CVE-2025-38666

In the Linux kernel, the following vulnerability has been resolved: net: appletalk: Fix use-after-free in AARP proxy probe The AARP proxy‐probe routine aarpproxyprobenetwork sends a probe, releases the aarplock, sleeps, then re-acquires the lock. During that window an expire timer thread...

CVE-2025-38253

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix crash in wacomaesbatteryhandler Commit fd2a9b29dc9c "HID: wacom: Remove AES powersupply after extended inactivity" introduced wacomaesbatteryhandler which is scheduled as a delayed work aesbatterywork. In...

CVE-2022-49981

A flaw was found in the HID device support in the Linux kernel. A missing release of allocated memory will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

CVE-2025-49515

A vulnerability was found in Moodle. Insufficient state and capability checks allowed some details of hidden courses, including course names, descriptions, and teachers, to be accessible to users without proper permission...

CVE-2022-50044

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling. It may leads to 2 race conditions issues. 1 Such event may be dropped by qcommhiqrtrdlcallback at check: if !qdev...

CVE-2025-37976

No description is available for this CVE...

CVE-2022-49895

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been exhausted by existing regions, and creating a new region with the port in question in it's hierarchical path is attempted, cxlportattachregio...

CVE-2025-22009

In the Linux kernel, the following vulnerability has been resolved: regulator: dummy: force synchronous probing Sometimes I get a NULL pointer dereference at boot time in kobjectget with the following call stack: anatopregulatorprobe devmregulatorregister regulatorregister regulatorresolvesupply...

CGA-JRMW-JF8X-M44P

Bulletin has no description...

CVE-2024-51746

A flaw was found in the Gitsign sigstore package. When Gitsign's credential cache is used, it may select the wrong Rekor entry to use during online verification when the log returns multiple entries. This may lead to the incorrect entry being used to pass verification successfully...

CVE-2024-50132

In the Linux kernel, the following vulnerability has been resolved: tracing/probes: Fix MAXTRACEARGS limit handling When creating a traceprobe we would set nrargs prior to truncating the arguments to MAXTRACEARGS. However, we would only initialize arguments up to the limit. This caused invalid...

CVE-2024-8443

A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the pkcs15-init tool may lead to out-of-bound rights, possibly resulting in arbitrary code...

CVE-2024-45618

A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have...

CVE-2024-37280

A flaw was found in Elasticsearch that affects document ingestion when an index template contains a dynamic field mapping of the “passthrough” type. Under certain circumstances, ingesting documents in this index can cause a StackOverflow exception to be thrown, leading to a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel. No information about this vulnerability is available at this time, so stay tuned to CNNVD or vendor announcements...

CVE-2024-4840

An flaw was found in the OpenStack Platform RHOSP director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs...

CVE-2024-326052

No description is available for this CVE...

CVE-2023-51594

A flaw was found within the handling of OBEX protocol parameters in BlueZ. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...

CVE-2023-51589

A flaw was found within the handling of the AVRCP protocol in BlueZ. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect ...