Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag
Published on: 2026-01-09 08:00:09
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
CVE-2024-43901 drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401
Published on: 2026-01-08 14:37:52
Link: View Details
Information published.
CVE-2024-43899 drm/amd/display: Fix null pointer deref in dcn20_resource.c
Published on: 2026-01-08 14:38:02
Link: View Details
Information published.
CVE-2024-43826 nfs: pass explicit offset/count to trace events
Published on: 2026-01-08 14:46:06
Link: View Details
Information published.
CVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE load
Published on: 2026-01-08 14:38:34
Link: View Details
Information published.
CVE-2024-43819 kvm: s390: Reject memory region operations for ucontrol VMs
Published on: 2026-01-08 14:38:54
Link: View Details
Information published.
CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed
Published on: 2026-01-08 14:51:05
Link: View Details
Information published.
CVE-2024-42107 ice: Don't process extts if PTP is disabled
Published on: 2026-01-08 14:49:43
Link: View Details
Information published.
CVE-2024-42064 drm/amd/display: Skip pipe if the pipe idx not set properly
Published on: 2026-01-08 14:36:20
Link: View Details
Information published.
CVE-2024-42065 drm/xe: Add a NULL check in xe_ttm_stolen_mgr_init
Published on: 2026-01-08 14:37:01
Link: View Details
Information published.
CVE-2024-42066 drm/xe: Fix potential integer overflow in page size calculation
Published on: 2026-01-08 14:36:40
Link: View Details
Information published.
CVE-2024-41045 bpf: Defer work in bpf_timer_cancel_and_free
Published on: 2026-01-08 14:45:32
Link: View Details
Information published.
CVE-2024-42151 bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable
Published on: 2026-01-08 14:47:57
Link: View Details
Information published.
CVE-2024-41008 drm/amdgpu: change vm->task_info handling
Published on: 2026-01-08 14:38:02
Link: View Details
Information published.
CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command
Published on: 2026-01-08 14:46:23
Link: View Details
Information published.
CVE-2024-42134 virtio-pci: Check if is_avq is NULL
Published on: 2026-01-08 14:48:12
Link: View Details
Information published.
CVE-2024-40999 net: ena: Add validation for completion descriptors consistency
Published on: 2026-01-08 14:47:28
Link: View Details
Information published.
CVE-2024-42118 drm/amd/display: Do not return negative stream id for array
Published on: 2026-01-08 14:47:45
Link: View Details
Information published.
CVE-2024-39478 crypto: starfive - Do not free stack buffer
Published on: 2026-01-08 14:48:19
Link: View Details
Information published.
CVE-2024-41067 btrfs: scrub: handle RST lookup error correctly
Published on: 2026-01-08 14:50:33
Link: View Details
Information published.
CVE-2024-42081 drm/xe/xe_devcoredump: Check NULL before assignments
Published on: 2026-01-08 14:36:51
Link: View Details
Information published.
CVE-2025-38333 f2fs: fix to bail out in get_new_segment()
Published on: 2026-01-08 14:41:58
Link: View Details
Information published.
CVE-2025-1220 Null byte termination in hostnames
Published on: 2026-01-08 14:43:02
Link: View Details
Information published.
CVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user()
Published on: 2026-01-08 01:39:24
Link: View Details
Information published.
CVE-2025-38437 ksmbd: fix potential use-after-free in oplock/lease break ack
Published on: 2026-01-08 01:39:46
Link: View Details
Information published.
CVE-2025-38201 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
Published on: 2026-01-08 14:41:08
Link: View Details
Information published.
CVE-2025-38234 sched/rt: Fix race in push_rt_task
Published on: 2026-01-08 14:41:18
Link: View Details
Information published.
CVE-2025-38426 drm/amdgpu: Add basic validation for RAS header
Published on: 2026-01-08 14:43:45
Link: View Details
Information published.
CVE-2025-38232 NFSD: fix race between nfsd registration and exports_proc
Published on: 2026-01-08 14:41:28
Link: View Details
Information published.
CVE-2025-38359 s390/mm: Fix in_atomic() handling in do_secure_storage_access()
Published on: 2026-01-08 14:43:55
Link: View Details
Information published.
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
Published on: 2026-01-08 14:43:25
Link: View Details
Information published.
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
Published on: 2026-01-08 14:43:14
Link: View Details
Information published.
CVE-2025-38361 drm/amd/display: Check dce_hwseq before dereferencing it
Published on: 2026-01-08 14:44:05
Link: View Details
Information published.
CVE-2025-38264 nvme-tcp: sanitize request list handling
Published on: 2026-01-08 14:41:39
Link: View Details
Information published.
CVE-2025-38248 bridge: mcast: Fix use-after-free during router port configuration
Published on: 2026-01-08 14:41:48
Link: View Details
Information published.
CVE-2025-38125 net: stmmac: make sure that ptp_rate is not 0 before configuring EST
Published on: 2026-01-08 14:40:27
Link: View Details
Information published.
CVE-2025-38480 comedi: Fix use of uninitialized data in insn_rw_emulate_bits()
Published on: 2026-01-08 01:01:14
Link: View Details
Information published.
CVE-2025-38483 comedi: das16m1: Fix bit shift out of bounds
Published on: 2026-01-08 01:01:30
Link: View Details
Information published.
CVE-2025-38495 HID: core: ensure the allocated report buffer can contain the reserved report ID
Published on: 2026-01-08 01:01:56
Link: View Details
Information published.
CVE-2025-38476 rpl: Fix use-after-free in rpl_do_srh_inline().
Published on: 2026-01-08 01:39:51
Link: View Details
Information published.
CVE-2025-38481 comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large
Published on: 2026-01-08 01:01:20
Link: View Details
Information published.
CVE-2025-38487 soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled
Published on: 2026-01-08 01:01:40
Link: View Details
Information published.
CVE-2025-38162 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
Published on: 2026-01-08 14:40:38
Link: View Details
Information published.
CVE-2025-38485 iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush
Published on: 2026-01-08 01:01:35
Link: View Details
Information published.
CVE-2025-38482 comedi: das6402: Fix bit shift out of bounds
Published on: 2026-01-08 01:01:25
Link: View Details
Information published.
CVE-2025-38497 usb: gadget: configfs: Fix OOB read on empty string write
Published on: 2026-01-08 01:02:01
Link: View Details
Information published.
CVE-2025-38491 mptcp: make fallback action and fallback decision atomic
Published on: 2026-01-08 01:01:51
Link: View Details
Information published.
CVE-2025-38303 Bluetooth: eir: Fix possible crashes on eir_create_adv_data
Published on: 2026-01-08 14:42:09
Link: View Details
Information published.
CVE-2025-38279 bpf: Do not include stack ptr register in precision backtracking bookkeeping
Published on: 2026-01-08 14:42:21
Link: View Details
Information published.
CVE-2025-38269 btrfs: exit after state insertion failure at btrfs_convert_extent_bit()
Published on: 2026-01-08 14:42:31
Link: View Details
Information published.
CVE-2025-38096 wifi: iwlwifi: don't warn when if there is a FW error
Published on: 2026-01-08 14:40:58
Link: View Details
Information published.
CVE-2025-38272 net: dsa: b53: do not enable EEE on bcm63xx
Published on: 2026-01-08 14:42:41
Link: View Details
Information published.
CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
Published on: 2026-01-08 14:43:35
Link: View Details
Information published.
CVE-2025-38488 smb: client: fix use-after-free in crypt_message when using async crypto
Published on: 2026-01-08 01:01:46
Link: View Details
Information published.
CVE-2025-38131 coresight: prevent deactivate active config while enabling the config
Published on: 2026-01-08 01:39:09
Link: View Details
Information published.
CVE-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes
Published on: 2026-01-08 01:39:19
Link: View Details
Information published.
CVE-2025-38259 ASoC: codecs: wcd9335: Fix missing free of regulator supplies
Published on: 2026-01-08 01:39:29
Link: View Details
Information published.
CVE-2025-38425 i2c: tegra: check msg length in SMBUS block read
Published on: 2026-01-08 01:39:56
Link: View Details
Information published.
CVE-2025-38311 iavf: get rid of the crit lock
Published on: 2026-01-08 14:42:52
Link: View Details
Information published.
CVE-2025-38140 dm: limit swapping tables for devices with zone write plugs
Published on: 2026-01-08 14:40:48
Link: View Details
Information published.
CVE-2025-38377 rose: fix dangling neighbour pointers in rose_rt_device_down()
Published on: 2026-01-08 01:39:34
Link: View Details
Information published.
CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
Published on: 2026-01-08 14:35:46
Link: View Details
Information published.
CVE-2025-21696 mm: clear uffd-wp PTE/PMD state on mremap()
Published on: 2026-01-08 14:36:51
Link: View Details
Information published.
CVE-2025-21768 net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
Published on: 2026-01-08 14:46:15
Link: View Details
Information published.
CVE-2024-57974 udp: Deal with race between UDP socket address change and rehash
Published on: 2026-01-08 14:46:46
Link: View Details
Information published.
CVE-2024-57994 ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()
Published on: 2026-01-08 14:47:02
Link: View Details
Information published.
CVE-2025-1151 GNU Binutils ld xmemdup.c xmemdup memory leak
Published on: 2026-01-08 14:36:21
Link: View Details
Information published.
CVE-2025-21801 net: ravb: Fix missing rtnl lock in suspend/resume path
Published on: 2026-01-08 14:48:02
Link: View Details
Information published.
CVE-2025-1149 GNU Binutils ld xmalloc.c xstrdup memory leak
Published on: 2026-01-08 14:36:41
Link: View Details
Information published.
CVE-2024-57976 btrfs: do proper folio cleanup when cow_file_range() failed
Published on: 2026-01-08 14:48:45
Link: View Details
Information published.
CVE-2025-21732 RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error
Published on: 2026-01-08 14:49:27
Link: View Details
Information published.
CVE-2025-21786 workqueue: Put the pwq after detaching the rescuer from the pool
Published on: 2026-01-08 14:39:41
Link: View Details
Information published.
CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug
Published on: 2026-01-08 14:40:44
Link: View Details
Information published.
CVE-2025-1744 Out-of-bounds Write in radare2
Published on: 2026-01-08 01:40:54
Link: View Details
Information published.
CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak
Published on: 2026-01-08 14:36:31
Link: View Details
Information published.
CVE-2024-58006 PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()
Published on: 2026-01-08 14:36:18
Link: View Details
Information published.
CVE-2024-23848 In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
Published on: 2026-01-08 14:35:15
Link: View Details
Information published.
CVE-2024-57872 scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()
Published on: 2026-01-08 14:50:40
Link: View Details
Information published.
CVE-2024-56775 drm/amd/display: Fix handling of plane refcount
Published on: 2026-01-08 14:50:07
Link: View Details
Information published.
CVE-2024-57875 block: RCU protect disk->conv_zones_bitmap
Published on: 2026-01-08 14:49:01
Link: View Details
Information published.
CVE-2024-41932 sched: fix warning in sched_setaffinity
Published on: 2026-01-08 14:49:10
Link: View Details
Information published.
CVE-2024-57804 scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
Published on: 2026-01-08 14:49:59
Link: View Details
Information published.
CVE-2024-57898 wifi: cfg80211: clear link ID from bitmap during link delete after clean up
Published on: 2026-01-08 14:50:48
Link: View Details
Information published.
CVE-2025-21635 rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
Published on: 2026-01-08 14:37:14
Link: View Details
Information published.
CVE-2025-21682 eth: bnxt: always recalculate features after XDP clearing, fix null-deref
Published on: 2026-01-08 14:36:10
Link: View Details
Information published.
CVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDL
Published on: 2026-01-08 14:46:38
Link: View Details
Information published.
CVE-2024-56782 ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
Published on: 2026-01-08 14:50:16
Link: View Details
Information published.
CVE-2024-47794 bpf: Prevent tailcall infinite loop caused by freplace
Published on: 2026-01-08 14:51:00
Link: View Details
Information published.
