11465 matches found
PT-2025-46871
Name of the Vulnerable Software and Affected Versions Mattermost versions 10.5.0 through 10.5.11 Mattermost versions 10.11.0 through 10.11.3 Description The software does not properly validate team membership permissions in the Add Channel Member API. This allows users from one team to access use...
CVE-2025-60645
A Cross-Site Request Forgery CSRF in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request...
EUVD-2025-124951
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
CVE-2025-40132
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
UBUNTU-CVE-2025-40132
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
UBUNTU-CVE-2025-40145
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...
CVE-2025-40145 PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...
CVE-2025-40145 PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...
CVE-2025-40132 ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
CVE-2025-40132
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
CVE-2025-40132
CVE-2025-40132 (Linux kernel, ASoC Intel sof_sdw) : The issue arises in create_sdw_dailink() when calling add_sidecar callbacks on links that may contain codecs without an add_sidecar callback. The patch adds a NULL check for sof_end->codec_info->add_sidecar before invocation to prevent der...
CVE-2025-40132 ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The original code assumed that if includesidecar is true, the codec on that...
CVE-2025-11999
The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990794)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990794 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'addwidgetnode' As 'kobjectadd' may allocated memory for...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check if the addsidecar callback is null, which could result in a null pointer dereference...
Linux Distros Unpatched Vulnerability : CVE-2025-40132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990815)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990815 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix null pointer dereference in ftraceaddmod The @ftracemod is allocated by kzalloc, so...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990804)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990804 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportportadd Port is allocated by...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990746)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990746 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatportadd In atatportadd, the return value of...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990797 advisory. In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in atatlinkadd In atatlinkadd, the return value of...