78 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-38262
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls...
SUSE CVE-2025-38266
In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Commit 3ef9f710efcb "pinctrl: mediatek: Add EINT support for multiple addresses" introduced an access to the 'soc' field of struct mtkpinctrl in...
AZL-72799 CVE-2025-38262 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
DEBIAN-CVE-2025-38262
In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart driver in init When two instances of uart devices are probing, a concurrency race can occur. If one thread calls uartregisterdriver function, which first allocates and assigns memory to...
PT-2025-25883
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the kcm module. The issue involved the incorrect ordering of the strp init function call, which led to unnecessary...
PT-2025-18831 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to the fixed version Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the LoongArch architecture and occurs when the get timer irq function is called multiple times in the...
PT-2025-18530 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns error handling in the ena init function. Specifically, when pci register driver fails, ena init does not destroy the workqueue created by create singlethread...
CVE-2025-2109
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.30.15 via the init function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...
WordPress WP Compress plugin <= 6.30.15 - Unauthenticated Server-Side Request Forgery via init Function vulnerability
Unauthenticated Server-Side Request Forgery via init Function vulnerability discovered by mikemyers in WordPress Plugin WP Compress versions = 6.30.15...
SUSE CVE-2022-49100
In the Linux kernel, the following vulnerability has been resolved: virtioconsole: eliminate anonymous moduleinit & moduleexit Eliminate anonymous moduleinit and moduleexit, which can lead to confusion or ambiguity when reading System.map, crashes/oops/bugs, or an initcalldebug log. Give each of...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reference counting issue in the atmelnandcontrollerinit function...
PT-2024-26495 · Vmir · Vmir
Name of the Vulnerable Software and Affected Versions: vmir version e8117 Description: A stack overflow issue was discovered in the init local vars function at /src/vmir wasm parser.c. This issue affects the vmir software, allowing for potential exploitation. Recommendations: For version e8117,...
PT-2024-39043 · Brevo · The Newsletter
Name of the Vulnerable Software and Affected Versions: The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo plugin for WordPress versions up to, and including, 3.1.87 Description: The issue is due to missing or incorrect nonce validation on the Init function, making it possible for...
CVE-2024-46673 scsi: aacraid: Fix double-free on probe failure
In the Linux kernel, the following vulnerability has been resolved: scsi: aacraid: Fix double-free on probe failure aacprobeone calls hardware-specific init functions through the aacdriverident::init pointer, all of which eventually call down to aacinitadapter. If aacinitadapter fails after...
PT-2024-38749 · Unknown · Demozx Gf Cms
Name of the Vulnerable Software and Affected Versions: demozx gf cms versions 1.0 through 1.0.1 Description: A critical issue has been found in the JWT Authentication component, specifically affecting the init function of the file internal/logic/auth/auth.go. This allows for the manipulation of...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly use cached epcfeatures in the pciepftestcoreinit function...
CVE-2024-41255
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...
CVE-2024-41255
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...
CVE-2024-41255
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...
CVE-2024-41255
Summary: Filestash v0.4 is configured to skip TLS certificate verification when using FTPS, potentially allowing a man‑in‑the‑middle attack via the Init function of index.go. Root cause: insecure TLS validation (InsecureSkipVerify style setting) leads to certificate trust bypass. Impact: high ris...