3 Grub2, Enterprise Linux, Openshift 2026-06-29 7.8 High
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections.
CVE-2025-0678 2 Gnu, Redhat 4 Grub2, Enterprise Linux, Openshift and 1 more 2026-06-29 7.8 High
A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
CVE-2024-45780 1 Redhat 2 Enterprise Linux, Openshift 2026-06-29 6.7 Medium
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.
CVE-2024-45779 2 Gnu, Redhat 3 Grub2, Enterprise Linux, Openshift 2026-06-29 6 Medium
An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.
CVE-2024-45778 2 Gnu, Redhat 4 Grub2, Enterprise Linux, Openshift and 1 more 2026-06-29 4.1 Medium
A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.
CVE-2025-49796 1 Redhat 16 Cert Manager, Discovery, Enterprise Linux and 13 more 2026-06-29 9.1 Critical
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
CVE-2025-9900 1 Redhat 10 Ai Inference Server, Discovery, Enterprise Linux and 7 more 2026-06-29 8.8 High
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
CVE-2025-8067 1 Redhat 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more 2026-06-29 8.5 High
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
CVE-2025-66287 1 Redhat 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more 2026-06-29 8.8 High
A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling.
CVE-2025-32908 1 Redhat 1 Enterprise Linux 2026-06-29 7.5 High
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).
CVE-2025-32906 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-06-29 7.5 High
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.
CVE-2025-26597 3 Redhat, Tigervnc, X.org 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more 2026-06-29 7.8 High
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.