9.8

CVSS3.1

CVE-2025-27837 - Ghostscript: Access to arbitrary files through truncated path with invalid UTF-8

An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: April 1, 2025, 4:35 p.m.

9.8

CVSS3.1

CVE-2024-48818 -

An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to execute arbitrary code.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: March 27, 2025, 4:45 p.m.

9.8

CVSS3.1

CVE-2025-27836 - Ghostscript: device: Print buffer overflow

An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:18 p.m.

7.5

CVSS3.1

CVE-2025-25374 -

In NASA cFS (Core Flight System) Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: April 1, 2025, 6:46 p.m.

7.5

CVSS3.1

CVE-2025-25372 -

NASA cFS (Core Flight System) Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: April 3, 2025, 3:19 p.m.

4.3

CVSS3.1

CVE-2025-2786 - Tempo-operator: serviceaccount token exposure leading to token and subject access reviews in opensh…

A flaw was found in Tempo Operator, where it creates a ServiceAccount, ClusterRole, and ClusterRoleBinding when a user deploys a TempoStack or TempoMonolithic instance. This flaw allows a user with full access to their namespace to extract the ServiceAccount token and use it to submit TokenReview a…

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: March 22, 2026, 3:43 a.m.

5.4

CVSS3.1

CVE-2025-27810 -

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: Oct. 30, 2025, 3:05 p.m.

6.5

CVSS3.1

CVE-2025-2877 - Event-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activatio…

A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set to "debug", inventory passwords are exposed in plain text when starting a rulebook activation. This issue exists for any "debug" action in a rulebook and also affects Event Streams.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: March 20, 2026, 6:16 p.m.

7.8

CVSS3.1

CVE-2025-27833 - Ghostscript: Buffer overflow with long TTF font name

An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c.

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: April 1, 2025, 4:44 p.m.

7.5

CVSS3.1

CVE-2025-30118 -

An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only availabl…

πŸ“… Published: March 25, 2025, midnight πŸ”„ Last Modified: March 27, 2025, 4:45 p.m.
Total resulsts: 342251
Page 5535 of 34,226
Β« previous page Β» next page
Filters