CVE-2024-57857 RDMA/siw: Remove direct link to net_device
Published on: 2026-01-08 14:40:23
Link: View Details
Information published.
CVE-2024-35808 md/dm-raid: don't call md_reap_sync_thread() directly
Published on: 2026-01-08 14:37:31
Link: View Details
Information published.
CVE-2024-35931 drm/amdgpu: Skip do PCI error slot reset during RAS recovery
Published on: 2026-01-08 14:47:54
Link: View Details
Information published.
CVE-2024-36024 drm/amd/display: Disable idle reallow as part of command/gpint execution
Published on: 2026-01-08 14:36:59
Link: View Details
Information published.
CVE-2024-35794 dm-raid: really frozen sync_thread during suspend
Published on: 2026-01-08 14:49:43
Link: View Details
Information published.
CVE-2025-37907 accel/ivpu: Fix locking order in ivpu_job_submit
Published on: 2026-01-08 14:37:09
Link: View Details
Information published.
CVE-2025-37834 mm/vmscan: don't try to reclaim hwpoison folio
Published on: 2026-01-08 14:47:11
Link: View Details
Information published.
CVE-2025-37870 drm/amd/display: prevent hang on link training fail
Published on: 2026-01-08 14:47:20
Link: View Details
Information published.
CVE-2025-37920 xsk: Fix race condition in AF_XDP generic RX path
Published on: 2026-01-08 14:47:37
Link: View Details
Information published.
CVE-2025-37877 iommu: Clear iommu-dma ops on cleanup
Published on: 2026-01-08 14:48:27
Link: View Details
Information published.
CVE-2025-37826 scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
Published on: 2026-01-08 14:48:36
Link: View Details
Information published.
CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()
Published on: 2026-01-08 14:50:17
Link: View Details
Information published.
CVE-2025-37856 btrfs: harden block_group::bg_list against list_del() races
Published on: 2026-01-08 14:35:39
Link: View Details
Information published.
CVE-2025-37882 usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
Published on: 2026-01-08 14:35:49
Link: View Details
Information published.
CVE-2025-37822 riscv: uprobes: Add missing fence.i after building the XOL buffer
Published on: 2026-01-08 14:35:59
Link: View Details
Information published.
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
Published on: 2026-01-08 14:44:50
Link: View Details
Information published.
CVE-2025-37945 net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY
Published on: 2026-01-08 14:39:31
Link: View Details
Information published.
CVE-2025-37861 scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
Published on: 2026-01-08 14:45:01
Link: View Details
Information published.
CVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmap
Published on: 2026-01-08 14:35:20
Link: View Details
Information published.
CVE-2025-37747 perf: Fix hang while freeing sigtrap event
Published on: 2026-01-08 14:37:14
Link: View Details
Information published.
CVE-2025-37750 smb: client: fix UAF in decryption with multichannel
Published on: 2026-01-08 14:37:24
Link: View Details
Information published.
CVE-2023-52586 drm/msm/dpu: Add mutex lock in control vblank irq
Published on: 2026-01-08 14:37:02
Link: View Details
Information published.
CVE-2023-52624 drm/amd/display: Wake DMCUB before executing GPINT commands
Published on: 2026-01-08 14:38:38
Link: View Details
Information published.
CVE-2024-26672 drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()'
Published on: 2026-01-08 14:43:18
Link: View Details
Information published.
CVE-2024-26757 md: Don't ignore read-only array in md_check_recovery()
Published on: 2026-01-08 14:42:45
Link: View Details
Information published.
CVE-2024-26758 md: Don't ignore suspended array in md_check_recovery()
Published on: 2026-01-08 14:42:35
Link: View Details
Information published.
CVE-2024-26756 md: Don't register sync_thread for reshape directly
Published on: 2026-01-08 14:38:48
Link: View Details
Information published.
CVE-2024-26914 drm/amd/display: fix incorrect mpc_combine array size
Published on: 2026-01-08 14:36:48
Link: View Details
Information published.
CVE-2024-24856 NULL pointer deference in acpi_db_convert_to_package of Linux acpi module
Published on: 2026-01-08 14:50:55
Link: View Details
Information published.
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers
Published on: 2026-01-08 14:46:25
Link: View Details
Information published.
CVE-2025-39779 btrfs: subpage: keep TOWRITE tag until folio is cleaned
Published on: 2026-01-08 14:46:33
Link: View Details
Information published.
CVE-2025-39754 mm/smaps: fix race between smaps_hugetlb_range and migration
Published on: 2026-01-08 14:46:41
Link: View Details
Information published.
CVE-2025-39762 drm/amd/display: add null check
Published on: 2026-01-08 14:46:50
Link: View Details
Information published.
CVE-2025-39746 wifi: ath10k: shutdown driver when hardware is unreliable
Published on: 2026-01-08 14:46:58
Link: View Details
Information published.
CVE-2025-39747 drm/msm: Add error handling for krealloc in metadata setup
Published on: 2026-01-08 14:47:07
Link: View Details
Information published.
CVE-2025-39789 crypto: x86/aegis - Add missing error checks
Published on: 2026-01-08 14:47:16
Link: View Details
Information published.
CVE-2025-39748 bpf: Forget ranges when refining tnum after JSET
Published on: 2026-01-08 14:47:24
Link: View Details
Information published.
CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer
Published on: 2026-01-08 14:47:32
Link: View Details
Information published.
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2026-01-08 14:48:06
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2026-01-08 14:48:15
Link: View Details
Information published.
CVE-2025-55551 An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.
Published on: 2026-01-08 14:48:48
Link: View Details
Information published.
CVE-2025-38705 drm/amd/pm: fix null pointer access
Published on: 2026-01-08 14:45:17
Link: View Details
Information published.
CVE-2025-38722 habanalabs: fix UAF in export_dmabuf()
Published on: 2026-01-08 14:45:26
Link: View Details
Information published.
CVE-2025-38717 net: kcm: Fix race condition in kcm_unattach()
Published on: 2026-01-08 14:45:35
Link: View Details
Information published.
CVE-2025-38704 rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access
Published on: 2026-01-08 14:45:44
Link: View Details
Information published.
CVE-2025-39705 drm/amd/display: fix a Null pointer dereference vulnerability
Published on: 2026-01-08 14:45:52
Link: View Details
Information published.
CVE-2025-39677 net/sched: Fix backlog accounting in qdisc_dequeue_internal
Published on: 2026-01-08 14:46:00
Link: View Details
Information published.
CVE-2025-39707 drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Published on: 2026-01-08 14:46:08
Link: View Details
Information published.
CVE-2025-9901 Libsoup: improper handling of http vary header in libsoup caching
Published on: 2026-01-08 14:46:16
Link: View Details
Information published.
CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown
Published on: 2026-01-08 14:47:40
Link: View Details
Information published.
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2026-01-08 14:47:49
Link: View Details
Information published.
CVE-2025-39862 wifi: mt76: mt7915: fix list corruption after hardware restart
Published on: 2026-01-08 14:47:57
Link: View Details
Information published.
CVE-2025-55554 pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
Published on: 2026-01-08 14:48:56
Link: View Details
Information published.
CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev
Published on: 2026-01-08 14:44:27
Link: View Details
Information published.
CVE-2025-68753 ALSA: firewire-motu: add bounds check in put_user loop for DSP events
Published on: 2026-01-08 01:40:44
Link: View Details
Information published.
CVE-2025-68766 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
Published on: 2026-01-08 01:40:49
Link: View Details
Information published.
CVE-2025-68266 bfs: Reconstruct file type when loading from disk
Published on: 2026-01-08 01:38:20
Link: View Details
Information published.
CVE-2025-68303 platform/x86: intel: punit_ipc: fix memory corruption
Published on: 2026-01-08 01:38:41
Link: View Details
Information published.
CVE-2025-68301 net: atlantic: fix fragment overflow handling in RX path
Published on: 2026-01-08 01:38:53
Link: View Details
Information published.
CVE-2025-68290 most: usb: fix double free on late probe failure
Published on: 2026-01-08 01:38:59
Link: View Details
Information published.
CVE-2025-68729 wifi: ath12k: Fix MSDU buffer types handling in RX error path
Published on: 2026-01-08 01:40:01
Link: View Details
Information published.
CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()
Published on: 2026-01-08 01:40:11
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2026-01-08 01:37:57
Link: View Details
Information published.
CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
Published on: 2026-01-08 01:38:15
Link: View Details
Information published.
CVE-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
Published on: 2026-01-08 01:38:25
Link: View Details
Information published.
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
Published on: 2026-01-08 01:38:35
Link: View Details
Information published.
CVE-2025-68311 tty: serial: ip22zilog: Use platform device for probing
Published on: 2026-01-08 01:38:46
Link: View Details
Information published.
CVE-2025-68287 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
Published on: 2026-01-08 01:39:04
Link: View Details
Information published.
CVE-2025-68156 Expr has Denial of Service via Unbounded Recursion in Builtin Functions
Published on: 2026-01-08 01:39:14
Link: View Details
Information published.
CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential
Published on: 2026-01-08 01:39:41
Link: View Details
Information published.
CVE-2025-68367 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse
Published on: 2026-01-08 01:40:06
Link: View Details
Information published.
CVE-2025-68380 wifi: ath11k: fix peer HE MCS assignment
Published on: 2026-01-08 01:40:16
Link: View Details
Information published.
CVE-2025-34468 libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE
Published on: 2026-01-08 01:40:21
Link: View Details
Information published.
CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion
Published on: 2026-01-08 01:40:35
Link: View Details
Information published.
CVE-2025-38644 wifi: mac80211: reject TDLS operations when station is not associated
Published on: 2026-01-08 01:02:42
Link: View Details
Information published.
CVE-2025-38630 fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref
Published on: 2026-01-08 01:02:22
Link: View Details
Information published.
CVE-2025-38639 netfilter: xt_nfacct: don't assume acct name is null-terminated
Published on: 2026-01-08 01:02:37
Link: View Details
Information published.
CVE-2025-38499 clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
Published on: 2026-01-08 01:02:06
Link: View Details
Information published.
CVE-2025-38635 clk: davinci: Add NULL check in davinci_lpsc_clk_register()
Published on: 2026-01-08 01:02:32
Link: View Details
Information published.
CVE-2025-38624 PCI: pnv_php: Clean up allocated IRQs on unplug
Published on: 2026-01-08 01:02:17
Link: View Details
Information published.
CVE-2025-38634 power: supply: cpcap-charger: Fix null check for power_supply_get_by_name
Published on: 2026-01-08 01:02:27
Link: View Details
Information published.
CVE-2025-38502 bpf: Fix oob access in cgroup local storage
Published on: 2026-01-08 01:02:12
Link: View Details
Information published.
CVE-2025-62224 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
Published on: 2026-01-07 08:00:00
Link: View Details
User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network.
CVE-2025-40258 mptcp: fix race condition in mptcp_schedule_work()
Published on: 2026-01-07 14:36:23
Link: View Details
Information published.
CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields
Published on: 2026-01-07 14:36:30
Link: View Details
Information published.
CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
Published on: 2026-01-07 14:36:43
Link: View Details
Information published.
CVE-2025-40264 be2net: pass wrb_params in case of OS2BMC
Published on: 2026-01-07 14:36:56
Link: View Details
Information published.
CVE-2025-40250 net/mlx5: Clean up only new IRQ glue on request_irq() failure
Published on: 2026-01-07 14:37:02
Link: View Details
Information published.
CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy
Published on: 2026-01-07 14:37:09
Link: View Details
Information published.
CVE-2025-68198 crash: fix crashkernel resource shrink
Published on: 2026-01-07 14:37:45
Link: View Details
Information published.
CVE-2025-68231 mm/mempool: fix poisoning order>0 pages with HIGHMEM
Published on: 2026-01-07 14:37:52
Link: View Details
Information published.
CVE-2025-68219 cifs: fix memory leak in smb3_fs_context_parse_param error path
Published on: 2026-01-07 14:38:05
Link: View Details
Information published.
