CVE-2025-61811

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. A high privileged attacker could leverage this vulnerability to bypass security measures and execute...

CVE-2025-61810

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. A high privileged attacker could exploit this vulnerability by providing maliciously crafted...

PT-2025-50500

Name of the Vulnerable Software and Affected Versions Meatmeet affected versions not specified Description The firmware on the Meatmeet basestation is not encrypted. An attacker with physical access can retrieve the firmware dump via UART, potentially discovering credentials for current and...

Vim < 9.1.1947 RCE

The version of Vim installed on the remote host is prior to 9.1.1947. It is, therefore, affected by a vulnerability as referenced in the GHSA-g77q-xrww-p834 advisory. - Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables plac...

CVE-2025-61811

CVE-2025-61811 affects Adobe ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier, due to Improper Access Control that could allow arbitrary code execution in the context of the current user. Exploitation reportedly requires no user interaction and has a changed scope. Adobe advisory APSB25-1...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-140.6.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

EUVD-2023-60166

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

DEBIAN-CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

UBUNTU-CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

CVE-2023-53830

The CVE-2023-53830 issue affects the Linux kernel in the x86 Think-LMI support (platform/x86/think-lmi). When retrieving a tlmi_setting item string, the result must be freed with kfree(); however, current_value_show() can leak memory because malformed item strings aren’t freed due to an early ret...

CVE-2023-53830 platform/x86: think-lmi: Fix memory leak when showing current settings

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

CVE-2023-53830 platform/x86: think-lmi: Fix memory leak when showing current settings

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

RARLAB WinRAR Path Traversal Vulnerability

RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user...

APSB25-120 : Security update available for Adobe Creative Cloud Desktop

Adobe has released an update for the Creative Cloud Desktop for macOS. This update includes a fix for an important vulnerability that could lead to application denial-of-service in the context of the current user...

PT-2025-49721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel related to the think-lmi module when displaying current settings. Specifically, when retrieving an item string using the tlmi setting function, t...

CVE-2023-53756

Summary of CVE-2023-53756 (CVE-2023-53756) : The issue is in KVM with Intel VMX where MSR bitmap updates could use a per-CPU current_vmcs that may be uninitialized, allowing a NULL-dereference and potential crash on nested Hyper-V configurations. The root cause is the check for current_vmcs in ev...

CVE-2023-53756 KVM: VMX: Fix crash due to uninitialized current_vmcs

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

CVE-2023-53756

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

CVE-2022-50626 media: dvb-usb: fix memory leak in dvb_usb_adapter_init()

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...