CVE-2025-15084

CVE-2025-15084 affects youlaitech youlai-mall versions 1.0.0–2.0.0, specifically the Order Payment Handler’s OrderController.payOrder in mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/app/. The root cause is improper access controls in the orderService.payOrder function, enabling ...

SUSE CVE-2025-68745

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...

youlai-mall 访问控制错误漏洞

youlai-mall is a full-stack mall system by youlaitech open source. youlai-mall version 1.0.0 and 2.0.0 versions of access control error vulnerability , the vulnerability stems from the Order Payment Handler component file mall-oms/oms-boot/src/main/java/com/youlai/mall/oms/controller/ The functio...

Linux Distros Unpatched Vulnerability : CVE-2023-54118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race...

PT-2025-53408

Name of the Vulnerable Software and Affected Versions youlaitech youlai-mall versions 1.0.0 through 2.0.0 Description A security flaw exists in youlaitech youlai-mall. The issue involves improper authorization within the Balance Handler component. Specifically, the deductBalance function, located...

youlai-mall 访问控制错误漏洞

youlai-mall is a full-stack mall system by youlaitech open source. An access control error vulnerability exists in youlai-mall version 1.0.0 and 2.0.0, which originates from the file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/MemberController. The function getMemberByMobil...

youlai-mall 授权问题漏洞

youlai-mall is a full-stack mall system by youlaitech open source. Authorization issue vulnerability exists in youlai-mall version 1.0.0 and 2.0.0, which stems from the Balance Handler component file mall-ums/ums-boot/src/main/java/com/youlai/mall/ums/controller/app/ The function deductBalance in...

EUVD-2023-60327

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before th...

UBUNTU-CVE-2023-54118

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before th...

UBUNTU-CVE-2023-54105

In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotpbind Add missing check to block non-AFCAN binds. Syzbot created some code which matched the right sockaddr struct size but used AFXDP 0x2C instead of AFCAN 0x1D in the address family...

CVE-2023-54138 drm/msm: fix NULL-deref on irq uninstall

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

CVE-2023-54138

Technical details for CVE-2023-54138 (drm/msm NULL-deref on irq uninstall) are not provided in the connected documents. Monitor for updates; no product/version/fix information is included here.

CVE-2023-54118

CVE-2023-54118 affects the Linux kernel driver sc16is7xx: the GPIO controller for the serial driver is initialized too early in probe, creating a race where another device could access GPIO lines before initialization completes, leading to an Oops on access (example trace shown). The issue is fix...

CVE-2023-54118 serial: sc16is7xx: setup GPIO controller later in probe

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: setup GPIO controller later in probe The GPIO controller component of the sc16is7xx driver is setup too early, which can result in a race condition where another device tries to utilise the GPIO lines before th...

CVE-2023-54105

The CVE-2023-54105 entry concerns the Linux kernel: a missing check in isotp_bind() for the AF_CAN address family, allowing non-AF_CAN binds to slip through. The root cause described is that Syzbot-generated code matched the sockaddr struct size but supplied AF_XDP (0x2C) instead of AF_CAN (0x1D)...

CVE-2022-50769 mmc: mxcmmc: fix return value check of mmc_add_host()

In the Linux kernel, the following vulnerability has been resolved: mmc: mxcmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...

CVE-2023-53986

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved instructio...

CVE-2023-53986

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved instructio...

UBUNTU-CVE-2023-53986

In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: 3.881739 usb 1-1: new high-speed USB device number 2 using ehci-platform 3.895011 Reserved instructio...

UBUNTU-CVE-2022-50711

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible memory leak in mtkprobe If mtkwedaddhw has been called, mtkwedexit needs be called in error path or removing module to free the memory allocated in mtkwedaddhw...