CVE-2025-68237 mtdchar: fix integer overflow in read/write ioctls
Published on: 2026-01-07 14:38:38
Link: View Details
Information published.
CVE-2025-68233 drm/tegra: Add call to put_pid()
Published on: 2026-01-07 14:38:58
Link: View Details
Information published.
CVE-2025-68285 libceph: fix potential use-after-free in have_mon_and_osd_map()
Published on: 2026-01-07 14:39:18
Link: View Details
Information published.
CVE-2025-68290 most: usb: fix double free on late probe failure
Published on: 2026-01-07 14:40:04
Link: View Details
Information published.
CVE-2025-68331 usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer
Published on: 2026-01-07 14:40:40
Link: View Details
Information published.
CVE-2025-68327 usb: renesas_usbhs: Fix synchronous external abort on unbind
Published on: 2026-01-07 14:40:47
Link: View Details
Information published.
CVE-2025-68330 iio: accel: bmc150: Fix irq assumption regression
Published on: 2026-01-07 14:40:53
Link: View Details
Information published.
CVE-2025-40261 nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
Published on: 2026-01-07 14:36:10
Link: View Details
Information published.
CVE-2025-40257 mptcp: fix a race in mptcp_pm_del_add_timer()
Published on: 2026-01-07 14:36:16
Link: View Details
Information published.
CVE-2025-40259 scsi: sg: Do not sleep in atomic context
Published on: 2026-01-07 14:36:36
Link: View Details
Information published.
CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established
Published on: 2026-01-07 14:36:49
Link: View Details
Information published.
CVE-2025-40266 KVM: arm64: Check the untrusted offset in FF-A memory share
Published on: 2026-01-07 14:37:17
Link: View Details
Information published.
CVE-2025-40345 usb: storage: sddr55: Reject out-of-bound new_pba
Published on: 2026-01-07 14:37:39
Link: View Details
Information published.
CVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot
Published on: 2026-01-07 14:37:58
Link: View Details
Information published.
CVE-2025-68229 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()
Published on: 2026-01-07 14:38:12
Link: View Details
Information published.
CVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()
Published on: 2026-01-07 14:38:19
Link: View Details
Information published.
CVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failure
Published on: 2026-01-07 14:38:25
Link: View Details
Information published.
CVE-2025-68227 mptcp: Fix proto fallback detection with BPF
Published on: 2026-01-07 14:38:32
Link: View Details
Information published.
CVE-2025-68220 net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error
Published on: 2026-01-07 14:38:45
Link: View Details
Information published.
CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc
Published on: 2026-01-07 14:38:51
Link: View Details
Information published.
CVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds access
Published on: 2026-01-07 14:39:04
Link: View Details
Information published.
CVE-2025-68282 usb: gadget: udc: fix use-after-free in usb_gadget_state_work
Published on: 2026-01-07 14:39:11
Link: View Details
Information published.
CVE-2025-68283 libceph: replace BUG_ON with bounds check for map->max_osd
Published on: 2026-01-07 14:39:25
Link: View Details
Information published.
CVE-2025-68307 can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs
Published on: 2026-01-07 14:39:31
Link: View Details
Information published.
CVE-2025-68286 drm/amd/display: Check NULL before accessing
Published on: 2026-01-07 14:39:38
Link: View Details
Information published.
CVE-2025-68295 smb: client: fix memory leak in cifs_construct_tcon()
Published on: 2026-01-07 14:39:44
Link: View Details
Information published.
CVE-2025-68288 usb: storage: Fix memory leak in USB bulk transport
Published on: 2026-01-07 14:39:51
Link: View Details
Information published.
CVE-2025-68284 libceph: prevent potential out-of-bounds writes in handle_auth_session_key()
Published on: 2026-01-07 14:39:57
Link: View Details
Information published.
CVE-2025-68308 can: kvaser_usb: leaf: Fix potential infinite loop in command parsers
Published on: 2026-01-07 14:40:11
Link: View Details
Information published.
CVE-2025-68287 usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
Published on: 2026-01-07 14:40:17
Link: View Details
Information published.
CVE-2025-68289 usb: gadget: f_eem: Fix memory leak in eem_unwrap
Published on: 2026-01-07 14:40:24
Link: View Details
Information published.
CVE-2025-68302 net: sxgbe: fix potential NULL dereference in sxgbe_rx()
Published on: 2026-01-07 14:40:31
Link: View Details
Information published.
CVE-2025-68328 firmware: stratix10-svc: fix bug in saving controller data
Published on: 2026-01-07 14:41:00
Link: View Details
Information published.
CVE-2025-68339 atm/fore200e: Fix possible data race in fore200e_open()
Published on: 2026-01-07 14:41:07
Link: View Details
Information published.
CVE-2025-68342 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data
Published on: 2026-01-07 14:41:13
Link: View Details
Information published.
CVE-2025-68343 can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header
Published on: 2026-01-07 14:41:20
Link: View Details
Information published.
CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
Published on: 2026-01-07 14:35:33
Link: View Details
Information published.
CVE-2025-38643 wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
Published on: 2026-01-07 14:35:40
Link: View Details
Information published.
CVE-2025-38556 HID: core: Harden s32ton() against conversion to 0 bits
Published on: 2026-01-07 14:35:28
Link: View Details
Information published.
CVE-2025-22105 bonding: check xdp prog when set bond mode
Published on: 2026-01-07 14:35:21
Link: View Details
Information published.
CVE-2025-39805 net: macb: fix unregister_netdev call order in macb_remove()
Published on: 2026-01-07 14:35:45
Link: View Details
Information published.
CVE-2025-1744 Out-of-bounds Write in radare2
Published on: 2026-01-07 01:01:17
Link: View Details
Information published.
CVE-2025-4432 Ring: some aes functions may panic when overflow checking is enabled in ring
Published on: 2026-01-07 01:01:35
Link: View Details
Information published.
CVE-2025-68972 In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.
Published on: 2026-01-06 14:36:03
Link: View Details
Information published.
CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential
Published on: 2026-01-06 14:35:56
Link: View Details
Information published.
CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Published on: 2026-01-06 14:36:10
Link: View Details
Information published.
CVE-2025-11961 OOBR and OOBW in pcap_ether_aton() in libpcap
Published on: 2026-01-06 01:35:35
Link: View Details
Information published.
CVE-2025-11964 OOBW in utf_16le_to_utf_8_truncated() in libpcap
Published on: 2026-01-06 01:35:42
Link: View Details
Information published.
CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error
Published on: 2026-01-05 14:36:12
Link: View Details
Information published.
CVE-2025-61594 URI Credential Leakage Bypass over CVE-2025-27221
Published on: 2026-01-05 14:36:39
Link: View Details
Information published.
CVE-2025-3001 PyTorch torch.lstm_cell memory corruption
Published on: 2026-01-05 01:38:00
Link: View Details
Information published.
CVE-2000-0006 strace allows local users to read arbitrary files via memory mapped file names.
Published on: 2026-01-04 14:35:13
Link: View Details
Information published.
CVE-2023-52970 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
Published on: 2026-01-03 01:36:09
Link: View Details
Information published.
CVE-2023-52969 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.
Published on: 2026-01-03 01:36:21
Link: View Details
Information published.
CVE-2025-2912 HDF5 H5Omessage.c H5O_msg_flush heap-based overflow
Published on: 2026-01-03 01:36:40
Link: View Details
Information published.
CVE-2024-7598 Network restriction bypass via race condition during namespace termination
Published on: 2026-01-03 01:36:35
Link: View Details
Information published.
CVE-2025-2295 Potential iSCSI R2T PDU Vulnerability
Published on: 2026-01-03 01:36:30
Link: View Details
Information published.
CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files
Published on: 2026-01-03 01:39:17
Link: View Details
Information published.
CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free
Published on: 2026-01-03 01:38:57
Link: View Details
Information published.
CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free
Published on: 2026-01-03 01:39:02
Link: View Details
Information published.
CVE-2025-61661 Grub2: grub2: out-of-bounds write via malicious usb device
Published on: 2026-01-03 01:39:08
Link: View Details
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published on: 2026-01-03 01:39:24
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2026-01-03 01:40:04
Link: View Details
Information published.
CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption
Published on: 2026-01-03 01:40:11
Link: View Details
Information published.
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
Published on: 2026-01-03 01:40:44
Link: View Details
Information published.
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
Published on: 2026-01-03 01:36:31
Link: View Details
Information published.
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
Published on: 2026-01-03 01:40:17
Link: View Details
Information published.
CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
Published on: 2026-01-03 01:40:23
Link: View Details
Information published.
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
Published on: 2026-01-03 01:41:03
Link: View Details
Information published.
CVE-2025-13699 MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
Published on: 2026-01-03 01:36:02
Link: View Details
Information published.
CVE-2025-14177 Information Leak of Memory in getimagesize
Published on: 2026-01-03 01:36:13
Link: View Details
Information published.
CVE-2025-14178 Heap buffer overflow in array_merge()
Published on: 2026-01-03 01:36:22
Link: View Details
Information published.
CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Published on: 2026-01-03 01:02:22
Link: View Details
Information published.
CVE-2025-34468 libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE
Published on: 2026-01-03 01:01:22
Link: View Details
Information published.
CVE-2025-11961 OOBR and OOBW in pcap_ether_aton() in libpcap
Published on: 2026-01-03 01:01:36
Link: View Details
Information published.
CVE-2025-11964 OOBW in utf_16le_to_utf_8_truncated() in libpcap
Published on: 2026-01-03 01:01:49
Link: View Details
Information published.
CVE-2025-69277 libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group.
Published on: 2026-01-03 01:01:58
Link: View Details
Information published.
CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion
Published on: 2026-01-03 01:02:10
Link: View Details
Information published.
CVE-2025-61594 URI Credential Leakage Bypass over CVE-2025-27221
Published on: 2026-01-03 01:02:18
Link: View Details
Information published.
CVE-2021-23445 Cross-site Scripting (XSS)
Published on: 2026-01-03 01:37:36
Link: View Details
Information published.
CVE-2025-9288 Missing type checks leading to hash rewind and passing on crafted data
Published on: 2026-01-03 01:37:40
Link: View Details
Information published.
CVE-2024-45310 runc can be confused to create empty files/directories on the host
Published on: 2026-01-03 01:35:10
Link: View Details
Information published.
CVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
Published on: 2026-01-03 01:36:46
Link: View Details
Information published.
CVE-2025-46327 Go Snowflake Driver has race condition when checking access to Easy Logging configuration file
Published on: 2026-01-03 01:36:54
Link: View Details
Information published.
CVE-2025-61103 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
Published on: 2026-01-03 01:37:55
Link: View Details
Information published.
CVE-2025-61107 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet.
Published on: 2026-01-03 01:38:07
Link: View Details
Information published.
CVE-2025-61102 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
Published on: 2026-01-03 01:38:13
Link: View Details
Information published.
CVE-2025-61100 FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions.
Published on: 2026-01-03 01:38:23
Link: View Details
Information published.
CVE-2025-61106 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
Published on: 2026-01-03 01:38:02
Link: View Details
Information published.
CVE-2025-61101 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
Published on: 2026-01-03 01:38:18
Link: View Details
Information published.
CVE-2025-61104 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet.
Published on: 2026-01-03 01:38:28
Link: View Details
Information published.
CVE-2025-61099 FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet.
Published on: 2026-01-03 01:38:33
Link: View Details
Information published.
CVE-2024-6531 Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.
Published on: 2026-01-03 01:35:52
Link: View Details
Information published.
CVE-2024-6485 XSS in Bootstrap button component
Published on: 2026-01-03 01:39:48
Link: View Details
Information published.
CVE-2025-7425 Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
Published on: 2026-01-03 01:37:15
Link: View Details
Information published.
CVE-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
Published on: 2026-01-03 01:37:21
Link: View Details
Information published.
CVE-2025-10911 Libxslt: use-after-free with key data stored cross-rvt
Published on: 2026-01-03 01:37:47
Link: View Details
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
Published on: 2026-01-02 14:40:26
Link: View Details
Information published.
CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
Published on: 2026-01-02 14:39:41
Link: View Details
Information published.
CVE-2025-64434 KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing
Published on: 2026-01-02 14:39:30
Link: View Details
Information published.
CVE-2025-64433 KubeVirt Arbitrary Container File Read
Published on: 2026-01-02 14:39:25
Link: View Details
Information published.
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Published on: 2026-01-02 14:39:36
Link: View Details
Information published.
CVE-2025-64437 KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
Published on: 2026-01-02 14:39:46
Link: View Details
Information published.
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write
Published on: 2026-01-02 14:40:04
Link: View Details
Information published.
CVE-2025-64432 KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
Published on: 2026-01-02 14:39:19
Link: View Details
Information published.
CVE-2024-56738 GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.
Published on: 2026-01-02 14:35:52
Link: View Details
Information published.
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
Published on: 2026-01-02 14:38:18
Link: View Details
Information published.
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
Published on: 2026-01-02 14:38:23
Link: View Details
Information published.
CVE-2025-6269 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
Published on: 2026-01-02 14:37:44
Link: View Details
Information published.
CVE-2025-6858 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference
Published on: 2026-01-02 14:37:49
Link: View Details
Information published.
CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow
Published on: 2026-01-02 14:38:00
Link: View Details
Information published.
CVE-2025-6750 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
Published on: 2026-01-02 14:38:06
Link: View Details
Information published.
CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow
Published on: 2026-01-02 14:38:12
Link: View Details
Information published.
CVE-2025-6270 HDF5 H5FSsection.c H5FS__sect_find_node heap-based overflow
Published on: 2026-01-02 14:37:38
Link: View Details
Information published.
CVE-2025-6818 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow
Published on: 2026-01-02 14:37:55
Link: View Details
Information published.
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
Published on: 2026-01-02 14:36:41
Link: View Details
Information published.
CVE-2024-30896 InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organizations feature is operating as intended and that users may choose to add users to non-default organizations. A future release of InfluxDB 2.x will remove the ability to retrieve tokens from the API.
Published on: 2026-01-02 14:35:38
Link: View Details
Information published.
CVE-2024-3177 Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin
Published on: 2026-01-02 14:35:05
Link: View Details
Information published.
CVE-2025-59184 Storage Spaces Direct Information Disclosure Vulnerability
Published on: 2026-01-02 08:00:00
Link: View Details
Added acknowledgements. This is an informational change only.
CVE-2025-55683 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-01-02 08:00:00
Link: View Details
Added acknowledgements. This is an informational change only.
CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability
Published on: 2026-01-02 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-2925 HDF5 H5MM.c H5MM_realloc double free
Published on: 2025-12-31 14:35:38
Link: View Details
Information published.
CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
Published on: 2025-12-31 14:35:44
Link: View Details
Information published.
CVE-2025-2924 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
Published on: 2025-12-31 14:35:50
Link: View Details
Information published.
CVE-2025-2914 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
Published on: 2025-12-31 14:35:56
Link: View Details
Information published.
CVE-2025-2915 HDF5 H5Faccum.c H5F__accum_free heap-based overflow
Published on: 2025-12-31 14:36:01
Link: View Details
Information published.
CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
Published on: 2025-12-31 14:35:17
Link: View Details
Information published.
CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow
Published on: 2025-12-31 14:35:33
Link: View Details
Information published.
CVE-2025-2308 HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow
Published on: 2025-12-31 14:35:22
Link: View Details
Information published.
CVE-2025-2309 HDF5 Type Conversion Logic H5T__bit_copy heap-based overflow
Published on: 2025-12-31 14:35:27
Link: View Details
Information published.
CVE-2025-58436 OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack
Published on: 2025-12-31 14:36:30
Link: View Details
Information published.
CVE-2025-13836 Excessive read buffering DoS in http.client
Published on: 2025-12-31 01:36:27
Link: View Details
Information published.
CVE-2025-13837 Out-of-memory when loading Plist
Published on: 2025-12-31 01:36:37
Link: View Details
Information published.
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
Published on: 2025-12-31 01:02:05
Link: View Details
Information published.
CVE-2025-12084 Quadratic complexity in node ID cache clearing
Published on: 2025-12-31 01:36:45
Link: View Details
Information published.
CVE-2025-68615 Net-SNMP snmptrapd crash
Published on: 2025-12-31 01:37:13
Link: View Details
Information published.
CVE-2025-14177 Information Leak of Memory in getimagesize
Published on: 2025-12-31 01:02:15
Link: View Details
Information published.
CVE-2025-14178 Heap buffer overflow in array_merge()
Published on: 2025-12-31 01:02:10
Link: View Details
Information published.
CVE-2021-44964 Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.
Published on: 2025-12-31 01:35:10
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-30 14:35:57
Link: View Details
Information published.
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
Published on: 2025-12-30 01:36:30
Link: View Details
Information published.
CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
Published on: 2025-12-30 14:36:04
Link: View Details
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
Published on: 2025-12-30 14:36:11
Link: View Details
Information published.
CVE-2025-68615 Net-SNMP snmptrapd crash
Published on: 2025-12-30 01:36:49
Link: View Details
Information published.
CVE-2025-13699 MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
Published on: 2025-12-30 01:37:07
Link: View Details
Information published.
CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Published on: 2025-12-30 01:01:21
Link: View Details
Information published.
CVE-2023-52970 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
Published on: 2025-12-30 01:35:17
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-30 01:36:12
Link: View Details
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
Published on: 2025-12-30 01:36:19
Link: View Details
Information published.
CVE-2025-68972 In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.
Published on: 2025-12-29 14:35:53
Link: View Details
Information published.
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
Published on: 2025-12-29 14:36:08
Link: View Details
Information published.
CVE-2025-14177 Information Leak of Memory in getimagesize
Published on: 2025-12-29 14:35:58
Link: View Details
Information published.
CVE-2025-14178 Heap buffer overflow in array_merge()
Published on: 2025-12-29 14:36:03
Link: View Details
Information published.
CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
Published on: 2025-12-27 14:36:13
Link: View Details
Information published.
CVE-2025-68156 Expr has Denial of Service via Unbounded Recursion in Builtin Functions
Published on: 2025-12-27 01:36:36
Link: View Details
Information published.
CVE-2025-13699 MariaDB mariadb-dump Utility Directory Traversal Remote Code Execution Vulnerability
Published on: 2025-12-27 01:36:47
Link: View Details
Information published.
CVE-2025-68345 ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()
Published on: 2025-12-26 14:36:11
Link: View Details
Information published.
CVE-2025-68357 iomap: allocate s_dio_done_wq for async reads as well
Published on: 2025-12-26 14:36:30
Link: View Details
Information published.
CVE-2025-68366 nbd: defer config unlock in nbd_genl_connect
Published on: 2025-12-26 14:36:35
Link: View Details
Information published.
CVE-2025-68736 landlock: Fix handling of disconnected directories
Published on: 2025-12-26 14:36:40
Link: View Details
Information published.
CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
Published on: 2025-12-26 14:36:45
Link: View Details
Information published.
CVE-2025-68729 wifi: ath12k: Fix MSDU buffer types handling in RX error path
Published on: 2025-12-26 14:36:50
Link: View Details
Information published.
CVE-2025-68744 bpf: Free special fields when update [lru_,]percpu_hash maps
Published on: 2025-12-26 14:36:55
Link: View Details
Information published.
CVE-2025-68740 ima: Handle error code returned by ima_filter_rule_match()
Published on: 2025-12-26 14:37:57
Link: View Details
Information published.
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
Published on: 2025-12-26 14:38:07
Link: View Details
Information published.
CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()
Published on: 2025-12-26 14:38:12
Link: View Details
Information published.
CVE-2025-68371 scsi: smartpqi: Fix device resources accessed after device removal
Published on: 2025-12-26 14:35:51
Link: View Details
Information published.
CVE-2025-68349 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
Published on: 2025-12-26 14:35:56
Link: View Details
Information published.
CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
Published on: 2025-12-26 14:36:01
Link: View Details
Information published.
CVE-2025-68362 wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()
Published on: 2025-12-26 14:36:06
Link: View Details
Information published.
CVE-2025-68741 scsi: qla2xxx: Fix improper freeing of purex item
Published on: 2025-12-26 14:36:16
Link: View Details
Information published.
CVE-2025-68732 gpu: host1x: Fix race in syncpt alloc/free
Published on: 2025-12-26 14:36:21
Link: View Details
Information published.
CVE-2023-54161 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
Published on: 2025-12-26 14:36:26
Link: View Details
Information published.
CVE-2025-68347 ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
Published on: 2025-12-26 14:37:00
Link: View Details
Information published.
CVE-2025-68344 ALSA: wavefront: Fix integer overflow in sample size validation
Published on: 2025-12-26 14:37:04
Link: View Details
Information published.
CVE-2025-68746 spi: tegra210-quad: Fix timeout handling
Published on: 2025-12-26 14:37:09
Link: View Details
Information published.
CVE-2025-68356 gfs2: Prevent recursive memory reclaim
Published on: 2025-12-26 14:37:14
Link: View Details
Information published.
CVE-2025-68742 bpf: Fix invalid prog->stats access when update_effective_progs fails
Published on: 2025-12-26 14:37:19
Link: View Details
Information published.
CVE-2025-68367 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse
Published on: 2025-12-26 14:37:24
Link: View Details
Information published.
CVE-2025-68365 fs/ntfs3: Initialize allocated memory before use
Published on: 2025-12-26 14:37:29
Link: View Details
Information published.
CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack
Published on: 2025-12-26 14:37:33
Link: View Details
Information published.
CVE-2025-68728 ntfs3: fix uninit memory after failed mi_read in mi_format_new
Published on: 2025-12-26 14:37:38
Link: View Details
Information published.
CVE-2025-68372 nbd: defer config put in recv_work
Published on: 2025-12-26 14:37:43
Link: View Details
Information published.
CVE-2025-68358 btrfs: fix racy bitfield write in btrfs_clear_space_info_full()
Published on: 2025-12-26 14:37:48
Link: View Details
Information published.
CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
Published on: 2025-12-26 14:37:53
Link: View Details
Information published.
CVE-2025-68363 bpf: Check skb->transport_header is set in bpf_skb_check_mtu
Published on: 2025-12-26 14:38:02
Link: View Details
Information published.
CVE-2025-68364 ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent()
Published on: 2025-12-26 14:38:17
Link: View Details
Information published.
CVE-2025-68727 ntfs3: Fix uninit buffer allocated by __getname()
Published on: 2025-12-26 14:38:22
Link: View Details
Information published.
CVE-2025-68378 bpf: Fix stackmap overflow check in __bpf_get_stackid()
Published on: 2025-12-26 14:38:26
Link: View Details
Information published.
CVE-2025-68376 coresight: ETR: Fix ETR buffer use-after-free issue
Published on: 2025-12-26 14:38:31
Link: View Details
Information published.
CVE-2025-68380 wifi: ath11k: fix peer HE MCS assignment
Published on: 2025-12-26 14:38:36
Link: View Details
Information published.
CVE-2025-68724 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
Published on: 2025-12-26 14:38:41
Link: View Details
Information published.
CVE-2025-68374 md: fix rcu protection in md_wakeup_thread
Published on: 2025-12-26 14:38:46
Link: View Details
Information published.
CVE-2025-68733 smack: fix bug: unprivileged task can create labels
Published on: 2025-12-26 14:38:50
Link: View Details
Information published.
CVE-2023-54061 x86: fix clear_user_rep_good() exception handling annotation
Published on: 2025-12-26 14:38:55
Link: View Details
Information published.
CVE-2025-7425 Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
Published on: 2025-12-26 14:39:00
Link: View Details
Information published.
CVE-2025-7425 Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
Published on: 2025-12-26 01:01:24
Link: View Details
Information published.
CVE-2025-3001 PyTorch torch.lstm_cell memory corruption
Published on: 2025-12-25 01:38:09
Link: View Details
Information published.
CVE-2025-68345 ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi()
Published on: 2025-12-25 01:03:07
Link: View Details
Information published.
CVE-2025-68357 iomap: allocate s_dio_done_wq for async reads as well
Published on: 2025-12-25 01:03:28
Link: View Details
Information published.
CVE-2025-68366 nbd: defer config unlock in nbd_genl_connect
Published on: 2025-12-25 01:03:34
Link: View Details
Information published.
CVE-2025-68736 landlock: Fix handling of disconnected directories
Published on: 2025-12-25 01:03:39
Link: View Details
Information published.
CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
Published on: 2025-12-25 01:03:44
Link: View Details
Information published.
CVE-2025-68729 wifi: ath12k: Fix MSDU buffer types handling in RX error path
Published on: 2025-12-25 01:03:49
Link: View Details
Information published.
CVE-2025-68744 bpf: Free special fields when update [lru_,]percpu_hash maps
Published on: 2025-12-25 01:03:54
Link: View Details
Information published.
CVE-2025-68740 ima: Handle error code returned by ima_filter_rule_match()
Published on: 2025-12-25 01:05:03
Link: View Details
Information published.
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
Published on: 2025-12-25 01:05:14
Link: View Details
Information published.
CVE-2025-68346 ALSA: dice: fix buffer overflow in detect_stream_formats()
Published on: 2025-12-25 01:05:19
Link: View Details
Information published.
CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential
Published on: 2025-12-25 01:37:57
Link: View Details
Information published.
CVE-2025-68615 Net-SNMP snmptrapd crash
Published on: 2025-12-25 01:38:02
Link: View Details
Information published.
CVE-2025-68371 scsi: smartpqi: Fix device resources accessed after device removal
Published on: 2025-12-25 01:02:46
Link: View Details
Information published.
CVE-2025-68349 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
Published on: 2025-12-25 01:02:51
Link: View Details
Information published.
CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex
Published on: 2025-12-25 01:02:57
Link: View Details
Information published.
CVE-2025-68362 wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb()
Published on: 2025-12-25 01:03:02
Link: View Details
Information published.
CVE-2025-68741 scsi: qla2xxx: Fix improper freeing of purex item
Published on: 2025-12-25 01:03:12
Link: View Details
Information published.
CVE-2025-68732 gpu: host1x: Fix race in syncpt alloc/free
Published on: 2025-12-25 01:03:18
Link: View Details
Information published.
CVE-2023-54161 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
Published on: 2025-12-25 01:03:23
Link: View Details
Information published.
CVE-2025-68347 ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
Published on: 2025-12-25 01:04:00
Link: View Details
Information published.
CVE-2025-68344 ALSA: wavefront: Fix integer overflow in sample size validation
Published on: 2025-12-25 01:04:05
Link: View Details
Information published.
CVE-2025-68746 spi: tegra210-quad: Fix timeout handling
Published on: 2025-12-25 01:04:11
Link: View Details
Information published.
CVE-2025-68356 gfs2: Prevent recursive memory reclaim
Published on: 2025-12-25 01:04:16
Link: View Details
Information published.
CVE-2025-68742 bpf: Fix invalid prog->stats access when update_effective_progs fails
Published on: 2025-12-25 01:04:21
Link: View Details
Information published.
CVE-2025-68367 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse
Published on: 2025-12-25 01:04:26
Link: View Details
Information published.
CVE-2025-68365 fs/ntfs3: Initialize allocated memory before use
Published on: 2025-12-25 01:04:31
Link: View Details
Information published.
CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack
Published on: 2025-12-25 01:04:37
Link: View Details
Information published.
CVE-2025-68728 ntfs3: fix uninit memory after failed mi_read in mi_format_new
Published on: 2025-12-25 01:04:42
Link: View Details
Information published.
CVE-2025-68372 nbd: defer config put in recv_work
Published on: 2025-12-25 01:04:47
Link: View Details
Information published.
CVE-2025-68358 btrfs: fix racy bitfield write in btrfs_clear_space_info_full()
Published on: 2025-12-25 01:04:52
Link: View Details
Information published.
CVE-2023-54082 af_unix: Fix null-ptr-deref in unix_stream_sendpage().
Published on: 2025-12-25 01:04:58
Link: View Details
Information published.
CVE-2025-68363 bpf: Check skb->transport_header is set in bpf_skb_check_mtu
Published on: 2025-12-25 01:05:08
Link: View Details
Information published.
CVE-2025-68364 ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent()
Published on: 2025-12-25 01:05:24
Link: View Details
Information published.
CVE-2025-68727 ntfs3: Fix uninit buffer allocated by __getname()
Published on: 2025-12-25 01:05:30
Link: View Details
Information published.
CVE-2025-68378 bpf: Fix stackmap overflow check in __bpf_get_stackid()
Published on: 2025-12-25 01:05:35
Link: View Details
Information published.
CVE-2025-68376 coresight: ETR: Fix ETR buffer use-after-free issue
Published on: 2025-12-25 01:05:40
Link: View Details
Information published.
CVE-2025-68380 wifi: ath11k: fix peer HE MCS assignment
Published on: 2025-12-25 01:05:45
Link: View Details
Information published.
CVE-2025-68724 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
Published on: 2025-12-25 01:05:51
Link: View Details
Information published.
CVE-2025-68374 md: fix rcu protection in md_wakeup_thread
Published on: 2025-12-25 01:05:56
Link: View Details
Information published.
CVE-2025-68733 smack: fix bug: unprivileged task can create labels
Published on: 2025-12-25 01:06:01
Link: View Details
Information published.
CVE-2023-54061 x86: fix clear_user_rep_good() exception handling annotation
Published on: 2025-12-25 01:06:07
Link: View Details
Information published.
CVE-2025-38393 NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN
Published on: 2025-12-25 01:01:35
Link: View Details
Information published.
CVE-2025-38399 scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
Published on: 2025-12-25 01:01:45
Link: View Details
Information published.
CVE-2025-38401 mtk-sd: Prevent memory corruption from DMA map failure
Published on: 2025-12-25 01:01:55
Link: View Details
Information published.
CVE-2025-38403 vsock/vmci: Clear the vmci transport packet properly when initializing it
Published on: 2025-12-25 01:02:01
Link: View Details
Information published.
CVE-2025-38410 drm/msm: Fix a fence leak in submit error path
Published on: 2025-12-25 01:02:16
Link: View Details
Information published.
CVE-2025-38406 wifi: ath6kl: remove WARN on bad firmware input
Published on: 2025-12-25 01:02:06
Link: View Details
Information published.
CVE-2025-38477 net/sched: sch_qfq: Fix race condition on qfq_aggregate
Published on: 2025-12-25 01:02:36
Link: View Details
Information published.
CVE-2025-38422 net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices
Published on: 2025-12-25 01:02:26
Link: View Details
Information published.
CVE-2025-38425 i2c: tegra: check msg length in SMBUS block read
Published on: 2025-12-25 01:02:31
Link: View Details
Information published.
CVE-2025-38409 drm/msm: Fix another leak in the submit error path
Published on: 2025-12-25 01:02:11
Link: View Details
Information published.
CVE-2025-38395 regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods
Published on: 2025-12-25 01:01:40
Link: View Details
Information published.
CVE-2025-38478 comedi: Fix initialization of data for instructions that write to subdevice
Published on: 2025-12-25 01:02:40
Link: View Details
Information published.
CVE-2025-38412 platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks
Published on: 2025-12-25 01:02:21
Link: View Details
Information published.
CVE-2025-38391 usb: typec: altmodes/displayport: do not index invalid pin_assignments
Published on: 2025-12-25 01:01:30
Link: View Details
Information published.
CVE-2025-38400 nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.
Published on: 2025-12-25 01:01:51
Link: View Details
Information published.
CVE-2025-58436 OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack
Published on: 2025-12-24 14:35:34
Link: View Details
Information published.
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write
Published on: 2025-12-24 14:35:41
Link: View Details
Information published.
CVE-2024-7883 CMSE secure state may leak from stack to floating-point registers
Published on: 2025-12-24 01:05:01
Link: View Details
Information published.
CVE-2025-62231 Xorg: xmayland: value overflow in xkbsetcompatmap()
Published on: 2025-12-24 01:02:28
Link: View Details
Information published.
CVE-2025-62229 Xorg: xmayland: use-after-free in xpresentnotify structure creation
Published on: 2025-12-24 01:02:23
Link: View Details
Information published.
CVE-2025-12105 Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion
Published on: 2025-12-24 01:38:08
Link: View Details
Information published.
CVE-2025-62230 Xorg: xwayland: use-after-free in xkb client resource removal
Published on: 2025-12-24 01:02:33
Link: View Details
Information published.
CVE-2025-38466 perf: Revert to requiring CAP_SYS_ADMIN for uprobes
Published on: 2025-12-24 01:03:53
Link: View Details
Information published.
CVE-2025-38437 ksmbd: fix potential use-after-free in oplock/lease break ack
Published on: 2025-12-24 01:02:38
Link: View Details
Information published.
CVE-2025-38439 bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
Published on: 2025-12-24 01:02:43
Link: View Details
Information published.
CVE-2025-38458 atm: clip: Fix NULL pointer dereference in vcc_sendmsg()
Published on: 2025-12-24 01:03:18
Link: View Details
Information published.
CVE-2025-38457 net/sched: Abort __tc_modify_qdisc if parent class does not exist
Published on: 2025-12-24 01:03:13
Link: View Details
Information published.
CVE-2025-38445 md/raid1: Fix stack memory use after return in raid1_reshape
Published on: 2025-12-24 01:03:03
Link: View Details
Information published.
CVE-2025-38462 vsock: Fix transport_{g2h,h2g} TOCTOU
Published on: 2025-12-24 01:03:38
Link: View Details
Information published.
CVE-2025-38465 netlink: Fix wraparounds of sk->sk_rmem_alloc.
Published on: 2025-12-24 01:03:48
Link: View Details
Information published.
CVE-2025-38461 vsock: Fix transport_* TOCTOU
Published on: 2025-12-24 01:03:33
Link: View Details
Information published.
CVE-2025-38443 nbd: fix uaf in nbd_genl_connect() error path
Published on: 2025-12-24 01:02:53
Link: View Details
Information published.
CVE-2025-38464 tipc: Fix use-after-free in tipc_conn_close().
Published on: 2025-12-24 01:03:43
Link: View Details
Information published.
CVE-2025-38460 atm: clip: Fix potential null-ptr-deref in to_atmarpd().
Published on: 2025-12-24 01:03:28
Link: View Details
Information published.
CVE-2025-38459 atm: clip: Fix infinite recursive call of clip_push().
Published on: 2025-12-24 01:03:23
Link: View Details
Information published.
CVE-2025-38476 rpl: Fix use-after-free in rpl_do_srh_inline().
Published on: 2025-12-24 01:04:23
Link: View Details
Information published.
CVE-2025-38470 net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime
Published on: 2025-12-24 01:04:08
Link: View Details
Information published.
CVE-2025-38448 usb: gadget: u_serial: Fix race condition in TTY wakeup
Published on: 2025-12-24 01:03:08
Link: View Details
Information published.
CVE-2025-38467 drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling
Published on: 2025-12-24 01:03:58
Link: View Details
Information published.
CVE-2025-38468 net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree
Published on: 2025-12-24 01:04:03
Link: View Details
Information published.
CVE-2025-38474 usb: net: sierra: check for no status endpoint
Published on: 2025-12-24 01:04:18
Link: View Details
Information published.
CVE-2025-38444 raid10: cleanup memleak at raid10_make_request
Published on: 2025-12-24 01:02:58
Link: View Details
Information published.
CVE-2025-38441 netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()
Published on: 2025-12-24 01:02:49
Link: View Details
Information published.
CVE-2025-38473 Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
Published on: 2025-12-24 01:04:14
Link: View Details
Information published.
CVE-2025-55319 Agentic AI and Visual Studio Code Remote Code Execution Vulnerability
Published on: 2025-12-23 08:00:00
Link: View Details
Corrected Download and Article links in the Security Updates table. This is an informational change only.
