CVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
Published on: 2025-12-21 01:01:17
Link: View Details
Information published.
CVE-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-21 01:02:03
Link: View Details
Information published.
CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit
Published on: 2025-12-21 01:02:12
Link: View Details
Information published.
CVE-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-21 01:01:58
Link: View Details
Information published.
CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender
Published on: 2025-12-21 01:02:17
Link: View Details
Information published.
CVE-2025-68114 Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow
Published on: 2025-12-21 01:02:22
Link: View Details
Information published.
CVE-2025-38300 crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare()
Published on: 2025-12-21 01:01:38
Link: View Details
Information published.
CVE-2025-38331 net: ethernet: cortina: Use TOE/TSO on all TCP
Published on: 2025-12-21 01:01:43
Link: View Details
Information published.
CVE-2025-38347 f2fs: fix to do sanity check on ino and xnid
Published on: 2025-12-21 01:01:48
Link: View Details
Information published.
CVE-2025-37931 btrfs: adjust subpage bit start based on sectorsize
Published on: 2025-12-21 01:01:23
Link: View Details
Information published.
CVE-2025-37932 sch_htb: make htb_qlen_notify() idempotent
Published on: 2025-12-21 01:01:28
Link: View Details
Information published.
CVE-2025-37938 tracing: Verify event formats that have "%*p.."
Published on: 2025-12-21 01:01:33
Link: View Details
Information published.
CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
Published on: 2025-12-20 14:35:11
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-20 14:35:32
Link: View Details
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published on: 2025-12-20 14:35:39
Link: View Details
Information published.
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals
Published on: 2025-12-20 14:35:58
Link: View Details
Information published.
CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption
Published on: 2025-12-20 01:40:29
Link: View Details
Information published.
CVE-2025-68324 scsi: imm: Fix use-after-free bug caused by unfinished delayed work
Published on: 2025-12-20 01:01:19
Link: View Details
Information published.
CVE-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-20 01:01:25
Link: View Details
Information published.
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published on: 2025-12-20 14:35:45
Link: View Details
Information published.
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Published on: 2025-12-20 14:35:52
Link: View Details
Information published.
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
Published on: 2025-12-20 01:40:40
Link: View Details
Information published.
CVE-2025-68384 Elasticsearch Allocation of Resources Without Limits or Throttling
Published on: 2025-12-20 01:01:30
Link: View Details
Information published.
CVE-2025-2925 HDF5 H5MM.c H5MM_realloc double free
Published on: 2025-12-20 01:36:15
Link: View Details
Information published.
CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
Published on: 2025-12-20 01:36:23
Link: View Details
Information published.
CVE-2025-2924 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
Published on: 2025-12-20 01:36:32
Link: View Details
Information published.
CVE-2025-2914 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
Published on: 2025-12-20 01:36:41
Link: View Details
Information published.
CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
Published on: 2025-12-20 01:35:57
Link: View Details
Information published.
CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow
Published on: 2025-12-20 01:36:06
Link: View Details
Information published.
CVE-2025-38062 genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie
Published on: 2025-12-20 01:01:39
Link: View Details
Information published.
CVE-2025-6269 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
Published on: 2025-12-20 01:37:00
Link: View Details
Information published.
CVE-2025-6858 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference
Published on: 2025-12-20 01:37:09
Link: View Details
Information published.
CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow
Published on: 2025-12-20 01:37:26
Link: View Details
Information published.
CVE-2025-6750 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
Published on: 2025-12-20 01:37:35
Link: View Details
Information published.
CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow
Published on: 2025-12-20 01:37:44
Link: View Details
Information published.
CVE-2025-38040 serial: mctrl_gpio: split disable_ms into sync and no_sync APIs
Published on: 2025-12-20 01:01:34
Link: View Details
Information published.
CVE-2025-6818 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow
Published on: 2025-12-20 01:37:18
Link: View Details
Information published.
CVE-2025-38148 net: phy: mscc: Fix memory leak when using one step timestamping
Published on: 2025-12-20 01:01:44
Link: View Details
Information published.
CVE-2025-38198 fbcon: Make sure modelist not set on unregistered console
Published on: 2025-12-20 01:02:04
Link: View Details
Information published.
CVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var
Published on: 2025-12-20 01:02:10
Link: View Details
Information published.
CVE-2025-38236 af_unix: Don't leave consecutive consumed OOB skbs.
Published on: 2025-12-20 01:02:25
Link: View Details
Information published.
CVE-2025-38251 atm: clip: prevent NULL deref in clip_push()
Published on: 2025-12-20 01:02:39
Link: View Details
Information published.
CVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user()
Published on: 2025-12-20 01:02:44
Link: View Details
Information published.
CVE-2025-38262 tty: serial: uartlite: register uart driver in init
Published on: 2025-12-20 01:02:54
Link: View Details
Information published.
CVE-2025-38263 bcache: fix NULL pointer in cache_set_flush()
Published on: 2025-12-20 01:02:59
Link: View Details
Information published.
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
Published on: 2025-12-20 01:37:56
Link: View Details
Information published.
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
Published on: 2025-12-20 01:38:05
Link: View Details
Information published.
CVE-2025-38166 bpf: fix ktls panic with sockmap
Published on: 2025-12-20 01:01:49
Link: View Details
Information published.
CVE-2025-38191 ksmbd: fix null pointer dereference in destroy_previous_session
Published on: 2025-12-20 01:01:59
Link: View Details
Information published.
CVE-2025-38225 media: imx-jpeg: Cleanup after an allocation error
Published on: 2025-12-20 01:02:15
Link: View Details
Information published.
CVE-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes
Published on: 2025-12-20 01:02:20
Link: View Details
Information published.
CVE-2025-38245 atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().
Published on: 2025-12-20 01:02:30
Link: View Details
Information published.
CVE-2025-38249 ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
Published on: 2025-12-20 01:02:34
Link: View Details
Information published.
CVE-2025-38259 ASoC: codecs: wcd9335: Fix missing free of regulator supplies
Published on: 2025-12-20 01:02:49
Link: View Details
Information published.
CVE-2025-38275 phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug
Published on: 2025-12-20 01:03:04
Link: View Details
Information published.
CVE-2025-38377 rose: fix dangling neighbour pointers in rose_rt_device_down()
Published on: 2025-12-20 01:03:09
Link: View Details
Information published.
CVE-2025-38177 sch_hfsc: make hfsc_qlen_notify() idempotent
Published on: 2025-12-20 01:01:55
Link: View Details
Information published.
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
Published on: 2025-12-20 01:36:49
Link: View Details
Information published.
CVE-2025-44904 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
Published on: 2025-12-20 01:03:15
Link: View Details
Information published.
CVE-2025-38063 dm: fix unconditional IO throttle caused by REQ_PREFLUSH
Published on: 2025-12-19 01:01:25
Link: View Details
Information published.
CVE-2025-38071 x86/mm: Check return value from memblock_phys_alloc_range()
Published on: 2025-12-19 01:01:35
Link: View Details
Information published.
CVE-2025-38074 vhost-scsi: protect vq->log_used with vq->mutex
Published on: 2025-12-19 01:01:40
Link: View Details
Information published.
CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero
Published on: 2025-12-19 01:01:30
Link: View Details
Information published.
CVE-2025-38118 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
Published on: 2025-12-19 01:01:45
Link: View Details
Information published.
CVE-2025-38126 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping
Published on: 2025-12-19 01:01:50
Link: View Details
Information published.
CVE-2025-38131 coresight: prevent deactivate active config while enabling the config
Published on: 2025-12-19 01:01:55
Link: View Details
Information published.
CVE-2024-6485 XSS in Bootstrap button component
Published on: 2025-12-19 01:36:20
Link: View Details
Information published.
CVE-2025-37951 drm/v3d: Add job to pending list if the reset was skipped
Published on: 2025-12-19 01:01:20
Link: View Details
Information published.
CVE-2025-65046 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Information published.
Chromium: CVE-2025-14766 Use after free in WebGPU
Published on: 2025-12-18 20:43:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2025-14765 Out of bounds read and write in V8
Published on: 2025-12-18 20:43:20
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
CVE-2025-64663 Custom Question Answering Elevation of Privilege Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Information published.
CVE-2025-65041 Microsoft Partner Center Elevation of Privilege Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper authorization in Microsoft Partner Center allows an unauthorized attacker to elevate privileges over a network.
CVE-2025-65037 Azure Container Apps Remote Code Execution Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper control of generation of code ('code injection') in Azure Container Apps allows an unauthorized attacker to execute code over a network.
CVE-2025-64676 Microsoft Purview eDiscovery Remote Code Execution Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network.
CVE-2025-64677 Office Out-of-Box Experience Spoofing Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Office Out-of-Box Experience allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-64675 Azure Cosmos DB Spoofing Vulnerability
Published on: 2025-12-18 08:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Cosmos DB allows an unauthorized attacker to perform spoofing over a network.
CVE-2024-6531 Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.
Published on: 2025-12-18 14:35:13
Link: View Details
Information published.
CVE-2025-38375 virtio-net: ensure the received length does not exceed allocated size
Published on: 2025-12-18 01:02:15
Link: View Details
Information published.
CVE-2025-54567 hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.
Published on: 2025-12-18 01:04:33
Link: View Details
Information published.
CVE-2025-38350 net/sched: Always pass notifications when child class becomes empty
Published on: 2025-12-18 01:01:55
Link: View Details
Information published.
CVE-2025-38097 espintcp: remove encap socket caching to avoid reference leak
Published on: 2025-12-18 01:01:39
Link: View Details
Information published.
CVE-2025-38334 x86/sgx: Prevent attempts to reclaim poisoned pages
Published on: 2025-12-18 01:01:44
Link: View Details
Information published.
CVE-2025-38362 drm/amd/display: Add null pointer check for get_first_active_display()
Published on: 2025-12-18 01:01:59
Link: View Details
Information published.
CVE-2025-38363 drm/tegra: Fix a possible null pointer dereference
Published on: 2025-12-18 01:02:04
Link: View Details
Information published.
CVE-2025-38335 Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT
Published on: 2025-12-18 01:01:49
Link: View Details
Information published.
CVE-2025-54566 hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.
Published on: 2025-12-18 01:04:28
Link: View Details
Information published.
CVE-2025-38095 dma-buf: insert memory barrier before updating num_fences
Published on: 2025-12-18 01:01:35
Link: View Details
Information published.
CVE-2025-38371 drm/v3d: Disable interrupts before resetting the GPU
Published on: 2025-12-18 01:02:11
Link: View Details
Information published.
CVE-2025-37961 ipvs: fix uninit-value for saddr in do_output_route4
Published on: 2025-12-18 01:01:24
Link: View Details
Information published.
CVE-2025-37968 iio: light: opt3001: fix deadlock due to concurrent flag access
Published on: 2025-12-18 01:01:29
Link: View Details
Information published.
CVE-2025-37959 bpf: Scrub packet on bpf_redirect_peer
Published on: 2025-12-18 01:01:19
Link: View Details
Information published.
CVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation
Published on: 2025-12-18 01:04:40
Link: View Details
Information published.
CVE-2024-30099 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-21367 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-24044 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Added an acknowledgement. This is an informational change only.
CVE-2025-31133 runc container escape via "masked path" abuse due to mount race conditions
Published on: 2025-12-17 14:35:21
Link: View Details
Information published.
CVE-2025-12977 CVE-2025-12977
Published on: 2025-12-17 14:35:28
Link: View Details
Information published.
CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write
Published on: 2025-12-17 14:35:11
Link: View Details
Information published.
CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free
Published on: 2025-12-17 01:36:40
Link: View Details
Information published.
CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free
Published on: 2025-12-17 01:36:53
Link: View Details
Information published.
CVE-2025-61661 Grub2: grub2: out-of-bounds write via malicious usb device
Published on: 2025-12-17 01:36:59
Link: View Details
Information published.
CVE-2025-61664 Grub2: missing unregister call for normal_exit command may lead to use-after-free
Published on: 2025-12-17 01:36:47
Link: View Details
Information published.
CVE-2025-12969 CVE-2025-12969
Published on: 2025-12-17 14:35:34
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-17 14:36:48
Link: View Details
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published on: 2025-12-17 14:37:18
Link: View Details
Information published.
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published on: 2025-12-17 14:37:25
Link: View Details
Information published.
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals
Published on: 2025-12-17 14:37:46
Link: View Details
Information published.
CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock
Published on: 2025-12-17 01:02:04
Link: View Details
Information published.
CVE-2025-68201 drm/amdgpu: remove two invalid BUG_ON()s
Published on: 2025-12-17 01:02:20
Link: View Details
Information published.
CVE-2025-68266 bfs: Reconstruct file type when loading from disk
Published on: 2025-12-17 01:02:31
Link: View Details
Information published.
CVE-2025-68198 crash: fix crashkernel resource shrink
Published on: 2025-12-17 01:02:36
Link: View Details
Information published.
CVE-2025-40354 drm/amd/display: increase max link count and fix link->enc NULL pointer access
Published on: 2025-12-17 01:02:41
Link: View Details
Information published.
CVE-2025-68263 ksmbd: ipc: fix use-after-free in ipc_msg_send_request
Published on: 2025-12-17 01:02:47
Link: View Details
Information published.
CVE-2025-68230 drm/amdgpu: fix gpu page fault after hibernation on PF passthrough
Published on: 2025-12-17 01:02:52
Link: View Details
Information published.
CVE-2025-68264 ext4: refresh inline data size before write operations
Published on: 2025-12-17 01:02:57
Link: View Details
Information published.
CVE-2025-68231 mm/mempool: fix poisoning order>0 pages with HIGHMEM
Published on: 2025-12-17 01:03:02
Link: View Details
Information published.
CVE-2025-68219 cifs: fix memory leak in smb3_fs_context_parse_param error path
Published on: 2025-12-17 01:03:13
Link: View Details
Information published.
CVE-2025-68261 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
Published on: 2025-12-17 01:03:23
Link: View Details
Information published.
CVE-2025-68174 amd/amdkfd: enhance kfd process check in switch partition
Published on: 2025-12-17 01:03:38
Link: View Details
Information published.
CVE-2025-40355 sysfs: check visibility before changing group attribute ownership
Published on: 2025-12-17 01:03:54
Link: View Details
Information published.
CVE-2025-68259 KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced
Published on: 2025-12-17 01:04:10
Link: View Details
Information published.
CVE-2025-68239 binfmt_misc: restore write access before closing files opened by open_exec()
Published on: 2025-12-17 01:04:16
Link: View Details
Information published.
CVE-2025-68257 comedi: check device's attached status in compat ioctls
Published on: 2025-12-17 01:04:26
Link: View Details
Information published.
CVE-2025-68206 netfilter: nft_ct: add seqadj extension for natted connections
Published on: 2025-12-17 01:04:31
Link: View Details
Information published.
CVE-2025-68254 staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
Published on: 2025-12-17 01:04:42
Link: View Details
Information published.
CVE-2025-68209 mlx5: Fix default values in create CQ
Published on: 2025-12-17 01:04:47
Link: View Details
Information published.
CVE-2025-68237 mtdchar: fix integer overflow in read/write ioctls
Published on: 2025-12-17 01:04:53
Link: View Details
Information published.
