Lucene search
K

10467 matches found

OSV
OSV
added 2025/12/30 12:15 p.m.5 views

CVE-2022-50870 powerpc/rtas: avoid device tree lookups in rtas_os_term()

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its behavior depends on a couple of conditions in the /rtas node of the device tree, the traversal of which entails locking and local IRQ...

6.1AI score0.00177EPSS
Exploits0References11
CVE
CVE
added 2025/12/30 12:15 p.m.15 views

CVE-2022-50870

CVE-2022-50870: In the Linux kernel (powerpc RTAS), rtas_os_term() could hang during panic due to risky device-tree traversal when devtree_lock is held. The fix caches relevant RTAS/DT characteristics at boot and changes the ibm,extended-os-term lookup to a boolean property via of_property_read_b...

5.8AI score0.00177EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992319)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992319 advisory. In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix usecount leakage when handling boot-on I found a usecount leakage towards...

5.5CVSS6.4AI score0.00147EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2025/12/30 12:0 a.m.7 views

This Year in Spring – December 30th, 2025

Hi, Spring fans! Can you believe it? It's already the 30th of December! I celebrated Christmas with my family in Los Angeles, then we jumped on a flight headed for Southeast Asia to ring in the New Year with more friends and family. I'm sitting at a café in the sweltering city of Kuala Lumpur,...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.5 views

PT-2025-54085

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: don't reset device side if dwc3 was configured as host-only Commit c4a5153e87fd "usb: dwc3: core: Power-off core/PHYs on system suspend in host mode" replaces check for HOST only dr mode with current dr role. But durin...

6.4AI score
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.8 views

PT-2025-53967

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.67-10882-ge4eb2eb988cd 1 baa443fb8e8477896a370b31a821eb2009f9bfba Description An issue exists in the Linux kernel's pstore component. Specifically, running 'cat /proc/kcore /dev/null' on devices utilizing...

7.8CVSS7.2AI score0.00465EPSS
Exploits2References899
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.10 views

PT-2025-53988

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s powerpc/rtas component where the rtas os term function, called during kernel panic, could potentially hang the system if devtree lock is held. This...

7.8CVSS6.9AI score0.00465EPSS
Exploits2References898
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.6 views

PT-2025-53965

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM subsystem related to the it6505 driver. Specifically, the HPD interrupt could be triggered before the it6505 device was fully registered as a DRM...

7.8CVSS7AI score0.00465EPSS
Exploits2References842
EUVD
EUVD
added 2025/12/28 6:31 a.m.3 views

EUVD-2025-205493

A flaw has been found in JeecgBoot up to 3.9.0. Impacted is the function getDeptRoleList of the file /sys/sysDepartRole/getDeptRoleList. This manipulation of the argument departId causes improper authorization. The attack is possible to be carried out remotely. A high degree of complexity is need...

3.1CVSS5.8AI score0.0028EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/12/28 3:32 a.m.24 views

CVE-2025-15119 JeecgBoot list queryPageList improper authorization

A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this...

3.1CVSS0.00237EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/12/26 12:0 a.m.4 views

Delight Custom Firmware 安全漏洞

Delight Custom Firmware is an unofficial custom firmware from Delight open source. A security vulnerability exists in Delight Custom Firmware, which originated from allowing the injection of boot scripts via a specially crafted .txt file, affecting several Nokia Symbian Belle devices...

5.1CVSS7AI score0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/25 7:32 p.m.23 views

CVE-2025-15085 youlaitech youlai-mall Balance MemberController.java deductBalance improper authorization

A security flaw has been discovered in youlaitech youlai-mall 1.0.0/2.0.0. This affects the function deductBalance of the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController.java of the component Balance Handler. The manipulation results in improper...

5.3CVSS0.00259EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/12/25 11:19 a.m.4 views

CVE-2023-53986

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved instructio...

5.8AI score0.00173EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/25 12:58 a.m.4 views

SUSE CVE-2023-53986

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved instructio...

6.4AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:56 a.m.4 views

SUSE CVE-2023-54059

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

6.4AI score0.00198EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/25 12:0 a.m.4 views

youlai-mall 访问控制错误漏洞

youlai-mall is a full-stack mall system by youlaitech open source. An access control error vulnerability exists in youlai-mall version 1.0.0 and 2.0.0, which originates from the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController. The function getMemberByMobil...

5.3CVSS4.9AI score0.00258EPSS
Exploits1References5
EUVD
EUVD
added 2025/12/24 3:30 p.m.3 views

EUVD-2023-60267

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

5.9AI score0.00198EPSS
Exploits0References4
NVD
NVD
added 2025/12/24 1:16 p.m.4 views

CVE-2023-54059

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

0.00198EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.3 views

CVE-2023-54059

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

5.7AI score0.00198EPSS
Exploits0References4
OSV
OSV
added 2025/12/24 1:16 p.m.1 views

UBUNTU-CVE-2023-54059

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: mtk-svs: Enable the IRQ later If the system does not come from reset like when is booted via kexec, the peripheral might triger an IRQ before the data structures are initialised. 0.227710 Unable to handle kernel NU...

5.7AI score0.00198EPSS
Exploits0References5
Rows per page
Query Builder