CVE-2025-64680 Windows DWM Core Library Elevation of Privilege Vulnerability
Published on: 2025-12-23 08:00:00
Link: View Details
Updated the build numbers. This is an informational update only.
CVE-2025-64433 KubeVirt Arbitrary Container File Read
Published on: 2025-12-23 01:37:02
Link: View Details
Information published.
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Published on: 2025-12-23 01:37:09
Link: View Details
Information published.
CVE-2025-64437 KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
Published on: 2025-12-23 01:37:16
Link: View Details
Information published.
CVE-2025-64432 KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
Published on: 2025-12-23 01:36:55
Link: View Details
Information published.
CVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
Published on: 2025-12-23 01:36:29
Link: View Details
Information published.
CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
Published on: 2025-12-23 01:37:37
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-23 01:37:58
Link: View Details
Information published.
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published on: 2025-12-23 01:38:10
Link: View Details
Information published.
CVE-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-23 01:37:15
Link: View Details
Information published.
CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit
Published on: 2025-12-23 01:37:23
Link: View Details
Information published.
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published on: 2025-12-23 01:38:16
Link: View Details
Information published.
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
Published on: 2025-12-23 01:35:11
Link: View Details
Information published.
CVE-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-23 01:37:09
Link: View Details
Information published.
CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender
Published on: 2025-12-23 01:37:29
Link: View Details
Information published.
CVE-2025-68114 Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow
Published on: 2025-12-23 01:37:34
Link: View Details
Information published.
CVE-2025-38300 crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()
Published on: 2025-12-23 01:36:50
Link: View Details
Information published.
CVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP
Published on: 2025-12-23 01:36:56
Link: View Details
Information published.
CVE-2025-38347 f2fs: fix to do sanity check on ino and xnid
Published on: 2025-12-23 01:37:01
Link: View Details
Information published.
CVE-2025-37931 btrfs: adjust subpage bit start based on sectorsize
Published on: 2025-12-23 01:36:34
Link: View Details
Information published.
CVE-2025-37932 sch_htb: make htb_qlen_notify() idempotent
Published on: 2025-12-23 01:36:40
Link: View Details
Information published.
CVE-2025-37938 tracing: Verify event formats that have "%*p.."
Published on: 2025-12-23 01:36:45
Link: View Details
Information published.
CVE-2025-12105 Libsoup: heap use-after-free in libsoup message queue handling during http/2 read completion
Published on: 2025-12-22 14:35:26
Link: View Details
Information published.
CVE-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
Published on: 2025-12-22 14:35:05
Link: View Details
Information published.
CVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
Published on: 2025-12-21 01:01:17
Link: View Details
Information published.
CVE-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-21 01:02:03
Link: View Details
Information published.
CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit
Published on: 2025-12-21 01:02:12
Link: View Details
Information published.
CVE-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-21 01:01:58
Link: View Details
Information published.
CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender
Published on: 2025-12-21 01:02:17
Link: View Details
Information published.
CVE-2025-68114 Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow
Published on: 2025-12-21 01:02:22
Link: View Details
Information published.
CVE-2025-38300 crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()
Published on: 2025-12-21 01:01:38
Link: View Details
Information published.
CVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP
Published on: 2025-12-21 01:01:43
Link: View Details
Information published.
CVE-2025-38347 f2fs: fix to do sanity check on ino and xnid
Published on: 2025-12-21 01:01:48
Link: View Details
Information published.
CVE-2025-37931 btrfs: adjust subpage bit start based on sectorsize
Published on: 2025-12-21 01:01:23
Link: View Details
Information published.
CVE-2025-37932 sch_htb: make htb_qlen_notify() idempotent
Published on: 2025-12-21 01:01:28
Link: View Details
Information published.
CVE-2025-37938 tracing: Verify event formats that have "%*p.."
Published on: 2025-12-21 01:01:33
Link: View Details
Information published.
CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
Published on: 2025-12-20 14:35:11
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-20 14:35:32
Link: View Details
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published on: 2025-12-20 14:35:39
Link: View Details
Information published.
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals
Published on: 2025-12-20 14:35:58
Link: View Details
Information published.
CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption
Published on: 2025-12-20 01:40:29
Link: View Details
Information published.
CVE-2025-68324 scsi: imm: Fix use-after-free bug caused by unfinished delayed work
Published on: 2025-12-20 01:01:19
Link: View Details
Information published.
CVE-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-20 01:01:25
Link: View Details
Information published.
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published on: 2025-12-20 14:35:45
Link: View Details
Information published.
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Published on: 2025-12-20 14:35:52
Link: View Details
Information published.
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
Published on: 2025-12-20 01:40:40
Link: View Details
Information published.
CVE-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-20 01:01:30
Link: View Details
Information published.
CVE-2025-2925 HDF5 H5MM.c H5MM_realloc double free
Published on: 2025-12-20 01:36:15
Link: View Details
Information published.
CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
Published on: 2025-12-20 01:36:23
Link: View Details
Information published.
CVE-2025-2924 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
Published on: 2025-12-20 01:36:32
Link: View Details
Information published.
CVE-2025-2914 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
Published on: 2025-12-20 01:36:41
Link: View Details
Information published.
CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
Published on: 2025-12-20 01:35:57
Link: View Details
Information published.
CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow
Published on: 2025-12-20 01:36:06
Link: View Details
Information published.
CVE-2025-38062 genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie
Published on: 2025-12-20 01:01:39
Link: View Details
Information published.
CVE-2025-6269 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
Published on: 2025-12-20 01:37:00
Link: View Details
Information published.
CVE-2025-6858 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference
Published on: 2025-12-20 01:37:09
Link: View Details
Information published.
CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow
Published on: 2025-12-20 01:37:26
Link: View Details
Information published.
CVE-2025-6750 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
Published on: 2025-12-20 01:37:35
Link: View Details
Information published.
CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow
Published on: 2025-12-20 01:37:44
Link: View Details
Information published.
CVE-2025-38040 serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
Published on: 2025-12-20 01:01:34
Link: View Details
Information published.
CVE-2025-6818 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow
Published on: 2025-12-20 01:37:18
Link: View Details
Information published.
CVE-2025-38148 net: phy: mscc: Fix memory leak when using one step timestamping
Published on: 2025-12-20 01:01:44
Link: View Details
Information published.
CVE-2025-38198 fbcon: Make sure modelist not set on unregistered console
Published on: 2025-12-20 01:02:04
Link: View Details
Information published.
CVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var
Published on: 2025-12-20 01:02:10
Link: View Details
Information published.
CVE-2025-38236 af_unix: Don't leave consecutive consumed OOB skbs.
Published on: 2025-12-20 01:02:25
Link: View Details
Information published.
CVE-2025-38251 atm: clip: prevent NULL deref in clip_push()
Published on: 2025-12-20 01:02:39
Link: View Details
Information published.
CVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user()
Published on: 2025-12-20 01:02:44
Link: View Details
Information published.
CVE-2025-38262 tty: serial: uartlite: register uart driver in init
Published on: 2025-12-20 01:02:54
Link: View Details
Information published.
CVE-2025-38263 bcache: fix NULL pointer in cache_set_flush()
Published on: 2025-12-20 01:02:59
Link: View Details
Information published.
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
Published on: 2025-12-20 01:37:56
Link: View Details
Information published.
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
Published on: 2025-12-20 01:38:05
Link: View Details
Information published.
CVE-2025-38166 bpf: fix ktls panic with sockmap
Published on: 2025-12-20 01:01:49
Link: View Details
Information published.
CVE-2025-38191 ksmbd: fix null pointer dereference in destroy_previous_session
Published on: 2025-12-20 01:01:59
Link: View Details
Information published.
CVE-2025-38225 media: imx-jpeg: Cleanup after an allocation error
Published on: 2025-12-20 01:02:15
Link: View Details
Information published.
CVE-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes
Published on: 2025-12-20 01:02:20
Link: View Details
Information published.
CVE-2025-38245 atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().
Published on: 2025-12-20 01:02:30
Link: View Details
Information published.
CVE-2025-38249 ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
Published on: 2025-12-20 01:02:34
Link: View Details
Information published.
CVE-2025-38259 ASoC: codecs: wcd9335: Fix missing free of regulator supplies
Published on: 2025-12-20 01:02:49
Link: View Details
Information published.
CVE-2025-38275 phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug
Published on: 2025-12-20 01:03:04
Link: View Details
Information published.
CVE-2025-38377 rose: fix dangling neighbour pointers in rose_rt_device_down()
Published on: 2025-12-20 01:03:09
Link: View Details
Information published.
CVE-2025-38177 sch_hfsc: make hfsc_qlen_notify() idempotent
Published on: 2025-12-20 01:01:55
Link: View Details
Information published.
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
Published on: 2025-12-20 01:36:49
Link: View Details
Information published.
CVE-2025-44904 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
Published on: 2025-12-20 01:03:15
Link: View Details
Information published.
CVE-2025-38063 dm: fix unconditional IO throttle caused by REQ_PREFLUSH
Published on: 2025-12-19 01:01:25
Link: View Details
Information published.
CVE-2025-38071 x86/mm: Check return value from memblock_phys_alloc_range()
Published on: 2025-12-19 01:01:35
Link: View Details
Information published.
CVE-2025-38074 vhost-scsi: protect vq->log_used with vq->mutex
Published on: 2025-12-19 01:01:40
Link: View Details
Information published.
CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero
Published on: 2025-12-19 01:01:30
Link: View Details
Information published.
CVE-2025-38118 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
Published on: 2025-12-19 01:01:45
Link: View Details
Information published.
CVE-2025-38126 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
Published on: 2025-12-19 01:01:50
Link: View Details
Information published.
CVE-2025-38131 coresight: prevent deactivate active config while enabling the config
Published on: 2025-12-19 01:01:55
Link: View Details
Information published.
CVE-2024-6485 XSS in Bootstrap button component
Published on: 2025-12-19 01:36:20
Link: View Details
Information published.
CVE-2025-37951 drm/v3d: Add job to pending list if the reset was skipped
Published on: 2025-12-19 01:01:20
Link: View Details
Information published.
CVE-2025-65046 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Information published.
Chromium: CVE-2025-14766 Use after free in WebGPU
Published on: 2025-12-18 20:43:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2025-14765 Out of bounds read and write in V8
Published on: 2025-12-18 20:43:20
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
CVE-2025-64663 Custom Question Answering Elevation of Privilege Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Information published.
CVE-2025-65041 Microsoft Partner Center Elevation of Privilege Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-65037 Azure Container Apps Remote Code Execution Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.
CVE-2025-64676 Microsoft Purview eDiscovery Remote Code Execution Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.
CVE-2025-64677 Office Out-of-Box Experience Spoofing Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-64675 Azure Cosmos DB Spoofing Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network.
CVE-2024-6531 Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.
Published on: 2025-12-18 14:35:13
Link: View Details
Information published.
CVE-2025-38375 virtio-net: ensure the received length does not exceed allocated size
Published on: 2025-12-18 01:02:15
Link: View Details
Information published.
CVE-2025-54567 hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.
Published on: 2025-12-18 01:04:33
Link: View Details
Information published.
CVE-2025-38350 net/sched: Always pass notifications when child class becomes empty
Published on: 2025-12-18 01:01:55
Link: View Details
Information published.
CVE-2025-38097 espintcp: remove encap socket caching to avoid reference leak
Published on: 2025-12-18 01:01:39
Link: View Details
Information published.
CVE-2025-38334 x86/sgx: Prevent attempts to reclaim poisoned pages
Published on: 2025-12-18 01:01:44
Link: View Details
Information published.
CVE-2025-38362 drm/amd/display: Add null pointer check for get_first_active_display()
Published on: 2025-12-18 01:01:59
Link: View Details
Information published.
CVE-2025-38363 drm/tegra: Fix a possible null pointer dereference
Published on: 2025-12-18 01:02:04
Link: View Details
Information published.
CVE-2025-38335 Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT
Published on: 2025-12-18 01:01:49
Link: View Details
Information published.
CVE-2025-54566 hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.