CVE-2025-68233 drm/tegra: Add call to put_pid()
Published on: 2025-12-17 01:05:09
Link: View Details
Information published.
CVE-2025-67897 In Sequoia before 2.1.0, aes_key_unwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet.
Published on: 2025-12-17 01:05:50
Link: View Details
Information published.
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
Published on: 2025-12-17 01:05:58
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-17 14:36:58
Link: View Details
Information published.
CVE-2025-12385 Improper validation of <img> tag size in Text component parser
Published on: 2025-12-17 14:37:05
Link: View Details
Information published.
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published on: 2025-12-17 14:37:12
Link: View Details
Information published.
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published on: 2025-12-17 14:37:31
Link: View Details
Information published.
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Published on: 2025-12-17 14:37:40
Link: View Details
Information published.
CVE-2025-68224 scsi: core: Fix a regression triggered by scsi_host_busy()
Published on: 2025-12-17 01:01:38
Link: View Details
Information published.
CVE-2025-68193 drm/xe/guc: Add devm release action to safely tear down CT
Published on: 2025-12-17 01:01:43
Link: View Details
Information published.
CVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()
Published on: 2025-12-17 01:01:48
Link: View Details
Information published.
CVE-2025-68211 ksm: use range-walk function to jump over holes in scan_get_next_rmap_item
Published on: 2025-12-17 01:01:53
Link: View Details
Information published.
CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
Published on: 2025-12-17 01:01:59
Link: View Details
Information published.
CVE-2025-68203 drm/amdgpu: fix lock warning in amdgpu_userq_fence_driver_process
Published on: 2025-12-17 01:02:10
Link: View Details
Information published.
CVE-2025-68196 drm/amd/display: Cache streams targeting link when performing LT automation
Published on: 2025-12-17 01:02:15
Link: View Details
Information published.
CVE-2025-40362 ceph: fix multifs mds auth caps issue
Published on: 2025-12-17 01:02:26
Link: View Details
Information published.
CVE-2025-68235 nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot
Published on: 2025-12-17 01:03:07
Link: View Details
Information published.
CVE-2025-68229 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()
Published on: 2025-12-17 01:03:18
Link: View Details
Information published.
CVE-2025-40353 arm64: mte: Do not warn if the page is already tagged in copy_highpage()
Published on: 2025-12-17 01:03:28
Link: View Details
Information published.
CVE-2025-68214 timers: Fix NULL function pointer race in timer_shutdown_sync()
Published on: 2025-12-17 01:03:33
Link: View Details
Information published.
CVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failure
Published on: 2025-12-17 01:03:44
Link: View Details
Information published.
CVE-2025-68175 media: nxp: imx8-isi: Fix streaming cleanup on release
Published on: 2025-12-17 01:03:49
Link: View Details
Information published.
CVE-2025-68265 nvme: fix admin request_queue lifetime
Published on: 2025-12-17 01:04:00
Link: View Details
Information published.
CVE-2025-68236 scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down (PC=3)
Published on: 2025-12-17 01:04:05
Link: View Details
Information published.
CVE-2025-68227 mptcp: Fix proto fallback detection with BPF
Published on: 2025-12-17 01:04:21
Link: View Details
Information published.
CVE-2025-68256 staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
Published on: 2025-12-17 01:04:37
Link: View Details
Information published.
CVE-2025-68220 net: ethernet: ti: netcp: Standardize knav_dma_open_channel to return NULL on error
Published on: 2025-12-17 01:04:58
Link: View Details
Information published.
CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc
Published on: 2025-12-17 01:05:03
Link: View Details
Information published.
CVE-2025-68281 ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list
Published on: 2025-12-17 01:05:14
Link: View Details
Information published.
CVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds access
Published on: 2025-12-17 01:05:19
Link: View Details
Information published.
CVE-2025-68188 tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()
Published on: 2025-12-17 01:05:25
Link: View Details
Information published.
CVE-2025-68258 comedi: multiq3: sanitize config options in multiq3_attach()
Published on: 2025-12-17 01:05:30
Link: View Details
Information published.
CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode
Published on: 2025-12-17 01:05:45
Link: View Details
Information published.
CVE-2025-62561 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62564 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62554 Microsoft Office Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62555 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62556 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62557 Microsoft Office Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62558 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62559 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-62560 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-17 08:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.
CVE-2025-38384 mtd: spinand: fix memory leak of ECC engine conf
Published on: 2025-12-17 01:01:17
Link: View Details
Information published.
CVE-2025-38386 ACPICA: Refuse to evaluate a method if arguments are missing
Published on: 2025-12-17 01:01:22
Link: View Details
Information published.
CVE-2025-38389 drm/i915/gt: Fix timeline left held on VMA alloc error
Published on: 2025-12-17 01:01:32
Link: View Details
Information published.
CVE-2025-38387 RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert
Published on: 2025-12-17 01:01:28
Link: View Details
Information published.
CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
Published on: 2025-12-17 01:38:51
Link: View Details
Information published.
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
Published on: 2025-12-17 01:38:56
Link: View Details
Information published.
CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()
Published on: 2025-12-17 01:39:01
Link: View Details
Information published.
CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
Published on: 2025-12-16 14:38:13
Link: View Details
Information published.
CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
Published on: 2025-12-16 14:37:27
Link: View Details
Information published.
CVE-2025-40301 Bluetooth: hci_event: validate skb length for unknown CC opcode
Published on: 2025-12-16 14:39:04
Link: View Details
Information published.
CVE-2025-40297 net: bridge: fix use-after-free due to MST port state bypass
Published on: 2025-12-16 14:39:49
Link: View Details
Information published.
CVE-2025-40303 btrfs: ensure no dirty metadata is written back for an fs with errors
Published on: 2025-12-16 14:39:56
Link: View Details
Information published.
CVE-2025-40328 smb: client: fix potential UAF in smb2_close_cached_fid()
Published on: 2025-12-16 14:40:28
Link: View Details
Information published.
CVE-2025-40342 nvme-fc: use lock accessing port_state and rport state
Published on: 2025-12-16 14:40:34
Link: View Details
Information published.
CVE-2025-40329 drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb
Published on: 2025-12-16 14:40:41
Link: View Details
Information published.
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published on: 2025-12-16 01:36:37
Link: View Details
Information published.
CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()
Published on: 2025-12-16 14:38:06
Link: View Details
Information published.
CVE-2025-40280 tipc: Fix use-after-free in tipc_mon_reinit_self().
Published on: 2025-12-16 14:38:19
Link: View Details
Information published.
CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
Published on: 2025-12-16 14:38:25
Link: View Details
Information published.
CVE-2025-40269 ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
Published on: 2025-12-16 14:38:32
Link: View Details
Information published.
CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
Published on: 2025-12-16 14:37:14
Link: View Details
Information published.
CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler
Published on: 2025-12-16 14:37:21
Link: View Details
Information published.
CVE-2025-40288 drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
Published on: 2025-12-16 14:37:34
Link: View Details
Information published.
CVE-2025-40284 Bluetooth: MGMT: cancel mesh send timer when hdev removed
Published on: 2025-12-16 14:37:40
Link: View Details
Information published.
CVE-2025-40283 Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
Published on: 2025-12-16 14:37:47
Link: View Details
Information published.
CVE-2025-40279 net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
Published on: 2025-12-16 14:37:53
Link: View Details
Information published.
CVE-2025-40282 Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
Published on: 2025-12-16 14:38:00
Link: View Details
Information published.
CVE-2025-40308 Bluetooth: bcsp: receive data only if registered
Published on: 2025-12-16 14:38:38
Link: View Details
Information published.
CVE-2025-40292 virtio-net: fix received length check in big packets
Published on: 2025-12-16 14:38:45
Link: View Details
Information published.
CVE-2025-40319 bpf: Sync pending IRQ work before freeing ring buffer
Published on: 2025-12-16 14:38:51
Link: View Details
Information published.
CVE-2025-40321 wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode
Published on: 2025-12-16 14:38:58
Link: View Details
Information published.
CVE-2025-40304 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
Published on: 2025-12-16 14:39:10
Link: View Details
Information published.
CVE-2025-40294 Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
Published on: 2025-12-16 14:39:17
Link: View Details
Information published.
CVE-2025-40310 amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw
Published on: 2025-12-16 14:39:23
Link: View Details
Information published.
CVE-2025-40323 fbcon: Set fb_display[i]->mode to NULL when the mode is released
Published on: 2025-12-16 14:39:30
Link: View Details
Information published.
CVE-2025-40311 accel/habanalabs: support mapping cb with vmalloc-backed coherent memory
Published on: 2025-12-16 14:39:36
Link: View Details
Information published.
CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
Published on: 2025-12-16 14:39:43
Link: View Details
Information published.
CVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()
Published on: 2025-12-16 14:40:02
Link: View Details
Information published.
CVE-2025-40341 futex: Don't leak robust_list pointer on exec race
Published on: 2025-12-16 14:40:09
Link: View Details
Information published.
CVE-2025-40343 nvmet-fc: avoid scheduling association deletion twice
Published on: 2025-12-16 14:40:15
Link: View Details
Information published.
CVE-2025-40331 sctp: Prevent TOCTOU out-of-bounds write
Published on: 2025-12-16 14:40:22
Link: View Details
Information published.
CVE-2025-40333 f2fs: fix infinite loop in __insert_extent_tree()
Published on: 2025-12-16 14:40:47
Link: View Details
Information published.
CVE-2025-40337 net: stmmac: Correctly handle Rx checksum offload errors
Published on: 2025-12-16 14:40:54
Link: View Details
Information published.
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published on: 2025-12-16 01:36:29
Link: View Details
Information published.
CVE-2025-40345 usb: storage: sddr55: Reject out-of-bound new_pba
Published on: 2025-12-16 01:37:53
Link: View Details
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
Published on: 2025-12-16 01:01:20
Link: View Details
Information published.
CVE-2025-37731 Elasticsearch Improper Authentication
Published on: 2025-12-16 01:01:28
Link: View Details
Information published.
CVE-2025-2913 HDF5 H5FL.c H5FL__blk_gc_list use after free
Published on: 2025-12-16 01:36:11
Link: View Details
Information published.
CVE-2025-2925 HDF5 H5MM.c H5MM_realloc double free
Published on: 2025-12-16 01:35:49
Link: View Details
Information published.
CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
Published on: 2025-12-16 01:36:03
Link: View Details
Information published.
CVE-2025-2923 HDF5 H5Fint.c H5F_addr_encode_len heap-based overflow
Published on: 2025-12-16 01:35:56
Link: View Details
Information published.
CVE-2025-2924 HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
Published on: 2025-12-16 01:35:35
Link: View Details
Information published.
CVE-2025-2914 HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
Published on: 2025-12-16 01:35:42
Link: View Details
Information published.
CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
Published on: 2025-12-16 01:35:17
Link: View Details
Information published.
CVE-2025-2310 HDF5 Metadata Attribute Decoder H5MM_strndup heap-based overflow
Published on: 2025-12-16 01:35:24
Link: View Details
Information published.
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Published on: 2025-12-16 01:35:10
Link: View Details
Information published.
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Published on: 2025-12-16 01:35:19
Link: View Details
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published on: 2025-12-16 01:35:27
Link: View Details
Information published.
CVE-2025-49178 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
Published on: 2025-12-16 01:36:53
Link: View Details
Information published.
CVE-2025-6269 HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
Published on: 2025-12-16 01:36:35
Link: View Details
Information published.
CVE-2025-6858 HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference
Published on: 2025-12-16 01:36:43
Link: View Details
Information published.
CVE-2025-6816 HDF5 H5Ofsinfo.c H5O__fsinfo_encode heap-based overflow
Published on: 2025-12-16 01:37:04
Link: View Details
Information published.
CVE-2025-6856 HDF5 H5FL.c H5FL__reg_gc_list use after free
Published on: 2025-12-16 01:37:20
Link: View Details
Information published.
CVE-2025-6750 HDF5 H5Omtime.c H5O__mtime_new_encode heap-based overflow
Published on: 2025-12-16 01:37:13
Link: View Details
Information published.
CVE-2025-6857 HDF5 H5Gnode.c H5G__node_cmp3 stack-based overflow
Published on: 2025-12-16 01:36:50
Link: View Details
Information published.
CVE-2025-49180 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
Published on: 2025-12-16 01:36:59
Link: View Details
Information published.
CVE-2025-6818 HDF5 H5Ochunk.c H5O__chunk_protect heap-based overflow
Published on: 2025-12-16 01:36:57
Link: View Details
Information published.
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
Published on: 2025-12-16 01:37:16
Link: View Details
Information published.
CVE-2025-7067 HDF5 H5FScache.c H5FS__sinfo_serialize_node_cb heap-based overflow
Published on: 2025-12-16 01:37:35
Link: View Details
Information published.
CVE-2025-7068 HDF5 H5FL.c H5FL__malloc memory leak
Published on: 2025-12-16 01:37:28
Link: View Details
Information published.
CVE-2025-44905 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.
Published on: 2025-12-16 01:36:20
Link: View Details
Information published.
CVE-2025-44904 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
Published on: 2025-12-16 01:01:34
Link: View Details
Information published.
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2025-12-16 01:38:07
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-16 01:38:18
Link: View Details
Information published.
CVE-2022-50406 iomap: iomap: fix memory corruption when recording errors during writeback
Published on: 2025-12-16 01:36:42
Link: View Details
Information published.
CVE-2023-53410 USB: ULPI: fix memory leak with using debugfs_lookup()
Published on: 2025-12-16 01:36:48
Link: View Details
Information published.
CVE-2023-53387 scsi: ufs: core: Fix device management cmd timeout flow
Published on: 2025-12-16 01:37:11
Link: View Details
Information published.
CVE-2023-53370 drm/amdgpu: fix memory leak in mes self test
Published on: 2025-12-16 01:37:37
Link: View Details
Information published.
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2025-12-16 01:38:13
Link: View Details
Information published.
CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
Published on: 2025-12-16 01:38:23
Link: View Details
Information published.
CVE-2023-53367 accel/habanalabs: fix mem leak in capture user mappings
Published on: 2025-12-16 01:37:04
Link: View Details
Information published.
CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
Published on: 2025-12-16 01:37:22
Link: View Details
Information published.
CVE-2022-50393 drm/amdgpu: SDMA update use unlocked iterator
Published on: 2025-12-16 01:37:27
Link: View Details
Information published.
CVE-2022-50418 wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
Published on: 2025-12-16 01:37:32
Link: View Details
Information published.
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
Published on: 2025-12-16 01:37:43
Link: View Details
Information published.
CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()
Published on: 2025-12-16 01:37:48
Link: View Details
Information published.
CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev
Published on: 2025-12-16 01:38:02
Link: View Details
Information published.
CVE‑2025‑14174 Chromium: CVE-2025-14174 Out of bounds memory access in ANGLE
Published on: 2025-12-15 08:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. Google is aware that an exploit for CVE-2025-14174 exists in the wild.
CVE-2025-14174 Chromium: CVE-2025-14174 Out of bounds memory access in ANGLE
Published on: 2025-12-15 08:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. Google is aware that an exploit for CVE-2025-14174 exists in the wild.
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Published on: 2025-12-15 14:35:26
Link: View Details
Information published.
CVE-2025-39901 i40e: remove read access to debugfs files
Published on: 2025-12-15 14:36:28
Link: View Details
Information published.
CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
Published on: 2025-12-15 14:36:33
Link: View Details
Information published.
CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
Published on: 2025-12-15 14:36:24
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-15 14:36:19
Link: View Details
Information published.
CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes
Published on: 2025-12-15 14:36:14
Link: View Details
Information published.
CVE-2025-39901 i40e: remove read access to debugfs files
Published on: 2025-12-14 14:02:40
Link: View Details
Information published.
CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
Published on: 2025-12-14 14:02:45
Link: View Details
Information published.
CVE-2025-39863 wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work
Published on: 2025-12-14 14:02:30
Link: View Details
Information published.
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2025-12-14 14:02:15
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-14 14:02:25
Link: View Details
Information published.
CVE-2023-53370 drm/amdgpu: fix memory leak in mes self test
Published on: 2025-12-14 14:01:41
Link: View Details
Information published.
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2025-12-14 14:02:20
Link: View Details
Information published.
CVE-2025-39886 bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()
Published on: 2025-12-14 14:02:35
Link: View Details
Information published.
CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED
Published on: 2025-12-14 14:01:25
Link: View Details
Information published.
CVE-2022-50393 drm/amdgpu: SDMA update use unlocked iterator
Published on: 2025-12-14 14:01:30
Link: View Details
Information published.
CVE-2022-50418 wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()
Published on: 2025-12-14 14:01:36
Link: View Details
Information published.
CVE-2023-53371 net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create
Published on: 2025-12-14 14:01:46
Link: View Details
Information published.
CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes
Published on: 2025-12-14 14:01:52
Link: View Details
Information published.
CVE-2023-53447 f2fs: don't reset unchangable mount option in f2fs_remount()
Published on: 2025-12-14 14:01:57
Link: View Details
Information published.
CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev
Published on: 2025-12-14 14:02:10
Link: View Details
Information published.
CVE-2025-61662 Grub2: missing unregister call for gettext command may lead to use-after-free
Published on: 2025-12-13 01:38:22
Link: View Details
Information published.
CVE-2025-61663 Grub2: missing unregister call for normal commands may lead to use-after-free
Published on: 2025-12-13 01:38:28
Link: View Details
Information published.
CVE-2025-61661 Grub2: grub2: out-of-bounds write via malicious usb device
Published on: 2025-12-13 01:38:34
Link: View Details
Information published.
CVE-2025-61664 Grub2: missing unregister call for normal_exit command may lead to use-after-free
Published on: 2025-12-13 01:38:41
Link: View Details
Information published.
CVE-2025-14087 Glib: glib: buffer underflow in gvariant parser leads to heap corruption
Published on: 2025-12-13 01:01:54
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-13 01:38:50
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-13 01:39:00
Link: View Details
Information published.
CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow
Published on: 2025-12-13 01:02:02
Link: View Details
Information published.
CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)
Published on: 2025-12-13 01:02:10
Link: View Details
Information published.
CVE-2025-14104 Util-linux: util-linux: heap buffer overread in setpwnam() when processing 256-byte usernames
Published on: 2025-12-13 01:02:19
Link: View Details
Information published.
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1
Published on: 2025-12-13 01:37:42
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-13 01:37:47
Link: View Details
Information published.
CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler
Published on: 2025-12-13 01:01:44
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-13 01:37:17
Link: View Details
Information published.
CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Published on: 2025-12-13 01:37:56
Link: View Details
Information published.
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url
Published on: 2025-12-13 01:37:52
Link: View Details
Information published.
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2025-12-13 01:37:22
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-13 01:37:27
Link: View Details
Information published.
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem
Published on: 2025-12-13 01:37:37
Link: View Details
Information published.
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509
Published on: 2025-12-13 01:37:32
Link: View Details
Information published.
CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability
Published on: 2025-12-12 08:00:00
Link: View Details
Corrected CVSS Privileges metric to PR:L, corrected Exploitability assessment to Expoitation More Likely, and updated FAQs. These are informational changes only.
CVE-2025-49178 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
Published on: 2025-12-12 01:03:08
Link: View Details
Information published.
CVE-2025-49175 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
Published on: 2025-12-12 01:02:48
Link: View Details
Information published.
CVE-2025-49176 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension
Published on: 2025-12-12 01:03:03
Link: View Details
Information published.
CVE-2025-49177 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension's xfixessetclientdisconnectmode
Published on: 2025-12-12 01:02:58
Link: View Details
Information published.
CVE-2025-49179 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension
Published on: 2025-12-12 01:02:52
Link: View Details
Information published.
CVE-2025-49180 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
Published on: 2025-12-12 01:03:13
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-12 01:38:08
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-12 01:38:32
Link: View Details
Information published.
CVE-2023-45284 Incorrect detection of reserved device names on Windows in path/filepath
Published on: 2025-12-12 01:03:18
Link: View Details
Information published.
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1
Published on: 2025-12-12 01:37:17
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-12 01:37:22
Link: View Details
Information published.
CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
Published on: 2025-12-12 01:01:37
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-12 01:36:52
Link: View Details
Information published.
CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Published on: 2025-12-12 01:37:32
Link: View Details
Information published.
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url
Published on: 2025-12-12 01:37:27
Link: View Details
Information published.
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2025-12-12 01:36:57
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-12 01:37:01
Link: View Details
Information published.
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem
Published on: 2025-12-12 01:37:12
Link: View Details
Information published.
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509
Published on: 2025-12-12 01:37:06
Link: View Details
Information published.
Chromium: CVE-2025-14373 Inappropriate implementation in Toolbar
Published on: 2025-12-11 22:29:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
CVE-2025-64669 Windows Admin Center Elevation of Privilege Vulnerability
Published on: 2025-12-11 08:00:00
Link: View Details
Corrected Build Number in the Security Updates table. This is an informational change only.
Chromium: CVE-2025-14372 Use after free in Password Manager
Published on: 2025-12-11 22:29:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Published on: 2025-12-11 01:39:21
Link: View Details
Information published.
CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Published on: 2025-12-11 01:39:29
Link: View Details
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published on: 2025-12-11 01:39:49
Link: View Details
Information published.
CVE-2025-40334 drm/amdgpu: validate userq buffer virtual address and size
Published on: 2025-12-11 01:36:37
Link: View Details
Information published.
CVE-2025-66418 urllib3 allows an unbounded number of links in the decompression chain
Published on: 2025-12-11 01:01:31
Link: View Details
Information published.
CVE-2025-62408 c-ares has a Use After Free vulnerability when connection is cleaned up after error
Published on: 2025-12-11 01:01:47
Link: View Details
Information published.
CVE-2025-55753 Apache HTTP Server: mod_md (ACME), unintended retry intervals
Published on: 2025-12-11 01:02:04
Link: View Details
Information published.
CVE-2025-40336 drm/gpusvm: fix hmm_pfn_to_map_order() usage
Published on: 2025-12-11 01:36:26
Link: View Details
Information published.
CVE-2025-40338 ASoC: Intel: avs: Do not share the name pointer between components
Published on: 2025-12-11 01:36:32
Link: View Details
Information published.
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data
Published on: 2025-12-11 01:01:41
Link: View Details
Information published.
CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...
Published on: 2025-12-11 01:01:55
Link: View Details
Information published.
CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user
Published on: 2025-12-11 01:38:13
Link: View Details
Information published.
CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Updated the "Are there any further actions I need to take to be protected from this vulnerability?" FAQ as follows:
1. Added a reminder to customers that The DisableCapiOverrideForRSA registry key will be removed in April 2026.
2. Added an update that states: The October 14, 2025, Windows updates addressing CVE-2024-30098 revealed issues in applications where the code does not correctly identify which provider is managing the key for certificates propagated from a smart card to the certificate store. This misidentification can cause cryptographic operations to fail in certain scenarios. Please see [Guidance for certificate handling for Smart Card propagated certificates](http://support.microsoft.com/kb/5073121) for guidance for application developers on how to detect the correct handler and resolve these issues.
These are informational changes only.
CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
The following updates have been made:
1. To comprehensively address CVE-2025-60710, Microsoft has released December 2025 security updates for all supported editions of Windows 11 Version 24H2, Windows 11 Version 25H2, and Windows Server 2025. Microsoft recommends that customers install the updates to be fully protected from the vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.
2. Added a Workaround for customers running Windows Server 2025, in the event they cannot immediately install the update.
CVE-2025-62454 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.
CVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62458 Win32k Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
CVE-2025-62466 Windows Client-Side Caching Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.
CVE-2025-62469 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62470 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62472 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-62473 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
CVE-2025-62549 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-62561 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-62563 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-62564 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-62571 Windows Installer Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper input validation in Windows Installer allows an authorized attacker to elevate privileges locally.
CVE-2025-62572 Application Information Service Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Out-of-bounds read in Application Information Services allows an authorized attacker to elevate privileges locally.
CVE-2025-62573 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
CVE-2025-64658 Windows File Explorer Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2025-64667 Microsoft Exchange Server Spoofing Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVE-2025-64666 Microsoft Exchange Server Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
CVE-2025-64670 Windows DirectX Information Disclosure Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network.
CVE-2025-64673 Windows Storage VSP Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-59516 Windows Storage VSP Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-59517 Windows Storage VSP Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
CVE-2025-62461 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62462 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62463 DirectX Graphics Kernel Denial of Service Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.
CVE-2025-62464 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62465 DirectX Graphics Kernel Denial of Service Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Null pointer dereference in Windows DirectX allows an authorized attacker to deny service locally.
CVE-2025-55233 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Out-of-bounds read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62467 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62468 Windows Defender Firewall Service Information Disclosure Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally.
CVE-2025-62474 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
CVE-2025-62550 Azure Monitor Agent Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.
CVE-2025-62552 Microsoft Access Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute code locally.
CVE-2025-62553 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-62554 Microsoft Office Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62555 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62556 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-62557 Microsoft Office Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62558 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62559 Microsoft Word Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62560 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2025-62567 Windows Hyper-V Denial of Service Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Windows Hyper-V allows an authorized attacker to deny service over a network.
CVE-2025-62569 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.
CVE-2025-62570 Windows Camera Frame Server Monitor Information Disclosure Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally.
CVE-2025-62565 Windows File Explorer Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2025-64661 Windows Shell Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Shell allows an authorized attacker to elevate privileges locally.
CVE-2025-64671 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Copilot allows an unauthorized attacker to execute code locally.
CVE-2025-64672 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVE-2025-64678 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
CVE-2025-64679 Windows DWM Core Library Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2025-64680 Windows DWM Core Library Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
CVE-2025-62221 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-54100 PowerShell Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Windows PowerShell allows an unauthorized attacker to execute code locally.
CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Corrected severity entries in the Affected Products table. This is an informational change only. Customers who have successfully installed the update do not need to take any further action.
CVE-2025-62562 Microsoft Outlook Remote Code Execution Vulnerability
Published on: 2025-12-09 08:00:00
Link: View Details
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally.
CVE-2025-66221 Werkzeug safe_join() allows Windows special device names
Published on: 2025-12-09 01:37:04
Link: View Details
Information published.
CVE-2025-12638 Path Traversal Vulnerability in keras-team/keras via Tar Archive Extraction in keras.utils.get_file()
Published on: 2025-12-09 01:36:54
Link: View Details
Information published.
CVE-2025-13836 Excessive read buffering DoS in http.client
Published on: 2025-12-09 01:38:18
Link: View Details
Information published.
CVE-2025-13837 Out-of-memory when loading Plist
Published on: 2025-12-09 01:38:23
Link: View Details
Information published.
CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
Published on: 2025-12-09 01:37:47
Link: View Details
Information published.
CVE-2025-40218 mm/damon/vaddr: do not repeat pte_offset_map_lock() until success
Published on: 2025-12-09 01:37:53
Link: View Details
Information published.
CVE-2025-40262 Input: imx_sc_key - fix memory corruption on unload
Published on: 2025-12-09 01:38:33
Link: View Details
Information published.
CVE-2025-40242 gfs2: Fix unlikely race in gdlm_put_lock
Published on: 2025-12-09 01:38:38
Link: View Details
Information published.
CVE-2025-40245 nios2: ensure that memblock.current_limit is set when setting pfn limits
Published on: 2025-12-09 01:38:43
Link: View Details
Information published.
CVE-2025-40223 most: usb: Fix use-after-free in hdm_disconnect
Published on: 2025-12-09 01:38:54
Link: View Details
Information published.
CVE-2025-40233 ocfs2: clear extent cache after moving/defragmenting extents
Published on: 2025-12-09 01:39:10
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published on: 2025-12-09 01:39:50
Link: View Details
Information published.
CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
Published on: 2025-12-09 01:41:10
Link: View Details
Information published.
CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size
Published on: 2025-12-09 01:40:07
Link: View Details
Information published.
CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
Published on: 2025-12-09 01:40:26
Link: View Details
Information published.
CVE-2025-40285 smb/server: fix possible refcount leak in smb2_sess_setup()
Published on: 2025-12-09 01:40:41
Link: View Details
Information published.
CVE-2025-40307 exfat: validate cluster allocation bits of the allocation bitmap
Published on: 2025-12-09 01:01:26
Link: View Details
Information published.
CVE-2025-40314 usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget
Published on: 2025-12-09 01:02:20
Link: View Details
Information published.
CVE-2025-40301 Bluetooth: hci_event: validate skb length for unknown CC opcode
Published on: 2025-12-09 01:02:36
Link: View Details
Information published.
CVE-2025-40297 net: bridge: fix use-after-free due to MST port state bypass
Published on: 2025-12-09 01:03:18
Link: View Details
Information published.
CVE-2025-40303 btrfs: ensure no dirty metadata is written back for an fs with errors
Published on: 2025-12-09 01:03:24
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-09 01:37:35
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-09 01:40:02
Link: View Details
Information published.
CVE-2025-40217 pidfs: validate extensible ioctls
Published on: 2025-12-09 01:37:58
Link: View Details
Information published.
CVE-2025-34297 KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc
Published on: 2025-12-09 01:38:14
Link: View Details
Information published.
CVE-2025-40244 hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()
Published on: 2025-12-09 01:38:49
Link: View Details
Information published.
CVE-2025-40243 hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()
Published on: 2025-12-09 01:39:00
Link: View Details
Information published.
CVE-2025-40253 s390/ctcm: Fix double-kfree
Published on: 2025-12-09 01:39:05
Link: View Details
Information published.
CVE-2025-40263 Input: cros_ec_keyb - fix an invalid memory access
Published on: 2025-12-09 01:39:15
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-09 01:39:36
Link: View Details
Information published.
CVE-2025-12084 Quadratic complexity in node ID cache clearing
Published on: 2025-12-09 01:39:42
Link: View Details
Information published.
CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()
Published on: 2025-12-09 01:41:05
Link: View Details
Information published.
CVE-2025-40280 tipc: Fix use-after-free in tipc_mon_reinit_self().
Published on: 2025-12-09 01:41:15
Link: View Details
Information published.
CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
Published on: 2025-12-09 01:41:20
Link: View Details
Information published.
CVE-2025-40269 ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
Published on: 2025-12-09 01:41:25
Link: View Details
Information published.
CVE-2025-40278 net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak
Published on: 2025-12-09 01:40:12
Link: View Details
Information published.
CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
Published on: 2025-12-09 01:40:17
Link: View Details
Information published.
CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler
Published on: 2025-12-09 01:40:22
Link: View Details
Information published.
CVE-2025-40288 drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
Published on: 2025-12-09 01:40:31
Link: View Details
Information published.
CVE-2025-40284 Bluetooth: MGMT: cancel mesh send timer when hdev removed
Published on: 2025-12-09 01:40:36
Link: View Details
Information published.
CVE-2025-40283 Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
Published on: 2025-12-09 01:40:51
Link: View Details
Information published.
CVE-2025-40286 smb/server: fix possible memory leak in smb2_read()
Published on: 2025-12-09 01:40:46
Link: View Details
Information published.
CVE-2025-40279 net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
Published on: 2025-12-09 01:40:56
Link: View Details
Information published.
CVE-2025-40282 Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
Published on: 2025-12-09 01:41:00
Link: View Details
Information published.
CVE-2023-53749 x86: fix clear_user_rep_good() exception handling annotation
Published on: 2025-12-09 01:01:20
Link: View Details
Information published.
CVE-2025-40308 Bluetooth: bcsp: receive data only if registered
Published on: 2025-12-09 01:01:31
Link: View Details
Information published.
CVE-2025-40309 Bluetooth: SCO: Fix UAF on sco_conn_free
Published on: 2025-12-09 01:01:37
Link: View Details
Information published.
CVE-2025-40305 9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN
Published on: 2025-12-09 01:01:42
Link: View Details
Information published.
CVE-2025-40293 iommufd: Don't overflow during division for dirty tracking
Published on: 2025-12-09 01:01:47
Link: View Details
Information published.
CVE-2025-40292 virtio-net: fix received length check in big packets
Published on: 2025-12-09 01:01:52
Link: View Details
Information published.
CVE-2025-40306 orangefs: fix xattr related buffer overflow...
Published on: 2025-12-09 01:01:58
Link: View Details
Information published.
CVE-2025-40319 bpf: Sync pending IRQ work before freeing ring buffer
Published on: 2025-12-09 01:02:03
Link: View Details
Information published.
CVE-2025-40312 jfs: Verify inode mode when loading from disk
Published on: 2025-12-09 01:02:09
Link: View Details
Information published.
CVE-2025-40315 usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
Published on: 2025-12-09 01:02:15
Link: View Details
Information published.
CVE-2025-40317 regmap: slimbus: fix bus_context pointer in regmap init calls
Published on: 2025-12-09 01:02:25
Link: View Details
Information published.
CVE-2025-40321 wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode
Published on: 2025-12-09 01:02:30
Link: View Details
Information published.
CVE-2025-40304 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds
Published on: 2025-12-09 01:02:41
Link: View Details
Information published.
CVE-2025-40313 ntfs3: pretend $Extend records as regular files
Published on: 2025-12-09 01:02:47
Link: View Details
Information published.
CVE-2025-40294 Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern()
Published on: 2025-12-09 01:02:52
Link: View Details
Information published.
CVE-2025-40310 amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw
Published on: 2025-12-09 01:02:57
Link: View Details
Information published.
CVE-2025-40323 fbcon: Set fb_display[i]->mode to NULL when the mode is released
Published on: 2025-12-09 01:03:02
Link: View Details
Information published.
CVE-2025-40311 accel/habanalabs: support mapping cb with vmalloc-backed coherent memory
Published on: 2025-12-09 01:03:08
Link: View Details
Information published.
CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
Published on: 2025-12-09 01:03:13
Link: View Details
Information published.
CVE-2025-40324 NFSD: Fix crash in nfsd4_read_release()
Published on: 2025-12-09 01:03:29
Link: View Details
Information published.
CVE-2022-24736 A Malformed Lua script can crash Redis
Published on: 2025-12-09 01:36:49
Link: View Details
Information published.
CVE-2022-24735 Lua scripts can be manipulated to overcome ACL rules in Redis
Published on: 2025-12-09 01:36:44
Link: View Details
Information published.
CVE-2023-53231 erofs: Fix detection of atomic context
Published on: 2025-12-09 01:38:28
Link: View Details
Information published.
CVE-2023-53261 coresight: Fix memory leak in acpi_buffer->pointer
Published on: 2025-12-09 01:37:09
Link: View Details
Information published.
CVE-2022-50316 orangefs: Fix kmemleak in orangefs_sysfs_init()
Published on: 2025-12-09 01:37:40
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.
Published on: 2025-12-08 14:37:29
Link: View Details
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published on: 2025-12-08 14:37:36
Link: View Details
Information published.
CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
Published on: 2025-12-08 14:37:51
Link: View Details
Information published.
CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
Published on: 2025-12-08 01:01:25
Link: View Details
Information published.
CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size
Published on: 2025-12-08 14:38:22
Link: View Details
Information published.
CVE-2025-40275 ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd
Published on: 2025-12-08 01:05:14
Link: View Details
Information published.
CVE-2025-40285 smb/server: fix possible refcount leak in smb2_sess_setup()
Published on: 2025-12-08 01:05:30
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-08 14:38:09
Link: View Details
Information published.
CVE-2025-12385 Improper validation of <img> tag size in Text component parser
Published on: 2025-12-08 14:38:17
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-08 14:36:07
Link: View Details
Information published.
CVE-2025-12084 Quadratic complexity in node ID cache clearing
Published on: 2025-12-08 14:36:14
Link: View Details
Information published.
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published on: 2025-12-08 14:37:44
Link: View Details
Information published.
CVE-2025-40273 NFSD: free copynotify stateid in nfs4_free_ol_stateid()
Published on: 2025-12-08 01:01:19
Link: View Details
Information published.
CVE-2025-40280 tipc: Fix use-after-free in tipc_mon_reinit_self().
Published on: 2025-12-08 01:01:31
Link: View Details
Information published.
CVE-2025-40281 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto
Published on: 2025-12-08 01:01:37
Link: View Details
Information published.
CVE-2025-40269 ALSA: usb-audio: Fix potential overflow of PCM transfer buffer
Published on: 2025-12-08 01:01:43
Link: View Details
Information published.
CVE-2025-40289 drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM
Published on: 2025-12-08 14:38:27
Link: View Details
Information published.
CVE-2025-40278 net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak
Published on: 2025-12-08 01:04:58
Link: View Details
Information published.
CVE-2025-40268 cifs: client: fix memory leak in smb3_fs_context_parse_param
Published on: 2025-12-08 01:05:03
Link: View Details
Information published.
CVE-2025-40272 mm/secretmem: fix use-after-free race in fault handler
Published on: 2025-12-08 01:05:08
Link: View Details
Information published.
CVE-2025-40288 drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices
Published on: 2025-12-08 01:05:19
Link: View Details
Information published.
CVE-2025-40284 Bluetooth: MGMT: cancel mesh send timer when hdev removed
Published on: 2025-12-08 01:05:25
Link: View Details
Information published.
CVE-2025-40283 Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF
Published on: 2025-12-08 01:05:41
Link: View Details
Information published.
CVE-2025-40286 smb/server: fix possible memory leak in smb2_read()
Published on: 2025-12-08 01:05:35
Link: View Details
Information published.
CVE-2025-40279 net: sched: act_connmark: initialize struct tc_ife to fix kernel leak
Published on: 2025-12-08 01:05:46
Link: View Details
Information published.
CVE-2025-40282 Bluetooth: 6lowpan: reset link-local header on ipv6 recv path
Published on: 2025-12-08 01:05:52
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-08 14:35:03
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-08 14:35:10
Link: View Details
Information published.
CVE-2025-21825 bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
Published on: 2025-12-07 01:46:49
Link: View Details
Information published.
CVE-2024-58089 btrfs: fix double accounting race when btrfs_run_delalloc_range() failed
Published on: 2025-12-07 01:39:39
Link: View Details
Information published.
CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP
Published on: 2025-12-07 01:36:21
Link: View Details
Information published.
CVE-2025-21885 RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers
Published on: 2025-12-07 01:36:42
Link: View Details
Information published.
CVE-2024-7598 Network restriction bypass via race condition during namespace termination
Published on: 2025-12-07 01:40:27
Link: View Details
Information published.
CVE-2025-29923 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
Published on: 2025-12-07 01:41:41
Link: View Details
Information published.
CVE-2025-21888 RDMA/mlx5: Fix a WARN during dereg_mr for DM type
Published on: 2025-12-07 01:40:40
Link: View Details
Information published.
CVE-2025-21870 ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers
Published on: 2025-12-07 01:40:50
Link: View Details
Information published.
CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
Published on: 2025-12-07 01:47:22
Link: View Details
Information published.
CVE-2025-64434 KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing
Published on: 2025-12-07 01:47:45
Link: View Details
Information published.
CVE-2025-64433 KubeVirt Arbitrary Container File Read
Published on: 2025-12-07 01:47:57
Link: View Details
Information published.
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Published on: 2025-12-07 01:48:08
Link: View Details
Information published.
CVE-2025-64437 KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
Published on: 2025-12-07 01:48:20
Link: View Details
Information published.
CVE-2025-52881 runc: LSM labels can be bypassed with malicious config using dummy procfs files
Published on: 2025-12-07 01:37:15
Link: View Details
Information published.
CVE-2025-40149 tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().
Published on: 2025-12-07 01:49:42
Link: View Details
Information published.
CVE-2025-10158 Rsync: Out of bounds array access via negative index
Published on: 2025-12-07 01:36:46
Link: View Details
Information published.
CVE-2025-12970 CVE-2025-12970
Published on: 2025-12-07 01:39:15
Link: View Details
Information published.
CVE-2025-12977 CVE-2025-12977
Published on: 2025-12-07 01:38:52
Link: View Details
Information published.
CVE-2025-58436 OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack
Published on: 2025-12-07 01:39:41
Link: View Details
Information published.
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write
Published on: 2025-12-07 01:39:54
Link: View Details
Information published.
CVE-2025-64329 containerd CRI server: Host memory exhaustion through Attach goroutine leak
Published on: 2025-12-07 01:47:05
Link: View Details
Information published.
CVE-2025-64432 KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
Published on: 2025-12-07 01:47:34
Link: View Details
Information published.
CVE-2025-40110 drm/vmwgfx: Fix a null-ptr access in the cursor snooper
Published on: 2025-12-07 01:49:00
Link: View Details
Information published.
CVE-2025-40111 drm/vmwgfx: Fix Use-after-free in validation
Published on: 2025-12-07 01:49:08
Link: View Details
Information published.
CVE-2025-60876 BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).
Published on: 2025-12-07 01:50:56
Link: View Details
Information published.
CVE-2025-40167 ext4: detect invalid INLINE_DATA + EXTENTS flag combination
Published on: 2025-12-07 01:49:17
Link: View Details
Information published.
CVE-2025-40135 ipv6: use RCU in ip6_xmit()
Published on: 2025-12-07 01:49:25
Link: View Details
Information published.
CVE-2025-40139 smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().
Published on: 2025-12-07 01:49:34
Link: View Details
Information published.
CVE-2025-40146 blk-mq: fix potential deadlock while nr_requests grown
Published on: 2025-12-07 01:49:51
Link: View Details
Information published.
CVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings
Published on: 2025-12-07 01:49:59
Link: View Details
Information published.
CVE-2025-40168 smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().
Published on: 2025-12-07 01:50:11
Link: View Details
Information published.
CVE-2025-40173 net/ip6_tunnel: Prevent perpetual tunnel growth
Published on: 2025-12-07 01:50:19
Link: View Details
Information published.
CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()
Published on: 2025-12-07 01:50:27
Link: View Details
Information published.
CVE-2025-40158 ipv6: use RCU in ip6_output()
Published on: 2025-12-07 01:50:36
Link: View Details
Information published.
CVE-2025-40176 tls: wait for pending async decryptions if tls_strp_msg_hold fails
Published on: 2025-12-07 01:50:46
Link: View Details
Information published.
CVE-2025-40179 ext4: verify orphan file size is not too big
Published on: 2025-12-07 01:51:03
Link: View Details
Information published.
CVE-2025-40180 mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop
Published on: 2025-12-07 01:51:11
Link: View Details
Information published.
CVE-2025-40198 ext4: avoid potential buffer over-read in parse_apply_sb_mount_options()
Published on: 2025-12-07 01:51:18
Link: View Details
Information published.
CVE-2025-40207 media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try()
Published on: 2025-12-07 01:51:24
Link: View Details
Information published.
CVE-2025-40200 Squashfs: reject negative file sizes in squashfs_read_inode()
Published on: 2025-12-07 01:51:30
Link: View Details
Information published.
CVE-2025-40195 mount: handle NULL values in mnt_ns_release()
Published on: 2025-12-07 01:51:37
Link: View Details
Information published.
CVE-2025-40187 net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce()
Published on: 2025-12-07 01:51:43
Link: View Details
Information published.
CVE-2025-40178 pid: Add a judgment for ns null in pid_nr_ns
Published on: 2025-12-07 01:51:49
Link: View Details
Information published.
CVE-2025-40201 kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths
Published on: 2025-12-07 01:51:54
Link: View Details
Information published.
CVE-2025-40190 ext4: guard against EA inode refcount underflow in xattr update
Published on: 2025-12-07 01:52:00
Link: View Details
Information published.
CVE-2025-40194 cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request()
Published on: 2025-12-07 01:52:05
Link: View Details
Information published.
CVE-2025-40205 btrfs: avoid potential out-of-bounds in btrfs_encode_fh()
Published on: 2025-12-07 01:52:11
Link: View Details
Information published.
CVE-2025-40206 netfilter: nft_objref: validate objref and objrefmap expressions
Published on: 2025-12-07 01:52:17
Link: View Details
Information published.
CVE-2025-40197 media: mc: Clear minor number before put device
Published on: 2025-12-07 01:52:22
Link: View Details
Information published.
CVE-2025-40192 Revert "ipmi: fix msg stack when IPMI is disconnected"
Published on: 2025-12-07 01:52:27
Link: View Details
Information published.
CVE-2025-40193 xtensa: simdisk: add input size check in proc_write_simdisk
Published on: 2025-12-07 01:35:30
Link: View Details
Information published.
CVE-2025-40204 sctp: Fix MAC comparison to be constant-time
Published on: 2025-12-07 01:35:42
Link: View Details
Information published.
CVE-2025-40202 ipmi: Rework user message limit handling
Published on: 2025-12-07 01:35:54
Link: View Details
Information published.
CVE-2025-12748 Libvirt: denial of service in xml parsing
Published on: 2025-12-07 01:36:12
Link: View Details
Information published.
CVE-2025-64324 KubeVirt Vulnerable to Arbitrary Host File Read and Write
Published on: 2025-12-07 01:36:59
Link: View Details
Information published.
CVE-2025-11230 Denial of service vulnerability in HAProxy mjson library
Published on: 2025-12-07 01:37:57
Link: View Details
Information published.
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published on: 2025-12-07 01:37:30
Link: View Details
Information published.
