CVE-2025-71086

Technical details for CVE-2025-71086 are not publicly available in the provided documents. Monitor for updates from official advisories; the initial description mentions a Linux kernel fix in net rose_kill_by_device but no product/version specifics are provided here.

PT-2025-49309

Name of the Vulnerable Software and Affected Versions BACnet Protocol Stack versions prior to 1.5.0.rc2 Description The BACnet Protocol Stack library contains flaws in the npdu is expected reply function within src/bacnet/npdu.c. This function does not properly validate the existence of Applicati...

CVE-2025-39975 smb: client: fix wrong index reference in smb2_compound_op()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix wrong index reference in smb2compoundop In smb2compoundop, the loop that processes each command's response uses wrong indices when accessing response bufferes. This incorrect indexing leads to improper handling o...

SUSE-SU-2025:03548-1 Security update for the Linux Kernel (Live Patch 31 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024133 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket bsc1243650. - CVE-2024-50154: tcp/dccp: Do not use timerpending in reqskqueueunlink bsc1233072. -...

CVE-2025-21692 net: sched: fix ets qdisc OOB Indexing

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ets qdisc OOB Indexing Haowei Yan found that etsclassfromarg can index an Out-Of-Bound class in etsclassfromarg when passed clid of 0. The overflow may cause local privilege escalation. 18.852298 ------------ cut...

UBUNTU-CVE-2024-36019

In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcachemapledrop When keeping the upper end of a cache block entry, the entry array must be indexed by the offset from the base register of the block, i.e. max - mas.index. The code was...

PT-2022-35537 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.150 Description: The issue is related to the drm/msm/dpu component, specifically with the indexing of dpu kms-hw vbif using vbif idx. The actual impact and attack plausibility have not yet been proven...

PT-2022-35671 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.220 Description: The issue is related to the drm/msm/dpu component, specifically with the indexing of dpu kms-hw vbif using vbif idx. The actual impact and attack plausibility have not yet been proven...

GHSA-6F84-42VF-PPWP Division by 0 in `QuantizedMul`

Impact An attacker can trigger a division by 0 in tf.rawops.QuantizedMul: python import tensorflow as tf x = tf.zeros4, 1, dtype=tf.quint8 y = tf.constant, dtype=tf.quint8 minx = tf.constant0.0 maxx = tf.constant0.0010000000474974513 miny = tf.constant0.0 maxy = tf.constant0.0010000000474974513...

CVE-2021-29560

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in tf.rawops.RaggedTensorToTensor. This is because the...

Important: Red Hat Security Advisory: 389-ds-base security and bug fix update

An update for 389-ds-base is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Facebook Fixes Email Indexing Bug

Incident-prone social network monolith Facebook has plugged yet another security leak, this time involving the indexing by search engines of email addresses not listed on Facebook. Read the full article. The Register...

Google Chrome 4.1.249.1042 Array Indexing Bug

source: http://www.trapkit.de/advisories/TKADV2010-004.txt Title:Google Chrome OOB Array Indexing Bug Author: Tobias Klein Affected Software: Google Chrome = 4.1.249.1042 Build 42199 Remotely Exploitable: Yes Locally Exploitable: No Vendor URL: http://www.google.com/chrome/ -----BEGIN PGP SIGNED...