Published on: 2025-12-18 01:04:28
Link: View Details
Information published.
CVE-2025-38095 dma-buf: insert memory barrier before updating num_fences
Published on: 2025-12-18 01:01:35
Link: View Details
Information published.
CVE-2025-38371 drm/v3d: Disable interrupts before resetting the GPU
Published on: 2025-12-18 01:02:11
Link: View Details
Information published.
CVE-2025-37961 ipvs: fix uninit-value for saddr in do_output_route4
Published on: 2025-12-18 01:01:24
Link: View Details
Information published.
CVE-2025-37968 iio: light: opt3001: fix deadlock due to concurrent flag access
Published on: 2025-12-18 01:01:29
Link: View Details
Information published.
CVE-2025-37959 bpf: Scrub packet on bpf_redirect_peer
Published on: 2025-12-18 01:01:19
Link: View Details
Information published.
CVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation
Published on: 2025-12-18 01:04:40
Link: View Details
Information published.
CVE-2024-30099 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-21367 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-24044 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions
Published on: 2025-12-17 14:35:21
Link: View Details
Information published.
CVE-2025-12977 CVE-2025-12977
Published on: 2025-12-17 14:35:28
Link: View Details
Information published.
CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write
Published on: 2025-12-17 14:35:11
Link: View Details
Information published.
CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free
Published on: 2025-12-17 01:36:40
Link: View Details
Information published.
CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free
Published on: 2025-12-17 01:36:53
Link: View Details
Information published.
CVE-2025-61661 Grub2: grub2: out-of-bounds write via malicious usb device
Published on: 2025-12-17 01:36:59
Link: View Details
Information published.
CVE-2025-61664 Grub2: missing unregister call for normal_exit command may lead to use-after-free
Published on: 2025-12-17 01:36:47
Link: View Details
Information published.
CVE-2025-12969 CVE-2025-12969
Published on: 2025-12-17 14:35:34
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-17 14:36:48
Link: View Details
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published on: 2025-12-17 14:37:18
Link: View Details
Information published.
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published on: 2025-12-17 14:37:25
Link: View Details
Information published.
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals
Published on: 2025-12-17 14:37:46
Link: View Details
Information published.
CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock
Published on: 2025-12-17 01:02:04
Link: View Details
Information published.
CVE-2025-68201 drm/amdgpu: remove two invalid BUG_ON()s
Published on: 2025-12-17 01:02:20
Link: View Details
Information published.
CVE-2025-68266 bfs: Reconstruct file type when loading from disk
Published on: 2025-12-17 01:02:31
Link: View Details
Information published.
CVE-2025-68198 crash: fix crashkernel resource shrink
Published on: 2025-12-17 01:02:36
Link: View Details
Information published.
CVE-2025-40354 drm/amd/display: increase max link count and fix link->enc NULL pointer access
Published on: 2025-12-17 01:02:41
Link: View Details
Information published.
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
Published on: 2025-12-17 01:02:47
Link: View Details
Information published.
CVE-2025-68230 drm/amdgpu: fix gpu page fault after hibernation on PF passthrough
Published on: 2025-12-17 01:02:52
Link: View Details
Information published.
CVE-2025-68264 ext4: refresh inline data size before write operations
Published on: 2025-12-17 01:02:57
Link: View Details
Information published.
CVE-2025-68231 mm/mempool: fix poisoning order>0 pages with HIGHMEM
Published on: 2025-12-17 01:03:02
Link: View Details
Information published.
CVE-2025-68219 cifs: fix memory leak in smb3_fs_context_parse_param error path
Published on: 2025-12-17 01:03:13
Link: View Details
Information published.
CVE-2025-68261 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
Published on: 2025-12-17 01:03:23
Link: View Details
Information published.
CVE-2025-68174 amd/amdkfd: enhance kfd process check in switch partition
Published on: 2025-12-17 01:03:38
Link: View Details
Information published.
CVE-2025-40355 sysfs: check visibility before changing group attribute ownership
Published on: 2025-12-17 01:03:54
Link: View Details
Information published.
CVE-2025-68259 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced
Published on: 2025-12-17 01:04:10
Link: View Details
Information published.
CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()
Published on: 2025-12-17 01:04:16
Link: View Details
Information published.
CVE-2025-68257 comedi: check device's attached status in compat ioctls
Published on: 2025-12-17 01:04:26
Link: View Details
Information published.
CVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connections
Published on: 2025-12-17 01:04:31
Link: View Details
Information published.
CVE-2025-68254 staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
Published on: 2025-12-17 01:04:42
Link: View Details
Information published.
CVE-2025-68209 mlx5: Fix default values in create CQ
Published on: 2025-12-17 01:04:47
Link: View Details
Information published.
CVE-2025-68237 mtdchar: fix integer overflow in read/write ioctls
Published on: 2025-12-17 01:04:53
Link: View Details
Information published.
CVE-2025-68233 drm/tegra: Add call to put_pid()
Published on: 2025-12-17 01:05:09
Link: View Details
Information published.
CVE-2025-67897 In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.
Published on: 2025-12-17 01:05:50
Link: View Details
Information published.
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
Published on: 2025-12-17 01:05:58
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-17 14:36:58
Link: View Details
Information published.
CVE-2025-12385 Improper validation of <img> tag size in Text component parser
Published on: 2025-12-17 14:37:05
Link: View Details
Information published.
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published on: 2025-12-17 14:37:12
Link: View Details
Information published.
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published on: 2025-12-17 14:37:31
Link: View Details
Information published.
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Published on: 2025-12-17 14:37:40
Link: View Details
Information published.
CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()
Published on: 2025-12-17 01:01:38
Link: View Details
Information published.
CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT
Published on: 2025-12-17 01:01:43
Link: View Details
Information published.
CVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()
Published on: 2025-12-17 01:01:48
Link: View Details
Information published.
CVE-2025-68211 ksm: use range-walk function to jump over holes in scan_get_next_rmap_item
Published on: 2025-12-17 01:01:53
Link: View Details
Information published.
CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
Published on: 2025-12-17 01:01:59
Link: View Details
Information published.
CVE-2025-68203 drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_process
Published on: 2025-12-17 01:02:10
Link: View Details
Information published.
CVE-2025-68196 drm/amd/display: Cache streams targeting link when performing LT automation
Published on: 2025-12-17 01:02:15
Link: View Details
Information published.
CVE-2025-40362 ceph: fix multifs mds auth caps issue
Published on: 2025-12-17 01:02:26
Link: View Details
Information published.
CVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot
Published on: 2025-12-17 01:03:07
Link: View Details
Information published.
CVE-2025-68229 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()
Published on: 2025-12-17 01:03:18
Link: View Details
Information published.
CVE-2025-40353 arm64: mte: Do not warn if the page is already tagged in copy_highpage()
Published on: 2025-12-17 01:03:28
Link: View Details
Information published.
CVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()
Published on: 2025-12-17 01:03:33
Link: View Details
Information published.
CVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failure
Published on: 2025-12-17 01:03:44
Link: View Details
Information published.
CVE-2025-68175 media: nxp: imx8-isi: Fix streaming cleanup on release
Published on: 2025-12-17 01:03:49
Link: View Details
Information published.
CVE-2025-68265 nvme: fix admin request_queue lifetime
Published on: 2025-12-17 01:04:00
Link: View Details
Information published.
CVE-2025-68236 scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down (PC=3)
Published on: 2025-12-17 01:04:05
Link: View Details
Information published.
CVE-2025-68227 mptcp: Fix proto fallback detection with BPF
Published on: 2025-12-17 01:04:21
Link: View Details
Information published.
CVE-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
Published on: 2025-12-17 01:04:37
Link: View Details
Information published.
CVE-2025-68220 net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error
Published on: 2025-12-17 01:04:58
Link: View Details
Information published.
CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc
Published on: 2025-12-17 01:05:03
Link: View Details
Information published.
CVE-2025-68281 ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list
Published on: 2025-12-17 01:05:14
Link: View Details
Information published.
CVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds access
Published on: 2025-12-17 01:05:19
Link: View Details
Information published.
CVE-2025-68188 tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()
Published on: 2025-12-17 01:05:25
Link: View Details
Information published.
CVE-2025-68258 comedi: multiq3: sanitize config options in multiq3_attach()
Published on: 2025-12-17 01:05:30
Link: View Details
Information published.
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
Published on: 2025-12-17 01:05:45
Link: View Details
Information published.
CVE-2025-62561 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62564 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62554 Microsoft Office Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62555 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62556 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62557 Microsoft Office Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62558 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62559 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62560 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-38384 mtd: spinand: fix memory leak of ECC engine conf
Published on: 2025-12-17 01:01:17
Link: View Details
Information published.
CVE-2025-38386 ACPICA: Refuse to evaluate a method if arguments are missing
Published on: 2025-12-17 01:01:22
Link: View Details
Information published.
CVE-2025-38389 drm/i915/gt: Fix timeline left held on VMA alloc error
Published on: 2025-12-17 01:01:32
Link: View Details
Information published.
CVE-2025-38387 RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert
Published on: 2025-12-17 01:01:28
Link: View Details
Information published.
CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
Published on: 2025-12-17 01:38:51
Link: View Details
Information published.
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
Published on: 2025-12-17 01:38:56
Link: View Details
Information published.
CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()
Published on: 2025-12-17 01:39:01
Link: View Details
Information published.
CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
Published on: 2025-12-16 14:38:13
Link: View Details
Information published.
CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
Published on: 2025-12-16 14:37:27
Link: View Details
Information published.
CVE-2025-40301 Bluetooth: hci_event: validate skb length for unknown CC opcode
Published on: 2025-12-16 14:39:04
Link: View Details
Information published.
CVE-2025-40297 net: bridge: fix use-after-free due to MST port state bypass
Published on: 2025-12-16 14:39:49
Link: View Details
Information published.
CVE-2025-40303 btrfs: ensure no dirty metadata is written back for an fs with errors
Published on: 2025-12-16 14:39:56
Link: View Details
Information published.
CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()
Published on: 2025-12-16 14:40:28
Link: View Details
Information published.
CVE-2025-40342 nvme-fc: use lock accessing port_state and rport state
Published on: 2025-12-16 14:40:34
Link: View Details
Information published.
CVE-2025-40329 drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb
Published on: 2025-12-16 14:40:41
Link: View Details
Information published.
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published on: 2025-12-16 01:36:37
Link: View Details
Information published.
CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()
Published on: 2025-12-16 14:38:06
Link: View Details
Information published.
CVE-2025-40280 tipc: Fix use-after-free in tipc_mon_reinit_self().
Published on: 2025-12-16 14:38:19
Link: View Details
Information published.
CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
Published on: 2025-12-16 14:38:25
Link: View Details
Information published.
CVE-2025-40269 ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
Published on: 2025-12-16 14:38:32
Link: View Details
Information published.
CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
Published on: 2025-12-16 14:37:14
Link: View Details
Information published.
CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler
Published on: 2025-12-16 14:37:21
Link: View Details
Information published.
CVE-2025-40288 drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
Published on: 2025-12-16 14:37:34
Link: View Details
Information published.
CVE-2025-40284 Bluetooth: MGMT: cancel mesh send timer when hdev removed
Published on: 2025-12-16 14:37:40
Link: View Details
Information published.
CVE-2025-40283 Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
Published on: 2025-12-16 14:37:47
Link: View Details
Information published.
CVE-2025-40279 net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
Published on: 2025-12-16 14:37:53
Link: View Details
Information published.
CVE-2025-40282 Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
Published on: 2025-12-16 14:38:00
Link: View Details
Information published.
CVE-2025-40308 Bluetooth: bcsp: receive data only if registered
Published on: 2025-12-16 14:38:38
Link: View Details
Information published.
CVE-2025-40292 virtio-net: fix received length check in big packets
Published on: 2025-12-16 14:38:45
Link: View Details
Information published.
CVE-2025-40319 bpf: Sync pending IRQ work before freeing ring buffer
Published on: 2025-12-16 14:38:51
Link: View Details
Information published.
