CVE-2026-21657

Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...

CVE-2026-21657

creationtimestamp| type| source ---|---|--- 2026-02-26 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-057-01 2026-02-27 13:23:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mftsmjduzd2x 2026-02-27 13:36:14+00:00| seen|...

CVE-2025-21657

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

CVE-2025-21657

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

CVE-2025-21657 sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

CVE-2025-21657 sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

CVE-2025-21657

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

CVE-2025-21657

CVE-2025-21657 relates to the Linux kernel sched_ext component. The root cause was that scx_ops_bypass() re-enqueued scx tasks across CPUs by acquiring rq_lock() for online CPUs regardless of CPU state, which could trigger a spurious rq_pin_lock() warning. The fix replaces rq_lock() with raw_spin...

CVE-2025-21657

In the Linux kernel, the following vulnerability has been resolved: schedext: Replace rqlock to rawspinrqlock in scxopsbypass scxopsbypass iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rqlock regardless of whether a CPU is offline or the CPU is currentl...

CVE-2023-21657

Memoru corruption in Audio when ADSP sends input during record use case...

CVE-2023-21657

CVE-2023-21657 describes memory corruption in Qualcomm Audio when the ADSP receives input during a recording use case. Affected component: Qualcomm audio stack (Audio/ADSP). Root cause: memory corruption in the audio path during input handling in record mode. Impact: high across confidentiality, ...

CVE-2023-21657 Improper Input Validation in Audio

Memoru corruption in Audio when ADSP sends input during record use case...

CVE-2023-21657 Improper Input Validation in Audio

Memoru corruption in Audio when ADSP sends input during record use case...

CVE-2022-21657

creationtimestamp| type| source ---|---|--- 2022-02-23 02:13:01+00:00| seen| https://t.me/cibsecurity/37917...

CVE-2022-21657

Envoy CVE-2022-21657: In affected Envoy versions, certificate validation does not restrict peer certificates to those with the correct extendedKeyUsage (serverAuth/clientAuth); an e-mail or other non-authorized EKU certificate may be accepted for TLS, potentially allowing upstream certificates to...

CVE-2022-21657 X.509 Extended Key Usage and Trust Purposes bypass in Envoy

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage...

CVE-2022-21657 X.509 Extended Key Usage and Trust Purposes bypass in Envoy

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage...

CVE-2021-21657

Jenkins Filesystem Trigger Plugin 0.40 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2021-21657

CVE-2021-21657 affects Jenkins Filesystem Trigger Plugin up to version 0.40. The root cause is that the plugin’s XML parser does not disable external entity resolution, enabling XXE attacks. Impact statements from multiple sources describe potential extraction of secrets from the Jenkins controll...

Adobe Acrobat/Reader Heap Overflow Vulnerability (CNVD-2019-21657)

Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat is a PDF editing software developed by Adobe. Adobe Acrobat/Reader heap overflow vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...