CVE-2025-38354

CVE-2025-38354 (Linux kernel, DRM/MSM GPU): A crash can occur when throttling GPU immediately during boot if the GPU is already hot, because of an early call to of_devfreq_cooling_register() that may access GMU registers before initialization. The root cause is that msm_devfreq_init may suspend d...

CVE-2025-38355

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt-wq that we use to complete asynchronous removal of some GGTT nodes, this happends as part of the managed-d...

CVE-2025-38355 drm/xe: Process deferred GGTT node removals on device unwind

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt-wq that we use to complete asynchronous removal of some GGTT nodes, this happends as part of the managed-d...

CVE-2025-38355

CVE-2025-38355 involves the Linux kernel DRM/xe path where deferred GGTT node removals could be drained later than device unwinding, potentially unmapping MMIO/GSM mappings during unwinding and causing a page fault. The fixes add a managed-device action to explicitly drain the ggtt node removals ...

CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabled and the state is not even initialized. Protect the wedge call so it does nothing in this case. It fixes the following...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clean up /proc/net/rpc/nfs when initialization fails may result in a warning...

NewStart CGSL MAIN 7.02 : openssl Multiple Vulnerabilities (NS-SA-2025-0124)

The remote NewStart CGSL host, running version MAIN 7.02, has openssl packages installed that are affected by multiple vulnerabilities: - Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns durin...

The vulnerability of the `core::fmt::write()` function in the arch/x86/Kconfig module of Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the core::fmt::write function in the arch/x86/Kconfig module of Linux kernels is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the functions xe_mmio_read() and xe_mmio_write() in the kernel module drivers/gpu/drm/xe/xepci.c of Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the xemmioread and xemmiowrite functions in the drivers/gpu/drm/xe/xepci.c kernel module of Linux operating systems is related to improper initialization of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the TTY driver in Linux operating systems allows a hacker to trigger a service failure.

The vulnerability of the TTY driver in Linux operating systems is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to cause service failures...

(0Day) Ashlar-Vellum Cobalt AR File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

CVE-2025-52372

An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components...

hMailServer 安全漏洞

hMailServer is an open source mail server from hMailServer Open Source. A security vulnerability exists in hMailServer version v5.8.6, which stems from improper handling of the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components, which could lead to the disclosure...

SUSE-SU-2025:20483-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. - CVE-2024-58053: rxrpc: Fix handling of received connection abort...

WordPress plugin Listly: Listicles For WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in the...

Improper Check for Unusual or Exceptional Conditions

Overview solady is an Optimized Solidity snippets. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the initialization process used by ERC4337Factory. An attacker can cause silent failures during contract deployment if the initialization...

CVE-2025-53638 Solady lacks extcodesize validation on implementation in ERC4337Factory

Solady is software that provides Solidity snippets with APIs. Starting in version 0.0.125 and prior to version 0.1.24, when an account is deployed via a proxy, using regular Solidity to call its initialization function may result in a silent failure, if the initialization function does not return...

Solady 代码问题漏洞

Solady is an application by Vectorized Personal Developers. A code issue vulnerability exists in versions of Solady prior to 0.1.24, which stems from an initialization function that may fail silently if it does not return a bool...

PT-2025-29938 · Solady · Solady

Name of the Vulnerable Software and Affected Versions: Solady versions 0.0.125 through 0.1.23 Description: Solady is software that provides Solidity snippets with APIs. When an account is deployed via a proxy, using regular Solidity to call its initialization function may result in a silent failu...

NVIDIA Container Toolkit 代码问题漏洞

NVIDIA Container Toolkit is a container toolkit from NVIDIA, Inc. It allows users to build and run GPU-accelerated containers. A code issue vulnerability exists in NVIDIA Container Toolkit that stems from a container initialization hook flaw that could lead to elevation of privilege, data...