CVE-2025-40321 wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode
Published on: 2025-12-16 14:38:58
Link: View Details
Information published.
CVE-2025-40304 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
Published on: 2025-12-16 14:39:10
Link: View Details
Information published.
CVE-2025-40294 Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
Published on: 2025-12-16 14:39:17
Link: View Details
Information published.
CVE-2025-40310 amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw
Published on: 2025-12-16 14:39:23
Link: View Details
Information published.
CVE-2025-40323 fbcon: Set fb_display[i]->mode to NULL when the mode is released
Published on: 2025-12-16 14:39:30
Link: View Details
Information published.
CVE-2025-40311 accel/habanalabs: support mapping cb with vmalloc-backed coherent memory
Published on: 2025-12-16 14:39:36
Link: View Details
Information published.
CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
Published on: 2025-12-16 14:39:43
Link: View Details
Information published.
CVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()
Published on: 2025-12-16 14:40:02
Link: View Details
Information published.
CVE-2025-40341 futex: Don't leak robust_list pointer on exec race
Published on: 2025-12-16 14:40:09
Link: View Details
Information published.
CVE-2025-40343 nvmet-fc: avoid scheduling association deletion twice
Published on: 2025-12-16 14:40:15
Link: View Details
Information published.
CVE-2025-40331 sctp: Prevent TOCTOU out-of-bounds write
Published on: 2025-12-16 14:40:22
Link: View Details
Information published.
CVE-2025-40333 f2fs: fix infinite loop in __insert_extent_tree()
Published on: 2025-12-16 14:40:47
Link: View Details
Information published.
CVE-2025-40337 net: stmmac: Correctly handle Rx checksum offload errors
Published on: 2025-12-16 14:40:54
Link: View Details
Information published.
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published on: 2025-12-16 01:36:29
Link: View Details
Information published.
CVE-2025-40345 usb: storage: sddr55: Reject out-of-bound new_pba
Published on: 2025-12-16 01:37:53
Link: View Details
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
Published on: 2025-12-16 01:01:20
Link: View Details
Information published.
CVE-2025-37731 Elasticsearch Improper Authentication
Published on: 2025-12-16 01:01:28
Link: View Details
Information published.
CVE-2025-2913 HDF5 H5FL.c H5FL__blk_gc_list use after free
Published on: 2025-12-16 01:36:11
Link: View Details
Information published.
CVE-2025-2925 HDF5 H5MM.c H5MM_realloc double free
Published on: 2025-12-16 01:35:49
Link: View Details
Information published.
CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
Published on: 2025-12-16 01:36:03
Link: View Details
Information published.
CVE-2025-2923 HDF5 H5Fint.c H5F_addr_encode_len heap-based overflow
Published on: 2025-12-16 01:35:56
Link: View Details
Information published.
CVE-2025-2924 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
Published on: 2025-12-16 01:35:35
Link: View Details
Information published.
CVE-2025-2914 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
Published on: 2025-12-16 01:35:42
Link: View Details
Information published.
CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
Published on: 2025-12-16 01:35:17
Link: View Details
Information published.
CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow
Published on: 2025-12-16 01:35:24
Link: View Details
Information published.
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Published on: 2025-12-16 01:35:10
Link: View Details
Information published.
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Published on: 2025-12-16 01:35:19
Link: View Details
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published on: 2025-12-16 01:35:27
Link: View Details
Information published.
CVE-2025-49178 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
Published on: 2025-12-16 01:36:53
Link: View Details
Information published.
CVE-2025-6269 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
Published on: 2025-12-16 01:36:35
Link: View Details
Information published.
CVE-2025-6858 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference
Published on: 2025-12-16 01:36:43
Link: View Details
Information published.
CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow
Published on: 2025-12-16 01:37:04
Link: View Details
Information published.
CVE-2025-6856 HDF5 H5FL.c H5FL__reg_gc_list use after free
Published on: 2025-12-16 01:37:20
Link: View Details
Information published.
CVE-2025-6750 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
Published on: 2025-12-16 01:37:13
Link: View Details
Information published.
CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow
Published on: 2025-12-16 01:36:50
Link: View Details
Information published.
CVE-2025-49180 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
Published on: 2025-12-16 01:36:59
Link: View Details
Information published.
CVE-2025-6818 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow
Published on: 2025-12-16 01:36:57
Link: View Details
Information published.
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
Published on: 2025-12-16 01:37:16
Link: View Details
Information published.
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
Published on: 2025-12-16 01:37:35
Link: View Details
Information published.
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
Published on: 2025-12-16 01:37:28
Link: View Details
Information published.
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
Published on: 2025-12-16 01:36:20
Link: View Details
Information published.
CVE-2025-44904 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
Published on: 2025-12-16 01:01:34
Link: View Details
Information published.
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2025-12-16 01:38:07
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-16 01:38:18
Link: View Details
Information published.
CVE-2022-50406 iomap: iomap: fix memory corruption when recording errors during writeback
Published on: 2025-12-16 01:36:42
Link: View Details
Information published.
CVE-2023-53410 USB: ULPI: fix memory leak with using debugfs_lookup()
Published on: 2025-12-16 01:36:48
Link: View Details
Information published.
CVE-2023-53387 scsi: ufs: core: Fix device management cmd timeout flow
Published on: 2025-12-16 01:37:11
Link: View Details
Information published.
CVE-2023-53370 drm/amdgpu: fix memory leak in mes self test
Published on: 2025-12-16 01:37:37
Link: View Details
Information published.
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2025-12-16 01:38:13
Link: View Details
Information published.
CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
Published on: 2025-12-16 01:38:23
Link: View Details
Information published.
CVE-2023-53367 accel/habanalabs: fix mem leak in capture user mappings
Published on: 2025-12-16 01:37:04
Link: View Details
Information published.
CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
Published on: 2025-12-16 01:37:22
Link: View Details
Information published.
CVE-2022-50393 drm/amdgpu: SDMA update use unlocked iterator
Published on: 2025-12-16 01:37:27
Link: View Details
Information published.
CVE-2022-50418 wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
Published on: 2025-12-16 01:37:32
Link: View Details
Information published.
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
Published on: 2025-12-16 01:37:43
Link: View Details
Information published.
CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()
Published on: 2025-12-16 01:37:48
Link: View Details
Information published.
CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev
Published on: 2025-12-16 01:38:02
Link: View Details
Information published.
CVE‑2025‑14174 Chromium: CVE-2025-14174 Out of bounds memory access in ANGLE
Published on: 2025-12-15 08:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. Google is aware that an exploit for CVE-2025-14174 exists in the wild.
CVE-2025-14174 Chromium: CVE-2025-14174 Out of bounds memory access in ANGLE
Published on: 2025-12-15 08:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. Google is aware that an exploit for CVE-2025-14174 exists in the wild.
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Published on: 2025-12-15 14:35:26
Link: View Details
Information published.
CVE-2025-39901 i40e: remove read access to debugfs files
Published on: 2025-12-15 14:36:28
Link: View Details
Information published.
CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
Published on: 2025-12-15 14:36:33
Link: View Details
Information published.
CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
Published on: 2025-12-15 14:36:24
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-15 14:36:19
Link: View Details
Information published.
CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes
Published on: 2025-12-15 14:36:14
Link: View Details
Information published.
CVE-2025-39901 i40e: remove read access to debugfs files
Published on: 2025-12-14 14:02:40
Link: View Details
Information published.
CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
Published on: 2025-12-14 14:02:45
Link: View Details
Information published.
CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
Published on: 2025-12-14 14:02:30
Link: View Details
Information published.
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2025-12-14 14:02:15
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-14 14:02:25
Link: View Details
Information published.
CVE-2023-53370 drm/amdgpu: fix memory leak in mes self test
Published on: 2025-12-14 14:01:41
Link: View Details
Information published.
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2025-12-14 14:02:20
Link: View Details
Information published.
CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
Published on: 2025-12-14 14:02:35
Link: View Details
Information published.
CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
Published on: 2025-12-14 14:01:25
Link: View Details
Information published.
CVE-2022-50393 drm/amdgpu: SDMA update use unlocked iterator
Published on: 2025-12-14 14:01:30
Link: View Details
Information published.
CVE-2022-50418 wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
Published on: 2025-12-14 14:01:36
Link: View Details
Information published.
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
Published on: 2025-12-14 14:01:46
Link: View Details
Information published.
CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes
Published on: 2025-12-14 14:01:52
Link: View Details
Information published.
CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()
Published on: 2025-12-14 14:01:57
Link: View Details
Information published.
CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev
Published on: 2025-12-14 14:02:10
Link: View Details
Information published.
CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free
Published on: 2025-12-13 01:38:22
Link: View Details
Information published.
CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free
Published on: 2025-12-13 01:38:28
Link: View Details
Information published.
CVE-2025-61661 Grub2: grub2: out-of-bounds write via malicious usb device
Published on: 2025-12-13 01:38:34
Link: View Details
Information published.
CVE-2025-61664 Grub2: missing unregister call for normal_exit command may lead to use-after-free
Published on: 2025-12-13 01:38:41
Link: View Details
Information published.
CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption
Published on: 2025-12-13 01:01:54
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-13 01:38:50
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-13 01:39:00
Link: View Details
Information published.
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
Published on: 2025-12-13 01:02:02
Link: View Details
Information published.
CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)
Published on: 2025-12-13 01:02:10
Link: View Details
Information published.
CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
Published on: 2025-12-13 01:02:19
Link: View Details
Information published.
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1
Published on: 2025-12-13 01:37:42
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-13 01:37:47
Link: View Details
Information published.
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
Published on: 2025-12-13 01:01:44
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-13 01:37:17
Link: View Details
Information published.
CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Published on: 2025-12-13 01:37:56
Link: View Details
Information published.
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url
Published on: 2025-12-13 01:37:52
Link: View Details
Information published.
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2025-12-13 01:37:22
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-13 01:37:27
Link: View Details
Information published.
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem
Published on: 2025-12-13 01:37:37
Link: View Details
Information published.
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509
Published on: 2025-12-13 01:37:32
Link: View Details
Information published.
CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability
Published on: 2025-12-12 08:00:00
Link: View Details
Corrected CVSS Privileges metric to PR:L, corrected Exploitability assessment to Expoitation More Likely, and updated FAQs. These are informational changes only.
CVE-2025-49178 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
Published on: 2025-12-12 01:03:08
Link: View Details
Information published.
CVE-2025-49175 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
Published on: 2025-12-12 01:02:48
Link: View Details
Information published.
CVE-2025-49176 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension
Published on: 2025-12-12 01:03:03
Link: View Details
Information published.
CVE-2025-49177 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension's xfixessetclientdisconnectmode
Published on: 2025-12-12 01:02:58
Link: View Details
Information published.
CVE-2025-49179 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension
Published on: 2025-12-12 01:02:52
Link: View Details
Information published.
CVE-2025-49180 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
Published on: 2025-12-12 01:03:13
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-12 01:38:08
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-12 01:38:32
Link: View Details
Information published.
CVE-2023-45284 Incorrect detection of reserved device names on Windows in path/filepath
Published on: 2025-12-12 01:03:18
Link: View Details
Information published.
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1
Published on: 2025-12-12 01:37:17
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-12 01:37:22
Link: View Details
Information published.
CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
Published on: 2025-12-12 01:01:37
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-12 01:36:52
Link: View Details
Information published.
CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Published on: 2025-12-12 01:37:32
Link: View Details
Information published.
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url
Published on: 2025-12-12 01:37:27
Link: View Details
Information published.
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2025-12-12 01:36:57
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-12 01:37:01
Link: View Details
Information published.
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem
Published on: 2025-12-12 01:37:12
Link: View Details
Information published.
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509
Published on: 2025-12-12 01:37:06
Link: View Details
Information published.
Chromium: CVE-2025-14373 Inappropriate implementation in Toolbar
Published on: 2025-12-11 22:29:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
Chromium: CVE-2025-14372 Use after free in Password Manager
Published on: 2025-12-11 22:29:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
