CVE-2023-53828 Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Avoid use-after-free in dbg for hciaddadvmonitor KSAN reports use-after-free in hciaddadvmonitor. While adding an adv monitor, hciaddadvmonitor calls - msftaddmonitorpattern calls - msftaddmonitorsync calls -...

CVE-2022-50646

In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...

DEBIAN-CVE-2022-50646

In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...

UBUNTU-CVE-2022-50646

In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...

EUVD-2025-201818

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 is vulnerable to creation of temporary files without atomic operations which may expose sensitive information to an authenticated user due to race condition attacks...

EUVD-2025-201834

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 stores unencrypted sensitive information in environmental variables files which can be obtained by an authenticated user...

EUVD-2025-201817

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow a privileged user to bypass validation, passing user input into the application as trusted data, due to client-side enforcement of server-side security...

EUVD-2025-201810

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow an authenticated user to cause a denial of service due to improper validation of a specified quantity size input...

SUSE CVE-2023-53758

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...

SUSE CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

CVE-2022-50646

In the Linux kernel, the following vulnerability has been resolved: scsi: hpsa: Fix possible memory leak in hpsainitone The hpdaallocctlrinfo allocates h and its field replymap. However, in hpsainitone, if allocpercpu failed, the hpsainitone jumps to clean1 directly, which frees h and leaks the...

CVE-2022-50646

CVE-2022-50646 affects the Linux kernel SCSI HPSA path. The vulnerability is due to a memory leak in hpsa_init_one() where, on alloc_percpu() failure, the code frees the allocated structure but leaks h->reply_map. The patch fixes this by calling hpda_free_ctlr_info() to release h->reply_map...

PT-2025-50266

Name of the Vulnerable Software and Affected Versions Tinycontrol LAN Controller v3 LK3 version 1.58a Description The Tinycontrol LAN Controller v3 LK3 version 1.58a has an issue that allows remote attackers to download configuration backup files containing sensitive credentials without...

WordPress plugin Geo Controller 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from drm/msm/dp not removing the aux device at the same time as the DP controller, which could result in the...

Tinycontrol LAN Controller 安全漏洞

Tinycontrol LAN Controller is a building automation controller from Tinycontrol Poland. A security vulnerability exists in Tinycontrol LAN Controller v3 LK3 version 1.58a, which originates from unauthorized access and could lead to credential disclosure...

CVE-2022-50633 usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: qcom: Fix memory leak in dwc3qcominterconnectinit oficcget alloc resources for path handle, we should release it when not need anymore. Like the release in dwc3qcominterconnectexit function. Add iccput in error handlin...

PT-2025-49998

Insertion of Sensitive Information Into Sent Data vulnerability in INFINITUM FORM Geo Controller cf-geoplugin allows Retrieve Embedded Sensitive Data.This issue affects Geo Controller: from n/a through = 8.9.4...

Siemens Building X - Security Manager Edge Controller

SUMMARY Building X - Security Manager Edge Controller ACC-AP devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device. Siemens is preparing fix versions and recommends specific countermeasures for...

PT-2025-49845

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected application exhibits inconsistent SNMP behavior, such as unexpected service availability and unreliable configuration handling across protocol versions. This could allow an attacker to access sensitive data,...