EUVD-2025-204804

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing data The URB received in gsusbreceivebulkcallback contains a struct gshostframe. The length of the data after the header depends on the gshostframe hf::fla...

EUVD-2025-204799

In the Linux kernel, the following vulnerability has been resolved: team: Move team device type change at the end of teamportadd Attempting to add a port device that is already up will expectedly fail, but not before modifying the team device headerops. In the case of the syzbot reproducer the gr...

EUVD-2025-204803

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Don't free uninitialized kszirq If something goes wrong at setup, kszirqfree can be called on uninitialized kszirq for example when kszptpirqsetup fails. It leads to freeing uninitialized IRQ numbers and/or...

EUVD-2025-204775

Not used...

EUVD-2025-204773

Not used...

EUVD-2025-204777

Not used...

EUVD-2025-204853

Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges...

EUVD-2025-204750

PublicCMS V5.202506.b is vulnerable to Cross Site Scripting XSS in the Content Search module...

EUVD-2025-204727

An arbitrary file upload vulnerability in the Attachments module of Frappe Framework v15.89.0 allows attackers to execute arbitrary code via uploading a crafted XML file...

EUVD-2025-204726

In the Linux kernel, the following vulnerability has been resolved: usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer When a UAS device is unplugged during data transfer, there is a probability of a system panic occurring. The root cause is an access to ...

EUVD-2025-204731

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose for split VMAs When a VMA is split e.g., by partial munmap or MAPFIXED, the kernel calls vmops-close on each portion. For trace buffer mappings, this results in ringbufferunmap being...

EUVD-2025-204721

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platformsetdrvdata and devsetdrvdata. They both are of the same data and overrides each other. This resulted in the rmmod of the svc driver to...

EUVD-2025-204714

An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation LPE vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit...

EUVD-2025-204674

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1...

EUVD-2025-204636

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajaxgetmembers function. This is due to the use of a...

EUVD-2025-204448

Not used...

EUVD-2025-204444

Not used...

EUVD-2025-204443

Not used...

EUVD-2025-204447

Not used...

EUVD-2025-204326

A Reflected Cross-Site Scripting XSS vulnerability in yohanawi Hotel Management System commit 87e004a allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php...