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published on: 2025-12-07 01:37:44
Link: View Details
Information published.
CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots
Published on: 2025-12-07 01:38:09
Link: View Details
Information published.
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published on: 2025-12-07 01:38:31
Link: View Details
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published on: 2025-12-07 01:39:29
Link: View Details
Information published.
CVE-2025-12969 CVE-2025-12969
Published on: 2025-12-07 01:39:03
Link: View Details
Information published.
CVE-2025-13836 Excessive read buffering DoS in http.client
Published on: 2025-12-07 01:40:46
Link: View Details
Information published.
CVE-2025-13837 Out-of-memory when loading Plist
Published on: 2025-12-07 01:41:04
Link: View Details
Information published.
CVE-2025-40215 xfrm: delete x->tunnel as we delete x
Published on: 2025-12-07 01:41:14
Link: View Details
Information published.
CVE-2025-40218 mm/damon/vaddr: do not repeat pte_offset_map_lock() until success
Published on: 2025-12-07 01:41:28
Link: View Details
Information published.
CVE-2025-40262 Input: imx_sc_key - fix memory corruption on unload
Published on: 2025-12-07 01:42:38
Link: View Details
Information published.
CVE-2025-40242 gfs2: Fix unlikely race in gdlm_put_lock
Published on: 2025-12-07 01:42:59
Link: View Details
Information published.
CVE-2025-40240 sctp: avoid NULL dereference when chunk data buffer is missing
Published on: 2025-12-07 01:43:22
Link: View Details
Information published.
CVE-2025-40245 nios2: ensure that memblock.current_limit is set when setting pfn limits
Published on: 2025-12-07 01:43:36
Link: View Details
Information published.
CVE-2025-40258 mptcp: fix race condition in mptcp_schedule_work()
Published on: 2025-12-07 01:43:46
Link: View Details
Information published.
CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields
Published on: 2025-12-07 01:43:56
Link: View Details
Information published.
CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
Published on: 2025-12-07 01:44:31
Link: View Details
Information published.
CVE-2025-40223 most: usb: Fix use-after-free in hdm_disconnect
Published on: 2025-12-07 01:44:55
Link: View Details
Information published.
CVE-2025-40264 be2net: pass wrb_params in case of OS2BMC
Published on: 2025-12-07 01:45:19
Link: View Details
Information published.
CVE-2025-40233 ocfs2: clear extent cache after moving/defragmenting extents
Published on: 2025-12-07 01:45:45
Link: View Details
Information published.
CVE-2025-40247 drm/msm: Fix pgtable prealloc error path
Published on: 2025-12-07 01:45:55
Link: View Details
Information published.
CVE-2025-40250 net/mlx5: Clean up only new IRQ glue on request_irq() failure
Published on: 2025-12-07 01:46:07
Link: View Details
Information published.
CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy
Published on: 2025-12-07 01:46:18
Link: View Details
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.
Published on: 2025-12-07 01:03:21
Link: View Details
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published on: 2025-12-07 01:03:30
Link: View Details
Information published.
CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF
Published on: 2025-12-07 01:03:46
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-07 01:40:29
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-07 01:04:04
Link: View Details
Information published.
CVE-2025-40217 pidfs: validate extensible ioctls
Published on: 2025-12-07 01:41:41
Link: View Details
Information published.
CVE-2025-40220 fuse: fix livelock in synchronous file put from fuseblk workers
Published on: 2025-12-07 01:41:54
Link: View Details
Information published.
CVE-2025-40219 PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
Published on: 2025-12-07 01:42:09
Link: View Details
Information published.
CVE-2025-12385 Improper validation of <img> tag size in Text component parser
Published on: 2025-12-07 01:04:13
Link: View Details
Information published.
CVE-2025-40261 nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
Published on: 2025-12-07 01:42:49
Link: View Details
Information published.
CVE-2025-40257 mptcp: fix a race in mptcp_pm_del_add_timer()
Published on: 2025-12-07 01:43:10
Link: View Details
Information published.
CVE-2025-40259 scsi: sg: Do not sleep in atomic context
Published on: 2025-12-07 01:44:07
Link: View Details
Information published.
CVE-2025-40244 hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()
Published on: 2025-12-07 01:44:21
Link: View Details
Information published.
CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established
Published on: 2025-12-07 01:44:41
Link: View Details
Information published.
CVE-2025-40243 hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()
Published on: 2025-12-07 01:45:09
Link: View Details
Information published.
CVE-2025-40253 s390/ctcm: Fix double-kfree
Published on: 2025-12-07 01:45:31
Link: View Details
Information published.
CVE-2025-40266 KVM: arm64: Check the untrusted offset in FF-A memory share
Published on: 2025-12-07 01:46:28
Link: View Details
Information published.
CVE-2025-40263 Input: cros_ec_keyb - fix an invalid memory access
Published on: 2025-12-07 01:46:39
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-07 01:01:45
Link: View Details
Information published.
CVE-2025-12084 Quadratic complexity in node ID cache clearing
Published on: 2025-12-07 01:01:53
Link: View Details
Information published.
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published on: 2025-12-07 01:03:38
Link: View Details
Information published.
CVE-2025-38022 RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem
Published on: 2025-12-07 01:41:11
Link: View Details
Information published.
CVE-2025-38041 clk: sunxi-ng: h616: Reparent GPU clock during frequency changes
Published on: 2025-12-07 01:41:32
Link: View Details
Information published.
CVE-2025-38011 drm/amdgpu: csa unmap use uninterruptible lock
Published on: 2025-12-07 01:41:52
Link: View Details
Information published.
CVE-2025-38029 kasan: avoid sleepable page allocation from atomic context
Published on: 2025-12-07 01:42:02
Link: View Details
Information published.
CVE-2025-38073 block: fix race between set_blocksize and read paths
Published on: 2025-12-07 01:41:22
Link: View Details
Information published.
CVE-2025-38064 virtio: break and reset virtio devices on device_shutdown()
Published on: 2025-12-07 01:41:42
Link: View Details
Information published.
CVE-2024-53201 drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe
Published on: 2025-12-07 01:35:43
Link: View Details
Information published.
CVE-2024-56647 net: Fix icmp host relookup triggering ip_rt_bug
Published on: 2025-12-07 01:51:09
Link: View Details
Information published.
CVE-2024-53114 x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
Published on: 2025-12-07 01:50:32
Link: View Details
Information published.
CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO
Published on: 2025-12-07 01:47:58
Link: View Details
Information published.
CVE-2024-56712 udmabuf: fix memory leak on last export_udmabuf() error path
Published on: 2025-12-07 01:51:16
Link: View Details
Information published.
CVE-2024-56591 Bluetooth: hci_conn: Use disable_delayed_work_sync
Published on: 2025-12-07 01:50:30
Link: View Details
Information published.
CVE-2024-53133 drm/amd/display: Handle dml allocation failure to avoid crash
Published on: 2025-12-07 01:50:07
Link: View Details
Information published.
CVE-2023-26819 cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}.
Published on: 2025-12-07 01:44:25
Link: View Details
Information published.
CVE-2025-38660 [ceph] parse_longname(): strrchr() expects NUL-terminated string
Published on: 2025-12-07 01:48:19
Link: View Details
Information published.
CVE-2025-38627 f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
Published on: 2025-12-07 01:48:38
Link: View Details
Information published.
CVE-2025-38636 rv: Use strings in da monitors tracepoints
Published on: 2025-12-07 01:49:07
Link: View Details
Information published.
CVE-2025-38643 wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
Published on: 2025-12-07 01:49:15
Link: View Details
Information published.
CVE-2025-38531 iio: common: st_sensors: Fix use of uninitialize device structs
Published on: 2025-12-07 01:47:16
Link: View Details
Information published.
CVE-2025-8961 LibTIFF tiffcrop tiffcrop.c main memory corruption
Published on: 2025-12-07 01:47:27
Link: View Details
Information published.
CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields
Published on: 2025-12-07 01:47:36
Link: View Details
Information published.
CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
Published on: 2025-12-07 01:38:41
Link: View Details
Information published.
CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
Published on: 2025-12-07 01:47:45
Link: View Details
Information published.
CVE-2025-38556 HID: core: Harden s32ton() against conversion to 0 bits
Published on: 2025-12-07 01:47:54
Link: View Details
Information published.
CVE-2025-38584 padata: Fix pd UAF once and for all
Published on: 2025-12-07 01:48:02
Link: View Details
Information published.
CVE-2023-52485 drm/amd/display: Wake DMCUB before sending a command
Published on: 2025-12-07 01:35:33
Link: View Details
Information published.
CVE-2024-25740 A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
Published on: 2025-12-07 01:35:44
Link: View Details
Information published.
CVE-2024-1151 Kernel: stack overflow problem in open vswitch kernel module leading to dos
Published on: 2025-12-07 01:39:50
Link: View Details
Information published.
CVE-2024-47702 bpf: Fail verification for sign-extension of packet data/data_end/data_meta
Published on: 2025-12-07 01:43:29
Link: View Details
Information published.
CVE-2024-49888 bpf: Fix a sdiv overflow issue
Published on: 2025-12-07 01:47:17
Link: View Details
Information published.
CVE-2024-47662 drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection
Published on: 2025-12-07 01:42:36
Link: View Details
Information published.
CVE-2024-49940 l2tp: prevent possible tunnel refcount underflow
Published on: 2025-12-07 01:47:35
Link: View Details
Information published.
CVE-2024-49932 btrfs: don't readahead the relocation inode on RST
Published on: 2025-12-07 01:47:26
Link: View Details
Information published.
CVE-2024-49893 drm/amd/display: Check stream_status before it is used
Published on: 2025-12-07 01:44:42
Link: View Details
Information published.
CVE-2024-49885 mm, slub: avoid zeroing kmalloc redzone
Published on: 2025-12-07 01:47:43
Link: View Details
Information published.
CVE-2024-49972 drm/amd/display: Deallocate DML memory if allocation fails
Published on: 2025-12-07 01:46:00
Link: View Details
Information published.
CVE-2024-49945 net/ncsi: Disable the ncsi work before freeing the associated structure
Published on: 2025-12-07 01:46:11
Link: View Details
Information published.
CVE-2024-49920 drm/amd/display: Check null pointers before multiple uses
Published on: 2025-12-07 01:44:52
Link: View Details
Information published.
CVE-2024-47661 drm/amd/display: Avoid overflow from uint32_t to uint8_t
Published on: 2025-12-07 01:42:09
Link: View Details
Information published.
CVE-2024-49904 drm/amdgpu: add list empty check to avoid null pointer issue
Published on: 2025-12-07 01:43:49
Link: View Details
Information published.
CVE-2024-50028 thermal: core: Reference count the zone in thermal_zone_get_by_id()
Published on: 2025-12-07 01:44:00
Link: View Details
Information published.
CVE-2024-49968 ext4: filesystems without casefold feature cannot be mounted with siphash
Published on: 2025-12-07 01:46:42
Link: View Details
Information published.
CVE-2024-49922 drm/amd/display: Check null pointers before using them
Published on: 2025-12-07 01:44:21
Link: View Details
Information published.
CVE-2024-46870 drm/amd/display: Disable DMCUB timeout for DCN35
Published on: 2025-12-07 01:42:25
Link: View Details
Information published.
CVE-2024-49971 drm/amd/display: Increase array size of dummy_boolean
Published on: 2025-12-07 01:46:21
Link: View Details
Information published.
CVE-2024-49921 drm/amd/display: Check null pointers before used
Published on: 2025-12-07 01:44:11
Link: View Details
Information published.
CVE-2024-38608 net/mlx5e: Fix netif state handling
Published on: 2025-12-07 01:38:53
Link: View Details
Information published.
CVE-2024-38595 net/mlx5: Fix peer devlink set for SF representor devlink port
Published on: 2025-12-07 01:45:25
Link: View Details
Information published.
CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
Published on: 2025-12-07 01:35:17
Link: View Details
Information published.
CVE-2024-46834 ethtool: fail closed if we can't get max channel used in indirection tables
Published on: 2025-12-07 01:41:48
Link: View Details
Information published.
CVE-2024-44951 serial: sc16is7xx: fix TX fifo corruption
Published on: 2025-12-07 01:41:58
Link: View Details
Information published.
CVE-2024-46730 drm/amd/display: Ensure array index tg_inst won't be -1
Published on: 2025-12-07 01:41:08
Link: View Details
Information published.
CVE-2024-46727 drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update
Published on: 2025-12-07 01:41:18
Link: View Details
Information published.
CVE-2024-46754 bpf: Remove tst_run from lwt_seg6local_prog_ops.
Published on: 2025-12-07 01:49:45
Link: View Details
Information published.
CVE-2024-8354 Qemu-kvm: usb: assertion failure in usb_ep_get()
Published on: 2025-12-07 01:43:45
Link: View Details
Information published.
CVE-2024-8612 Qemu-kvm: information leak in virtio devices
Published on: 2025-12-07 01:44:04
Link: View Details
Information published.
CVE-2025-39932 smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)
Published on: 2025-12-07 01:37:57
Link: View Details
Information published.
CVE-2025-39981 Bluetooth: MGMT: Fix possible UAFs
Published on: 2025-12-07 01:38:18
Link: View Details
Information published.
CVE-2025-11411 Possible domain hijacking via promiscuous records in the authority section
Published on: 2025-12-07 01:39:13
Link: View Details
Information published.
CVE-2025-40064 smc: Fix use-after-free in __pnet_find_base_ndev().
Published on: 2025-12-07 01:40:09
Link: View Details
Information published.
CVE-2025-40084 ksmbd: transport_ipc: validate payload size before reading handle
Published on: 2025-12-07 01:40:52
Link: View Details
Information published.
CVE-2025-40083 net/sched: sch_qfq: Fix null-deref in agg_dequeue
Published on: 2025-12-07 01:41:04
Link: View Details
Information published.
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1
Published on: 2025-12-07 01:43:08
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-07 01:42:25
Link: View Details
Information published.
CVE-2025-40104 ixgbevf: fix mailbox API compatibility by negotiating supported features
Published on: 2025-12-07 01:43:55
Link: View Details
Information published.
CVE-2025-6075 Quadratic complexity in os.path.expandvars() with user-controlled template
Published on: 2025-12-07 01:46:03
Link: View Details
Information published.
CVE-2025-12464 Qemu-kvm: stack buffer overflow in e1000 device via short frames in loopback mode
Published on: 2025-12-07 01:46:15
Link: View Details
Information published.
CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
Published on: 2025-12-07 01:36:39
Link: View Details
Information published.
CVE-2025-39901 i40e: remove read access to debugfs files
Published on: 2025-12-07 01:36:49
Link: View Details
Information published.
CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
Published on: 2025-12-07 01:36:59
Link: View Details
Information published.
CVE-2025-39940 dm-stripe: fix a possible integer overflow
Published on: 2025-12-07 01:38:08
Link: View Details
Information published.
CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto
Published on: 2025-12-07 01:38:28
Link: View Details
Information published.
CVE-2025-40003 net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work
Published on: 2025-12-07 01:38:38
Link: View Details
Information published.
CVE-2025-40001 scsi: mvsas: Fix use-after-free bugs in mvs_work_queue
Published on: 2025-12-07 01:38:50
Link: View Details
Information published.
