Lucene search
+L

226 matches found

UbuntuCve
UbuntuCve
added 2025/12/16 3:15 p.m.4 views

CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

5.9AI score0.00174EPSS
Exploits0References25
OSV
OSV
added 2025/12/16 3:15 p.m.4 views

UBUNTU-CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

5.7AI score0.00174EPSS
Exploits0References26
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper management of the management request queue lifecycle in nvme...

6.2AI score0.00174EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/12/10 9:2 a.m.7 views

nvme-fc: use lock accessing port_state and rport state

...

7CVSS7AI score0.00205EPSS
Exploits0
OSV
OSV
added 2025/12/09 4:17 p.m.5 views

UBUNTU-CVE-2025-40342

In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote port on a lport object at any point in time when there is no active association. This races with with the reconnect logic, because...

5.9AI score0.00205EPSS
Exploits0References35
RedhatCVE
RedhatCVE
added 2025/11/14 12:1 a.m.7 views

CVE-2025-60700

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and librcm.so binaries. The sub4455BC function in prog.cgi stores user-supplied SetDMZSettings/IPAddress values in NVRAM via nvramsafeset"dmzipaddr", .... These values are later...

6.5CVSS8.5AI score0.03155EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/13 9:31 p.m.6 views

EUVD-2025-175374

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

7.7AI score0.03526EPSS
Exploits1References5
EUVD
EUVD
added 2025/11/13 9:31 p.m.6 views

EUVD-2025-175375

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to...

7.7AI score0.03627EPSS
Exploits1References5
OSV
OSV
added 2025/11/13 7:15 p.m.5 views

CVE-2025-60672

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to...

6.5CVSS6.1AI score0.03627EPSS
Exploits1References4
NVD
NVD
added 2025/11/13 7:15 p.m.7 views

CVE-2025-60672

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDynamicDNSSettings' functionality, where the 'ServerAddress' and 'Hostname' parameters in prog.cgi are stored in NVRAM and later used by rc to...

6.5CVSS0.03627EPSS
Exploits1References3
CVE
CVE
added 2025/11/13 12:0 a.m.18 views

CVE-2025-60701

The CVE-2025-60701 issue affects the D-Link DIR-882 router, specifically firmware DIR882A1_FW102B02. The vulnerability stems from the prog.cgi function sub_433188 and the rc binary’s sub_448FDC, where user-supplied EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, and AccountName are stored ...

6.5CVSS8.1AI score0.03155EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/11/13 12:0 a.m.24 views

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

0.03526EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/13 12:0 a.m.25 views

CVE-2025-60697

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub4438A4 function in prog.cgi stores user-supplied DDNS parameters ServerAddress and Hostname in NVRAM via nvramsafeset. These values are later retrieved in th...

0.0382EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.17 views

PT-2025-46884

Name of the Vulnerable Software and Affected Versions D-Link DIR-882 Router firmware versions prior to DIR882A1 FW102B02 Description A command injection issue exists in the D-Link DIR-882 Router firmware. The sub 433188 function within the prog.cgi binary stores user-provided email configuration...

6.5CVSS8.2AI score0.03155EPSS
Exploits1References7
CVE
CVE
added 2025/11/13 12:0 a.m.24 views

CVE-2025-60698

The CVE-2025-60698 issue affects D-Link DIR-882 router firmware DIR882A1_FW102B02, where SetSysLogSettings/IPAddress stored in NVRAM via nvram_safe_set can be read and concatenated into a shell command executed by twsystem() in the rc binary. The root cause is un-sanitized retrieval of nvram valu...

7.3CVSS8.1AI score0.03929EPSS
Exploits1References4Affected Software1
RedHat Linux
RedHat Linux
added 2025/11/12 3:8 p.m.7 views

kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been removed completely since commit 16d98b548365 "mt76: mt7921: rely on...

7.1CVSS6.9AI score0.00149EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.5 views

kernel: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read

In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap interface operates with fixed-size storage. If an nvmem client uses a buffer size less than 4 byte...

7.8CVSS6.9AI score0.00208EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.6 views

PT-2025-49091

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0 Description The Linux kernel contains a flaw within the nvme-fc subsystem. Specifically, the issue arises from improper handling of work queues during the deletion of an NVMe-FC controller association. The...

5.7CVSS6.5AI score0.00194EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989074 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports 0 that his recent...

5.5CVSS6AI score0.00219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988704 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet: fix a use-after-free Fix the following use-after-free complaint triggered by blktests...

5.3CVSS6.2AI score0.00228EPSS
Exploits0References4
Rows per page
Query Builder