CVE-2025-40005 spi: cadence-quadspi: Implement refcount to handle unbind during busy
Published on: 2025-12-07 01:39:00
Link: View Details
Information published.
CVE-2025-40019 crypto: essiv - Check ssize for decryption and in-place encryption
Published on: 2025-12-07 01:39:24
Link: View Details
Information published.
CVE-2025-40042 tracing: Fix race condition in kprobe initialization causing NULL pointer dereference
Published on: 2025-12-07 01:39:37
Link: View Details
Information published.
CVE-2025-40040 mm/ksm: fix flag-dropping behavior in ksm_madvise
Published on: 2025-12-07 01:39:48
Link: View Details
Information published.
CVE-2025-40074 ipv4: start using dst_dev_rcu()
Published on: 2025-12-07 01:39:59
Link: View Details
Information published.
CVE-2025-40065 RISC-V: KVM: Write hgatp register with valid mode bits
Published on: 2025-12-07 01:40:20
Link: View Details
Information published.
CVE-2025-40075 tcp_metrics: use dst_dev_net_rcu()
Published on: 2025-12-07 01:40:31
Link: View Details
Information published.
CVE-2025-40057 ptp: Add a upper bound on max_vclocks
Published on: 2025-12-07 01:40:40
Link: View Details
Information published.
CVE-2025-40085 ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card
Published on: 2025-12-07 01:41:15
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-07 01:41:55
Link: View Details
Information published.
CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Published on: 2025-12-07 01:43:44
Link: View Details
Information published.
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url
Published on: 2025-12-07 01:42:53
Link: View Details
Information published.
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2025-12-07 01:42:10
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-07 01:43:23
Link: View Details
Information published.
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem
Published on: 2025-12-07 01:42:39
Link: View Details
Information published.
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509
Published on: 2025-12-07 01:43:33
Link: View Details
Information published.
CVE-2025-40103 smb: client: Fix refcount leak for cifs_sb_tlink
Published on: 2025-12-07 01:44:07
Link: View Details
Information published.
CVE-2025-40087 NFSD: Define a proc_layoutcommit for the FlexFiles layout type
Published on: 2025-12-07 01:44:18
Link: View Details
Information published.
CVE-2025-40096 drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies
Published on: 2025-12-07 01:44:30
Link: View Details
Information published.
CVE-2025-40102 KVM: arm64: Prevent access to vCPU events before init
Published on: 2025-12-07 01:44:40
Link: View Details
Information published.
CVE-2025-40100 btrfs: do not assert we found block group item when creating free space tree
Published on: 2025-12-07 01:44:51
Link: View Details
Information published.
CVE-2025-40105 vfs: Don't leak disconnected dentries on umount
Published on: 2025-12-07 01:45:03
Link: View Details
Information published.
CVE-2025-40099 cifs: parse_dfs_referrals: prevent oob on malformed input
Published on: 2025-12-07 01:45:14
Link: View Details
Information published.
CVE-2025-11731 Libxslt: type confusion in exsltfuncresultcompfunction of libxslt
Published on: 2025-12-07 01:38:20
Link: View Details
Information published.
CVE-2018-7159 The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.
Published on: 2025-12-07 01:36:21
Link: View Details
Information published.
CVE-2025-22125 md/raid1,raid10: don't ignore IO flags
Published on: 2025-12-07 01:45:58
Link: View Details
Information published.
CVE-2025-21976 fbdev: hyperv_fb: Allow graceful removal of framebuffer
Published on: 2025-12-07 01:40:20
Link: View Details
Information published.
CVE-2025-22107 net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()
Published on: 2025-12-07 01:46:07
Link: View Details
Information published.
CVE-2025-22113 ext4: avoid journaling sb update on error if journal is destroying
Published on: 2025-12-07 01:46:57
Link: View Details
Information published.
CVE-2025-22108 bnxt_en: Mask the bd_cnt field in the TX BD properly
Published on: 2025-12-07 01:47:32
Link: View Details
Information published.
CVE-2025-22070 fs/9p: fix NULL pointer dereference on mkdir
Published on: 2025-12-07 01:45:17
Link: View Details
Information published.
CVE-2025-21961 eth: bnxt: fix truesize for mb-xdp-pass case
Published on: 2025-12-07 01:44:14
Link: View Details
Information published.
CVE-2025-29477 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
Published on: 2025-12-07 01:42:32
Link: View Details
Information published.
CVE-2025-22105 bonding: check xdp prog when set bond mode
Published on: 2025-12-07 01:50:47
Link: View Details
Information published.
CVE-2025-21985 drm/amd/display: Fix out-of-bound accesses
Published on: 2025-12-07 01:36:01
Link: View Details
Information published.
CVE-2025-22115 btrfs: fix block group refcount race in btrfs_create_pending_block_groups()
Published on: 2025-12-07 01:37:02
Link: View Details
Information published.
CVE-2025-22111 net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.
Published on: 2025-12-07 01:37:24
Link: View Details
Information published.
CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
Published on: 2025-12-07 01:43:11
Link: View Details
Information published.
CVE-2025-21949 LoongArch: Set hugetlb mmap base address aligned with pmd size
Published on: 2025-12-07 01:43:21
Link: View Details
Information published.
CVE-2025-22022 usb: xhci: Apply the link chain quirk on NEC isoc endpoints
Published on: 2025-12-07 01:39:08
Link: View Details
Information published.
CVE-2025-23131 dlm: prevent NPD when writing a positive value to event_done
Published on: 2025-12-07 01:39:39
Link: View Details
Information published.
CVE-2025-21907 mm: memory-failure: update ttu flag inside unmap_poisoned_folio
Published on: 2025-12-07 01:45:35
Link: View Details
Information published.
CVE-2025-22124 md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb
Published on: 2025-12-07 01:45:45
Link: View Details
Information published.
CVE-2025-23135 RISC-V: KVM: Teardown riscv specific bits after kvm_exit
Published on: 2025-12-07 01:46:25
Link: View Details
Information published.
CVE-2025-46327 Go Snowflake Driver has race condition when checking access to Easy Logging configuration file
Published on: 2025-12-07 01:45:07
Link: View Details
Information published.
CVE-2025-22109 ax25: Remove broken autobind
Published on: 2025-12-07 01:46:38
Link: View Details
Information published.
CVE-2025-29478 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
Published on: 2025-12-07 01:42:56
Link: View Details
Information published.
CVE-2025-22121 ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
Published on: 2025-12-07 01:35:40
Link: View Details
Information published.
CVE-2025-22026 nfsd: don't ignore the return code of svc_proc_register()
Published on: 2025-12-07 01:38:27
Link: View Details
Information published.
CVE-2025-40325 md/raid10: wait barrier before returning discard request with REQ_NOWAIT
Published on: 2025-12-07 01:39:29
Link: View Details
Information published.
CVE-2024-58251 In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
Published on: 2025-12-07 01:44:36
Link: View Details
Information published.
CVE-2025-46394 In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
Published on: 2025-12-07 01:44:46
Link: View Details
Information published.
CVE-2025-37860 sfc: fix NULL dereferences in ef100_process_design_param()
Published on: 2025-12-07 01:44:56
Link: View Details
Information published.
CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV
Published on: 2025-12-07 01:46:35
Link: View Details
Information published.
CVE-2024-43901 drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401
Published on: 2025-12-07 01:38:32
Link: View Details
Information published.
CVE-2024-43899 drm/amd/display: Fix null pointer deref in dcn20_resource.c
Published on: 2025-12-07 01:38:43
Link: View Details
Information published.
CVE-2024-43826 nfs: pass explicit offset/count to trace events
Published on: 2025-12-07 01:47:05
Link: View Details
Information published.
CVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE load
Published on: 2025-12-07 01:39:14
Link: View Details
Information published.
CVE-2024-43819 kvm: s390: Reject memory region operations for ucontrol VMs
Published on: 2025-12-07 01:39:34
Link: View Details
Information published.
CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed
Published on: 2025-12-07 01:38:06
Link: View Details
Information published.
CVE-2025-38333 f2fs: fix to bail out in get_new_segment()
Published on: 2025-12-07 01:44:24
Link: View Details
Information published.
CVE-2025-38201 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX
Published on: 2025-12-07 01:43:28
Link: View Details
Information published.
CVE-2025-38234 sched/rt: Fix race in push_rt_task
Published on: 2025-12-07 01:43:38
Link: View Details
Information published.
CVE-2025-38426 drm/amdgpu: Add basic validation for RAS header
Published on: 2025-12-07 01:46:25
Link: View Details
Information published.
CVE-2025-38232 NFSD: fix race between nfsd registration and exports_proc
Published on: 2025-12-07 01:43:48
Link: View Details
Information published.
CVE-2025-38359 s390/mm: Fix in_atomic() handling in do_secure_storage_access()
Published on: 2025-12-07 01:46:35
Link: View Details
Information published.
CVE-2025-38361 drm/amd/display: Check dce_hwseq before dereferencing it
Published on: 2025-12-07 01:46:46
Link: View Details
Information published.
CVE-2025-8114 : null pointer dereference in libssh kex session id calculation
Published on: 2025-12-07 01:47:07
Link: View Details
Information published.
CVE-2025-38264 nvme-tcp: sanitize request list handling
Published on: 2025-12-07 01:44:02
Link: View Details
Information published.
CVE-2025-38248 bridge: mcast: Fix use-after-free during router port configuration
Published on: 2025-12-07 01:44:13
Link: View Details
Information published.
CVE-2025-38125 net: stmmac: make sure that ptp_rate is not 0 before configuring EST
Published on: 2025-12-07 01:42:46
Link: View Details
Information published.
CVE-2025-38162 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation
Published on: 2025-12-07 01:42:57
Link: View Details
Information published.
CVE-2025-38303 Bluetooth: eir: Fix possible crashes on eir_create_adv_data
Published on: 2025-12-07 01:44:41
Link: View Details
Information published.
CVE-2025-38279 bpf: Do not include stack ptr register in precision backtracking bookkeeping
Published on: 2025-12-07 01:44:51
Link: View Details
Information published.
CVE-2025-7425 Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
Published on: 2025-12-07 01:45:45
Link: View Details
Information published.
CVE-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
Published on: 2025-12-07 01:46:00
Link: View Details
Information published.
CVE-2025-38269 btrfs: exit after state insertion failure at btrfs_convert_extent_bit()
Published on: 2025-12-07 01:45:06
Link: View Details
Information published.
CVE-2025-38096 wifi: iwlwifi: don't warn when if there is a FW error
Published on: 2025-12-07 01:43:18
Link: View Details
Information published.
CVE-2025-38272 net: dsa: b53: do not enable EEE on bcm63xx
Published on: 2025-12-07 01:45:20
Link: View Details
Information published.
CVE-2024-58266 The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.
Published on: 2025-12-07 01:46:56
Link: View Details
Information published.
CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
Published on: 2025-12-07 01:46:15
Link: View Details
Information published.
CVE-2025-38311 iavf: get rid of the crit lock
Published on: 2025-12-07 01:45:31
Link: View Details
Information published.
CVE-2025-38140 dm: limit swapping tables for devices with zone write plugs
Published on: 2025-12-07 01:43:07
Link: View Details
Information published.
CVE-2024-42107 ice: Don't process extts if PTP is disabled
Published on: 2025-12-07 01:35:22
Link: View Details
Information published.
CVE-2024-42064 drm/amd/display: Skip pipe if the pipe idx not set properly
Published on: 2025-12-07 01:36:57
Link: View Details
Information published.
CVE-2024-42065 drm/xe: Add a NULL check in xe_ttm_stolen_mgr_init
Published on: 2025-12-07 01:37:40
Link: View Details
Information published.
CVE-2024-42066 drm/xe: Fix potential integer overflow in page size calculation
Published on: 2025-12-07 01:37:20
Link: View Details
Information published.
CVE-2024-41045 bpf: Defer work in bpf_timer_cancel_and_free
Published on: 2025-12-07 01:46:18
Link: View Details
Information published.
CVE-2024-42151 bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable
Published on: 2025-12-07 01:49:56
Link: View Details
Information published.
CVE-2024-41008 drm/amdgpu: change vm->task_info handling
Published on: 2025-12-07 01:41:01
Link: View Details
Information published.
CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command
Published on: 2025-12-07 01:47:24
Link: View Details
Information published.
CVE-2024-42134 virtio-pci: Check if is_avq is NULL
Published on: 2025-12-07 01:50:15
Link: View Details
Information published.
CVE-2024-40999 net: ena: Add validation for completion descriptors consistency
Published on: 2025-12-07 01:49:02
Link: View Details
Information published.
CVE-2024-42118 drm/amd/display: Do not return negative stream id for array
Published on: 2025-12-07 01:49:19
Link: View Details
Information published.
CVE-2024-39478 crypto: starfive - Do not free stack buffer
Published on: 2025-12-07 01:49:52
Link: View Details
Information published.
CVE-2024-41067 btrfs: scrub: handle RST lookup error correctly
Published on: 2025-12-07 01:37:14
Link: View Details
Information published.
CVE-2024-42081 drm/xe/xe_devcoredump: Check NULL before assignments
Published on: 2025-12-07 01:37:30
Link: View Details
Information published.
CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.
Published on: 2025-12-07 01:35:56
Link: View Details
Information published.
CVE-2024-23848 In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
Published on: 2025-12-07 01:35:23
Link: View Details
Information published.
CVE-2025-21696 mm: clear uffd-wp PTE/PMD state on mremap()
Published on: 2025-12-07 01:38:06
Link: View Details
Information published.
CVE-2025-21768 net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
Published on: 2025-12-07 01:47:16
Link: View Details
Information published.
CVE-2024-57974 udp: Deal with race between UDP socket address change and rehash
Published on: 2025-12-07 01:47:49
Link: View Details
Information published.
CVE-2024-57994 ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()
Published on: 2025-12-07 01:48:07
Link: View Details
Information published.
CVE-2025-21801 net: ravb: Fix missing rtnl lock in suspend/resume path
Published on: 2025-12-07 01:49:36
Link: View Details
Information published.
CVE-2024-57976 btrfs: do proper folio cleanup when cow_file_range() failed
Published on: 2025-12-07 01:50:20
Link: View Details
Information published.
CVE-2025-21732 RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error
Published on: 2025-12-07 01:35:51
Link: View Details
Information published.
CVE-2025-21786 workqueue: Put the pwq after detaching the rescuer from the pool
Published on: 2025-12-07 01:40:16
Link: View Details
Information published.
CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug
Published on: 2025-12-07 01:41:09
Link: View Details
Information published.
CVE-2024-58006 PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()
Published on: 2025-12-07 01:39:18
Link: View Details
Information published.
CVE-2024-57872 scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()
Published on: 2025-12-07 01:36:36
Link: View Details
Information published.
CVE-2024-56775 drm/amd/display: Fix handling of plane refcount
Published on: 2025-12-07 01:35:54
Link: View Details
Information published.
CVE-2024-57875 block: RCU protect disk->conv_zones_bitmap
Published on: 2025-12-07 01:50:38
Link: View Details
Information published.
CVE-2024-41932 sched: fix warning in sched_setaffinity
Published on: 2025-12-07 01:35:30
Link: View Details
Information published.
CVE-2024-57804 scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
Published on: 2025-12-07 01:36:31
Link: View Details
Information published.
CVE-2024-57898 wifi: cfg80211: clear link ID from bitmap during link delete after clean up
Published on: 2025-12-07 01:37:34
Link: View Details
Information published.
CVE-2025-21635 rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
Published on: 2025-12-07 01:38:29
Link: View Details
Information published.
CVE-2025-21682 eth: bnxt: always recalculate features after XDP clearing, fix null-deref
Published on: 2025-12-07 01:37:55
Link: View Details
Information published.
CVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDL
Published on: 2025-12-07 01:47:41
Link: View Details
Information published.
CVE-2024-56782 ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
Published on: 2025-12-07 01:36:04
Link: View Details
Information published.
CVE-2024-47794 bpf: Prevent tailcall infinite loop caused by freplace
Published on: 2025-12-07 01:37:55
Link: View Details
Information published.
CVE-2024-57857 RDMA/siw: Remove direct link to net_device
Published on: 2025-12-07 01:40:47
Link: View Details
Information published.
CVE-2024-53050 drm/i915/hdcp: Add encoder check in hdcp2_get_capability
Published on: 2025-12-07 01:49:35
Link: View Details
Information published.
CVE-2024-53090 afs: Fix lock recursion
Published on: 2025-12-07 01:50:55
Link: View Details
Information published.
CVE-2024-53089 LoongArch: KVM: Mark hrtimer to expire in hard interrupt context
Published on: 2025-12-07 01:51:02
Link: View Details
Information published.
CVE-2024-50177 drm/amd/display: fix a UBSAN warning in DML2.1
Published on: 2025-12-07 01:49:48
Link: View Details
Information published.
CVE-2024-50277 dm: fix a crash if blk_alloc_disk fails
Published on: 2025-12-07 01:49:02
Link: View Details
Information published.
CVE-2024-50217 btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()
Published on: 2025-12-07 01:47:52
Link: View Details
Information published.
CVE-2024-35808 md/dm-raid: don't call md_reap_sync_thread() directly
Published on: 2025-12-07 01:40:30
Link: View Details
Information published.
CVE-2024-35931 drm/amdgpu: Skip do PCI error slot reset during RAS recovery
Published on: 2025-12-07 01:49:28
Link: View Details
Information published.
CVE-2024-36024 drm/amd/display: Disable idle reallow as part of command/gpint execution
Published on: 2025-12-07 01:39:59
Link: View Details
Information published.
CVE-2024-35794 dm-raid: really frozen sync_thread during suspend
Published on: 2025-12-07 01:36:12
Link: View Details
Information published.
CVE-2025-37907 accel/ivpu: Fix locking order in ivpu_job_submit
Published on: 2025-12-07 01:40:09
Link: View Details
Information published.
CVE-2025-37942 HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX
Published on: 2025-12-07 01:46:28
Link: View Details
Information published.
CVE-2025-37834 mm/vmscan: don't try to reclaim hwpoison folio
Published on: 2025-12-07 01:48:15
Link: View Details
Information published.
CVE-2025-37870 drm/amd/display: prevent hang on link training fail
Published on: 2025-12-07 01:48:23
Link: View Details
Information published.
CVE-2025-37920 xsk: Fix race condition in AF_XDP generic RX path
Published on: 2025-12-07 01:49:11
Link: View Details
Information published.
CVE-2025-37877 iommu: Clear iommu-dma ops on cleanup
Published on: 2025-12-07 01:50:02
Link: View Details
Information published.
CVE-2025-37826 scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
Published on: 2025-12-07 01:50:12
Link: View Details
Information published.
CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()
Published on: 2025-12-07 01:36:52
Link: View Details
Information published.
CVE-2025-37856 btrfs: harden block_group::bg_list against list_del() races
Published on: 2025-12-07 01:38:37
Link: View Details
Information published.
CVE-2025-37882 usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
Published on: 2025-12-07 01:38:47
Link: View Details
Information published.
CVE-2025-37822 riscv: uprobes: Add missing fence.i after building the XOL buffer
Published on: 2025-12-07 01:38:57
Link: View Details
Information published.
CVE-2025-37945 net: phy: allow MDIO bus PM ops to start/stop state machine for phylink-controlled PHY
Published on: 2025-12-07 01:36:32
Link: View Details
Information published.
CVE-2025-37861 scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
Published on: 2025-12-07 01:45:47
Link: View Details
Information published.
CVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmap
Published on: 2025-12-07 01:38:16
Link: View Details
Information published.
CVE-2025-37747 perf: Fix hang while freeing sigtrap event
Published on: 2025-12-07 01:46:46
Link: View Details
Information published.
CVE-2025-37750 smb: client: fix UAF in decryption with multichannel
Published on: 2025-12-07 01:46:55
Link: View Details
Information published.
CVE-2023-52586 drm/msm/dpu: Add mutex lock in control vblank irq
Published on: 2025-12-07 01:38:16
Link: View Details
Information published.
CVE-2023-52624 drm/amd/display: Wake DMCUB before executing GPINT commands
Published on: 2025-12-07 01:39:54
Link: View Details
Information published.
CVE-2024-26672 drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()'
Published on: 2025-12-07 01:42:42
Link: View Details
Information published.
CVE-2024-26757 md: Don't ignore read-only array in md_check_recovery()
Published on: 2025-12-07 01:42:17
Link: View Details
Information published.
CVE-2024-26758 md: Don't ignore suspended array in md_check_recovery()
Published on: 2025-12-07 01:42:06
Link: View Details
Information published.
CVE-2024-26756 md: Don't register sync_thread for reshape directly
Published on: 2025-12-07 01:40:05
Link: View Details
Information published.
CVE-2024-26914 drm/amd/display: fix incorrect mpc_combine array size
Published on: 2025-12-07 01:39:49
Link: View Details
Information published.
CVE-2024-24856 NULL pointer deference in acpi_db_convert_to_package of Linux acpi module
Published on: 2025-12-07 01:37:44
Link: View Details
Information published.
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers
Published on: 2025-12-07 01:50:25
Link: View Details
Information published.
CVE-2025-39779 btrfs: subpage: keep TOWRITE tag until folio is cleaned
Published on: 2025-12-07 01:50:33
Link: View Details
Information published.
CVE-2025-39754 mm/smaps: fix race between smaps_hugetlb_range and migration
Published on: 2025-12-07 01:50:42
Link: View Details
Information published.
CVE-2025-39762 drm/amd/display: add null check
Published on: 2025-12-07 01:50:49
Link: View Details
Information published.
CVE-2025-39746 wifi: ath10k: shutdown driver when hardware is unreliable
Published on: 2025-12-07 01:50:56
Link: View Details
Information published.
CVE-2025-39747 drm/msm: Add error handling for krealloc in metadata setup
Published on: 2025-12-07 01:51:03
Link: View Details
Information published.
CVE-2025-39789 crypto: x86/aegis - Add missing error checks
Published on: 2025-12-07 01:51:10
Link: View Details
Information published.
CVE-2025-39748 bpf: Forget ranges when refining tnum after JSET
Published on: 2025-12-07 01:51:17
Link: View Details
Information published.
CVE-2025-39805 net: macb: fix unregister_netdev call order in macb_remove()
Published on: 2025-12-07 01:51:25
Link: View Details
Information published.
CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer
Published on: 2025-12-07 01:51:31
Link: View Details
Information published.
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2025-12-07 01:35:29
Link: View Details
Information published.
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2025-12-07 01:35:40
Link: View Details
Information published.
CVE-2025-58354 Kata Containers coco-tdx malicious host can circumvent initdata verification
Published on: 2025-12-07 01:35:50
Link: View Details
Information published.
CVE-2025-55551 An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.
Published on: 2025-12-07 01:37:15
Link: View Details
Information published.
CVE-2025-55552 pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
Published on: 2025-12-07 01:37:33
Link: View Details
Information published.
CVE-2025-38705 drm/amd/pm: fix null pointer access
Published on: 2025-12-07 01:49:24
Link: View Details
Information published.
CVE-2025-38722 habanalabs: fix UAF in export_dmabuf()
Published on: 2025-12-07 01:49:31
Link: View Details
Information published.
CVE-2025-38717 net: kcm: Fix race condition in kcm_unattach()
Published on: 2025-12-07 01:49:40
Link: View Details
Information published.
CVE-2025-38704 rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access
Published on: 2025-12-07 01:49:49
Link: View Details
Information published.
CVE-2025-39705 drm/amd/display: fix a Null pointer dereference vulnerability
Published on: 2025-12-07 01:49:57
Link: View Details
Information published.
CVE-2025-39677 net/sched: Fix backlog accounting in qdisc_dequeue_internal
Published on: 2025-12-07 01:50:08
Link: View Details
Information published.
CVE-2025-39707 drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Published on: 2025-12-07 01:50:17
Link: View Details
Information published.
CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown
Published on: 2025-12-07 01:51:36
Link: View Details
Information published.
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2025-12-07 01:51:42
Link: View Details
Information published.
CVE-2025-39862 wifi: mt76: mt7915: fix list corruption after hardware restart
Published on: 2025-12-07 01:51:48
Link: View Details
Information published.
CVE-2025-10911 Libxslt: use-after-free with key data stored cross-rvt
Published on: 2025-12-07 01:36:04
Link: View Details
Information published.
CVE-2025-46152 In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument.
Published on: 2025-12-07 01:36:18
Link: View Details
Information published.
CVE-2025-55560 An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.
Published on: 2025-12-07 01:36:29
Link: View Details
Information published.
CVE-2025-55554 pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
Published on: 2025-12-07 01:37:47
Link: View Details
Information published.
CVE-2025-10966 missing SFTP host verification with wolfSSH
Published on: 2025-12-06 14:39:15
Link: View Details
Information published.
CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes
Published on: 2025-12-06 14:39:42
Link: View Details
Information published.
CVE-2025-64434 KubeVirt Improper TLS Certificate Management Handling Allows API Identity Spoofing
Published on: 2025-12-06 14:39:32
Link: View Details
Information published.
CVE-2025-64433 KubeVirt Arbitrary Container File Read
Published on: 2025-12-06 14:39:27
Link: View Details
Information published.
CVE-2025-64435 KubeVirt VMI Denial-of-Service (DoS) Using Pod Impersonation
Published on: 2025-12-06 14:39:37
Link: View Details
Information published.
CVE-2025-64437 KubeVirt Isolation Detection Flaw Allows Arbitrary File Permission Changes
Published on: 2025-12-06 14:39:47
Link: View Details
Information published.
CVE-2025-10158 Rsync: Out of bounds array access via negative index
Published on: 2025-12-06 14:40:37
Link: View Details
Information published.
CVE-2025-64432 KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer
Published on: 2025-12-06 14:39:21
Link: View Details
Information published.
CVE-2024-47866 RGW DoS attack with empty HTTP header in S3 object copy
Published on: 2025-12-06 14:39:56
Link: View Details
Information published.
CVE-2025-12817 PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege
Published on: 2025-12-06 14:40:04
Link: View Details
Information published.
CVE-2025-11230 Denial of service vulnerability in HAProxy mjson library
Published on: 2025-12-06 14:40:11
Link: View Details
Information published.
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published on: 2025-12-06 14:40:25
Link: View Details
Information published.
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published on: 2025-12-06 14:40:30
Link: View Details
Information published.
CVE-2025-2486 UEFI Shell accessible in AAVMF with Secure Boot enabled on Ubuntu
Published on: 2025-12-06 14:40:42
Link: View Details
Information published.
CVE-2021-23445 Cross-site Scripting (XSS)
Published on: 2025-12-06 14:37:24
Link: View Details
Information published.
CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
Published on: 2025-12-06 01:04:01
Link: View Details
Information published.
CVE-2025-13836 Excessive read buffering DoS in http.client
Published on: 2025-12-06 14:40:57
Link: View Details
Information published.
CVE-2025-13837 Out-of-memory when loading Plist
Published on: 2025-12-06 14:41:02
Link: View Details
Information published.
CVE-2025-40262 Input: imx_sc_key - fix memory corruption on unload
Published on: 2025-12-06 01:01:49
Link: View Details
Information published.
CVE-2025-40242 gfs2: Fix unlikely race in gdlm_put_lock
Published on: 2025-12-06 01:02:00
Link: View Details
Information published.
CVE-2025-40240 sctp: avoid NULL dereference when chunk data buffer is missing
Published on: 2025-12-06 01:02:10
Link: View Details
Information published.
CVE-2025-40245 nios2: ensure that memblock.current_limit is set when setting pfn limits
Published on: 2025-12-06 01:02:16
Link: View Details
Information published.
CVE-2025-40258 mptcp: fix race condition in mptcp_schedule_work()
Published on: 2025-12-06 01:02:21
Link: View Details
Information published.
CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields
Published on: 2025-12-06 01:02:27
Link: View Details
Information published.
CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()
Published on: 2025-12-06 01:02:43
Link: View Details
Information published.
CVE-2025-40223 most: usb: Fix use-after-free in hdm_disconnect
Published on: 2025-12-06 01:02:54
Link: View Details
Information published.
CVE-2025-40264 be2net: pass wrb_params in case of OS2BMC
Published on: 2025-12-06 01:03:05
Link: View Details
Information published.
CVE-2025-40233 ocfs2: clear extent cache after moving/defragmenting extents
Published on: 2025-12-06 01:03:16
Link: View Details
Information published.
CVE-2025-40247 drm/msm: Fix pgtable prealloc error path
Published on: 2025-12-06 01:03:21
Link: View Details
Information published.
CVE-2025-40250 net/mlx5: Clean up only new IRQ glue on request_irq() failure
Published on: 2025-12-06 01:03:26
Link: View Details
Information published.
CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy
Published on: 2025-12-06 01:03:32
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-06 14:41:10
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-06 14:41:26
Link: View Details
Information published.
CVE-2025-40217 pidfs: validate extensible ioctls
Published on: 2025-12-06 01:38:05
Link: View Details
Information published.
CVE-2025-12385 Improper validation of <img> tag size in Text component parser
Published on: 2025-12-06 01:01:43
Link: View Details
Information published.
CVE-2025-40261 nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl()
Published on: 2025-12-06 01:01:54
Link: View Details
Information published.
CVE-2025-40257 mptcp: fix a race in mptcp_pm_del_add_timer()
Published on: 2025-12-06 01:02:05
Link: View Details
Information published.
CVE-2025-40259 scsi: sg: Do not sleep in atomic context
Published on: 2025-12-06 01:02:32
Link: View Details
Information published.
CVE-2025-40244 hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent()
Published on: 2025-12-06 01:02:37
Link: View Details
Information published.
CVE-2025-40248 vsock: Ignore signal/timeout on connect() if already established
Published on: 2025-12-06 01:02:48
Link: View Details
Information published.
CVE-2025-40243 hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits()
Published on: 2025-12-06 01:02:59
Link: View Details
Information published.
CVE-2025-40253 s390/ctcm: Fix double-kfree
Published on: 2025-12-06 01:03:10
Link: View Details
Information published.
CVE-2025-40266 KVM: arm64: Check the untrusted offset in FF-A memory share
Published on: 2025-12-06 01:03:37
Link: View Details
Information published.
CVE-2025-40263 Input: cros_ec_keyb - fix an invalid memory access
Published on: 2025-12-06 01:03:43
Link: View Details
Information published.
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2025-12-06 01:03:51
Link: View Details
Information published.
CVE-2025-12084 Quadratic complexity in node ID cache clearing
Published on: 2025-12-06 01:04:08
Link: View Details
Information published.
CVE-2025-5918 Libarchive: reading past eof may be triggered for piped file streams
Published on: 2025-12-06 14:36:36
Link: View Details
Information published.
CVE-2025-5917 Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c
Published on: 2025-12-06 14:36:30
Link: View Details
Information published.
CVE-2025-5916 Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c
Published on: 2025-12-06 14:36:42
Link: View Details
Information published.
CVE-2025-4435 Tarfile extracts filtered members when errorlevel=0
Published on: 2025-12-06 14:36:23
Link: View Details
Information published.
CVE-2022-4304 Timing Oracle in RSA Decryption
Published on: 2025-12-06 14:35:53
Link: View Details
Information published.
CVE-2025-9288 Missing type checks leading to hash rewind and passing on crafted data
Published on: 2025-12-06 14:37:29
Link: View Details
Information published.
CVE-2025-8961 LibTIFF tiffcrop tiffcrop.c main memory corruption
Published on: 2025-12-06 14:37:18
Link: View Details
Information published.
CVE-2024-38796 Integer overflow in PeCoffLoaderRelocateImage
Published on: 2025-12-06 14:36:03
Link: View Details
Information published.
CVE-2024-8354 Qemu-kvm: usb: assertion failure in usb_ep_get()
Published on: 2025-12-06 14:36:08
Link: View Details
Information published.
CVE-2024-8612 Qemu-kvm: information leak in virtio devices
Published on: 2025-12-06 14:36:18
Link: View Details
Information published.
CVE-2025-11411 Possible domain hijacking via promiscuous records in the authority section
Published on: 2025-12-06 14:38:14
Link: View Details
Information published.
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1
Published on: 2025-12-06 14:38:59
Link: View Details
Information published.
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2025-12-06 14:38:43
Link: View Details
Information published.
CVE-2025-6075 Quadratic complexity in os.path.expandvars() with user-controlled template
Published on: 2025-12-06 14:39:10
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-06 14:38:33
Link: View Details
Information published.
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url
Published on: 2025-12-06 14:38:54
Link: View Details
Information published.
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2025-12-06 14:38:38
Link: View Details
Information published.
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2025-12-06 14:39:04
Link: View Details
Information published.
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem
Published on: 2025-12-06 14:38:49
Link: View Details
Information published.
CVE-2025-11731 Libxslt: type confusion in exsltfuncresultcompfunction of libxslt
Published on: 2025-12-06 14:40:19
Link: View Details
Information published.
CVE-2025-29477 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
Published on: 2025-12-06 14:35:42
Link: View Details
Information published.
CVE-2025-29478 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
Published on: 2025-12-06 14:35:47
Link: View Details
Information published.
CVE-2022-24736 A Malformed Lua script can crash Redis
Published on: 2025-12-06 14:40:52
Link: View Details
Information published.
CVE-2022-24735 Lua scripts can be manipulated to overcome ACL rules in Redis
Published on: 2025-12-06 14:40:47
Link: View Details
Information published.
CVE-2025-8114 : null pointer dereference in libssh kex session id calculation
Published on: 2025-12-06 14:37:11
Link: View Details
Information published.
CVE-2025-7425 Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
Published on: 2025-12-06 14:36:53
Link: View Details
Information published.
CVE-2025-7424 Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
Published on: 2025-12-06 14:36:58
Link: View Details
Information published.
CVE-2025-51480 Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.
Published on: 2025-12-06 14:37:04
Link: View Details
Information published.
CVE-2024-6485 XSS in Bootstrap button component
Published on: 2025-12-06 14:41:16
Link: View Details
Information published.
CVE-2023-45229 Out-of-Bounds Read in EDK II Network Package
Published on: 2025-12-06 14:36:13
Link: View Details
Information published.
CVE-2023-45231 Out-of-Bounds Read in EDK II Network Package
Published on: 2025-12-06 14:35:58
Link: View Details
Information published.
CVE-2024-45336 Sensitive headers incorrectly sent after cross-domain redirect in net/http
Published on: 2025-12-06 14:35:10
Link: View Details
Information published.
CVE-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509
Published on: 2025-12-06 14:35:04
Link: View Details
Information published.
CVE-2025-1151 GNU Binutils ld xmemdup.c xmemdup memory leak
Published on: 2025-12-06 14:35:22
Link: View Details
Information published.
CVE-2025-1149 GNU Binutils ld xmalloc.c xstrdup memory leak
Published on: 2025-12-06 14:35:27
Link: View Details
Information published.
CVE-2025-1152 GNU Binutils ld xstrdup.c xstrdup memory leak
Published on: 2025-12-06 14:35:16
Link: View Details
Information published.
CVE-2025-9086 Out of bounds read for cookie path
Published on: 2025-12-06 14:37:40
Link: View Details
Information published.
CVE-2025-55551 An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.
Published on: 2025-12-06 14:37:56
Link: View Details
Information published.
CVE-2025-55552 pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
Published on: 2025-12-06 14:38:02
Link: View Details
Information published.
CVE-2022-50303 drm/amdkfd: Fix double release compute pasid
Published on: 2025-12-06 01:01:22
Link: View Details
Information published.
CVE-2023-53231 erofs: Fix detection of atomic context
Published on: 2025-12-06 01:01:38
Link: View Details
Information published.
CVE-2025-8277 Libssh: memory exhaustion via repeated key exchange in libssh
Published on: 2025-12-06 14:37:35
Link: View Details
Information published.
CVE-2025-10911 Libxslt: use-after-free with key data stored cross-rvt
Published on: 2025-12-06 14:37:45
Link: View Details
Information published.
CVE-2025-55560 An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor.
Published on: 2025-12-06 14:37:51
Link: View Details
Information published.
CVE-2025-55554 pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
Published on: 2025-12-06 14:38:07
Link: View Details
Information published.
CVE-2022-50304 mtd: core: fix possible resource leak in init_mtd()
Published on: 2025-12-06 01:01:27
Link: View Details
Information published.
CVE-2023-53209 wifi: mac80211_hwsim: Fix possible NULL dereference
Published on: 2025-12-06 01:01:33
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-06 01:03:56
Link: View Details
Information published.
CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
Published on: 2025-12-05 01:02:46
Link: View Details
Information published.
CVE-2025-13836 Excessive read buffering DoS in http.client
Published on: 2025-12-05 01:03:07
Link: View Details
Information published.
CVE-2025-13837 Out-of-memory when loading Plist
Published on: 2025-12-05 01:03:18
Link: View Details
Information published.
CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
Published on: 2025-12-05 01:03:28
Link: View Details
Information published.
CVE-2025-40215 xfrm: delete x->tunnel as we delete x
Published on: 2025-12-05 14:35:43
Link: View Details
Information published.
CVE-2025-40218 mm/damon/vaddr: do not repeat pte_offset_map_lock() until success
Published on: 2025-12-05 01:03:38
Link: View Details
Information published.
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Published on: 2025-12-05 01:01:55
Link: View Details
Information published.
CVE-2025-66293 LIBPNG has an out-of-bounds read in png_image_read_composite
Published on: 2025-12-05 01:02:40
Link: View Details
Information published.
CVE-2025-40217 pidfs: validate extensible ioctls
Published on: 2025-12-05 01:03:44
Link: View Details
Information published.
CVE-2025-40220 fuse: fix livelock in synchronous file put from fuseblk workers
Published on: 2025-12-05 14:35:48
Link: View Details
Information published.
CVE-2025-40219 PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
Published on: 2025-12-05 01:03:55
Link: View Details
Information published.
CVE-2025-34297 KissFFT Integer Overflow Heap Buffer Overflow via kiss_fft_alloc
Published on: 2025-12-05 01:04:22
Link: View Details
Information published.
CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer
Published on: 2025-12-05 01:02:56
Link: View Details
Information published.
CVE-2025-55552 pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
Published on: 2025-12-05 14:35:05
Link: View Details
Information published.
CVE-2023-53218 rxrpc: Make it so that a waiting process can be aborted
Published on: 2025-12-05 01:02:06
Link: View Details
Information published.
CVE-2023-53221 bpf: Fix memleak due to fentry attach failure
Published on: 2025-12-05 01:02:12
Link: View Details
Information published.
CVE-2023-53240 xsk: check IFF_UP earlier in Tx path
Published on: 2025-12-05 01:02:17
Link: View Details
Information published.
CVE-2023-53247 btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
Published on: 2025-12-05 01:02:23
Link: View Details
Information published.
CVE-2025-38709 loop: Avoid updating block size under exclusive owner
Published on: 2025-12-05 01:02:51
Link: View Details
Information published.
CVE-2022-50316 orangefs: Fix kmemleak in orangefs_sysfs_init()
Published on: 2025-12-05 01:02:00
Link: View Details
Information published.
CVE-2023-53248 drm/amdgpu: install stub fence into potential unused fence pointers
Published on: 2025-12-05 01:02:29
Link: View Details
Information published.
CVE-2023-53254 cacheinfo: Fix shared_cpu_map to handle shared caches at different levels
Published on: 2025-12-05 01:02:34
Link: View Details
Information published.
CVE-2025-12970 CVE-2025-12970
Published on: 2025-12-05 01:36:55
Link: View Details
Information published.
CVE-2025-11731 Libxslt: type confusion in exsltfuncresultcompfunction of libxslt
Published on: 2025-12-05 01:36:30
Link: View Details
Information published.
CVE-2025-55552 pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
Published on: 2025-12-05 01:35:57
Link: View Details
Information published.
CVE-2025-12977 CVE-2025-12977
Published on: 2025-12-04 14:35:42
Link: View Details
Information published.
CVE-2025-66030 node-forge ASN.1 OID Integer Truncation
Published on: 2025-12-04 14:35:55
Link: View Details
Information published.
CVE-2025-12969 CVE-2025-12969
Published on: 2025-12-04 14:35:35
Link: View Details
Information published.
CVE-2025-12816 CVE-2025-12816
Published on: 2025-12-04 14:35:48
Link: View Details
Information published.
CVE-2025-66031 node-forge ASN.1 Unbounded Recursion
Published on: 2025-12-04 14:36:01
Link: View Details
Information published.
CVE-2025-39829 trace/fgraph: Fix the warning caused by missing unregister notifier
Published on: 2025-12-04 01:01:45
Link: View Details
Information published.
CVE-2022-50266 kprobes: Fix check for probe enabled in kill_kprobe()
Published on: 2025-12-04 01:01:24
Link: View Details
Information published.
CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown
Published on: 2025-12-04 01:01:40
Link: View Details
Information published.
CVE-2023-53261 coresight: Fix memory leak in acpi_buffer->pointer
Published on: 2025-12-04 01:01:30
Link: View Details
Information published.
CVE-2023-53292 blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none
Published on: 2025-12-04 01:01:35
Link: View Details
Information published.
CVE-2025-12888 Constant Time Issue with Xtensa-based ESP32 and X22519
Published on: 2025-12-03 01:36:46
Link: View Details
Information published.
CVE-2025-11931 Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt
Published on: 2025-12-03 01:36:58
Link: View Details
Information published.
CVE-2025-11932 Timing Side-Channel in PSK Binder Verification
Published on: 2025-12-03 01:37:14
Link: View Details
Information published.
CVE-2025-58436 OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack
Published on: 2025-12-03 01:01:31
Link: View Details
Information published.
CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write
Published on: 2025-12-03 01:01:36
Link: View Details
Information published.
CVE-2025-11936 Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello
Published on: 2025-12-03 01:36:51
Link: View Details
Information published.
CVE-2025-12889 TLS 1.2 Client Can Downgrade Digest Used
Published on: 2025-12-03 01:37:06
Link: View Details
Information published.
CVE-2025-64505 LIBPNG is vulnerable to a heap buffer overflow in `png_do_quantize` via malformed palette index
Published on: 2025-12-03 01:38:21
Link: View Details
Information published.
CVE-2025-64506 LIBPNG is vulnerable to a heap buffer over-read in `png_write_image_8bit` with grayscale+alpha or RGB/RGBA images
Published on: 2025-12-03 01:38:33
Link: View Details
Information published.
CVE-2025-66221 Werkzeug safe_join() allows Windows special device names
Published on: 2025-12-03 01:01:52
Link: View Details
Information published.
CVE-2025-12638 Path Traversal Vulnerability in keras-team/keras via Tar Archive Extraction in keras.utils.get_file()
Published on: 2025-12-03 01:02:14
Link: View Details
Information published.
CVE-2025-38659 gfs2: No more self recovery
Published on: 2025-12-03 01:38:39
Link: View Details
Information published.
CVE-2025-38626 f2fs: fix to trigger foreground gc during f2fs_map_blocks() in lfs mode
Published on: 2025-12-03 01:38:53
Link: View Details
Information published.
CVE-2025-38643 wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()
Published on: 2025-12-03 01:02:08
Link: View Details
Information published.
CVE-2025-38615 fs/ntfs3: cancle set bad inode after removing name fails
Published on: 2025-12-03 01:38:48
Link: View Details
Information published.
CVE-2025-38597 drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port
Published on: 2025-12-03 01:38:43
Link: View Details
Information published.
CVE-2025-11494 GNU Binutils Linker elfxx-x86.c _bfd_x86_elf_late_size_sections out-of-bounds
Published on: 2025-12-03 01:39:19
Link: View Details
Information published.
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2025-12-03 01:36:14
Link: View Details
Information published.
CVE-2022-24736 A Malformed Lua script can crash Redis
Published on: 2025-12-03 01:01:25
Link: View Details
Information published.
CVE-2022-24735 Lua scripts can be manipulated to overcome ACL rules in Redis
Published on: 2025-12-03 01:01:20
Link: View Details
Information published.
CVE-2025-64660 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability
Published on: 2025-11-25 08:00:00
Link: View Details
The following revisions have been made: 1) In the Security Updates table, corrected the impact entries to Remote Code Execution. 2) The CVSS scores have been updated. These are informational changes only. Customers who have successfully installed the update do not need to take any further action.
CVE-2025-59252 M365 Copilot Spoofing Vulnerability
Published on: 2025-11-21 08:00:00
Link: View Details
Updated information to include CVSS scores. This is an informational change only.
CVE-2025-59272 Copilot Spoofing Vulnerability
Published on: 2025-11-21 08:00:00
Link: View Details
Updated information to include CVSS scores. This is an informational change only.
CVE-2025-59286 Copilot Spoofing Vulnerability
Published on: 2025-11-21 08:00:00
Link: View Details
Updated information to include CVSS scores. This is an informational change only.
CVE-2025-49752 Azure Bastion Elevation of Privilege Vulnerability
Published on: 2025-11-21 08:00:00
Link: View Details
Updated acknowledgment.
CVE-2025-54114 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
Published on: 2025-11-21 08:00:00
Link: View Details
Updated Security Impact values. This is an informational change only.
