Lucene search
K

317 matches found

osv
osv
added 2025/09/16 2:15 p.m.13 views

AZL-74736 CVE-2025-39835 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...

7.8CVSS5.7AI score0.00157EPSS
Exploits0References1
osv
osv
added 2025/09/16 2:15 p.m.4 views

UBUNTU-CVE-2025-39835

In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...

7.8CVSS6.5AI score0.00157EPSS
Exploits0References29
osv
osv
added 2025/09/16 1:8 p.m.5 views

CVE-2025-39835 xfs: do not propagate ENODATA disk errors into xattr code

In the Linux kernel, the following vulnerability has been resolved: xfs: do not propagate ENODATA disk errors into xattr code ENODATA aka ENOATTR has a very specific meaning in the xfs xattr code; namely, that the requested attribute name could not be found. However, a medium error from disk may...

7.8CVSS6.2AI score0.00157EPSS
Exploits0References13
osv
osv
added 2025/09/10 5:13 p.m.3 views

GHSA-W765-JM6W-4HHJ Webrecorder packages are vulnerable to XSS through 404 error handling logic

A Reflected Cross-Site Scripting XSS vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter requestURL derived from the original request target is directly embedded into an inline block without sanitization or escaping. This allows an attacker to craft ...

7.1CVSS5.9AI score0.00237EPSS
Exploits0References8
susecve
susecve
added 2025/09/09 11:22 p.m.7 views

SUSE CVE-2025-39675

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS6.5AI score0.00147EPSS
Exploits0References21
snyk
snyk
added 2025/09/09 8:45 p.m.4 views

Cross-site Scripting (XSS)

Overview @webrecorder/wabac is a service worker based web archive replay Affected versions of this package are vulnerable to Cross-site Scripting XSS via the 404 error handling process. An attacker can execute arbitrary JavaScript in the victim's browser by crafting a malicious URL that injects...

7.1CVSS5.4AI score0.00237EPSS
Exploits0References2
osv
osv
added 2025/09/05 6:15 p.m.7 views

AZL-67010 CVE-2025-39675 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS5.6AI score0.00147EPSS
Exploits0References1
nvd
nvd
added 2025/09/05 6:15 p.m.12 views

CVE-2025-39675

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS0.00147EPSS
Exploits0References8
osv
osv
added 2025/09/05 6:15 p.m.1 views

DEBIAN-CVE-2025-39675

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS5.3AI score0.00147EPSS
Exploits0References1
osv
osv
added 2025/09/05 6:15 p.m.5 views

UBUNTU-CVE-2025-39675

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References34
osv
osv
added 2025/09/05 5:20 p.m.9 views

CVE-2025-39675 drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS6AI score0.00147EPSS
Exploits0References11
cvelist
cvelist
added 2025/09/05 5:20 p.m.11 views

CVE-2025-39675 drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session()

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check in modhdcphdcp1createsession The function modhdcphdcp1createsession calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

0.00147EPSS
Exploits0References6
cve
cve
added 2025/09/05 5:20 p.m.35 views

CVE-2025-39675

CVE-2025-39675 affects the Linux kernel DRM/AMD display path. In mod_hdcp_hdcp1_create_session(), get_first_active_display() may return NULL when the display list is empty, causing a NULL pointer dereference. The fix adds a NULL pointer check and returns MOD_HDCP_STATUS_DISPLAY_NOT_FOUND. This mi...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References8Affected Software1
suse
suse
added 2025/09/05 12:55 p.m.5 views

Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3: CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. Fixed cloud-init --debug status bsc1228414. Using...

8.8CVSS7AI score0.00263EPSS
Exploits0References26
susecve
susecve
added 2025/08/28 11:22 p.m.3 views

SUSE CVE-2025-40779

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS6.9AI score0.00495EPSS
Exploits0References3
cvelist
cvelist
added 2025/08/27 8:23 p.m.12 views

CVE-2025-40779 Kea crash upon interaction between specific client options and subnet selection

If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...

7.5CVSS0.00495EPSS
Exploits0References1
osv
osv
added 2025/08/19 5:3 p.m.5 views

CVE-2025-38590 net/mlx5e: Remove skb secpath if xfrm state is not found

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed by the time of this...

5.5CVSS7.1AI score0.00146EPSS
Exploits0References8
nessus
nessus
added 2025/08/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does n...

5.5CVSS6.7AI score0.00107EPSS
Exploits0References3
redhat
redhat
added 2025/08/06 8:1 a.m.3 views

kernel: powerpc: Fix access beyond end of drmem array

A flaw was found in the Linux kernel, specifically affecting the PowerPC architecture's pseries memory hotplug functionality. The issue arises from the dlparmemoryremovebyindex function, which may access memory beyond the bounds of the drmem logical memory block LMB array when it fails to find a...

7.8CVSS6.6AI score0.00246EPSS
Exploits0References5
susecve
susecve
added 2025/07/28 11:24 p.m.8 views

SUSE CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for getfirstactivedisplay The function modhdcphdcp1enableencryption calls the function getfirstactivedisplay, but does not check its return value. The return value is a null pointer if the...

5.5CVSS6.5AI score0.00107EPSS
Exploits0References22
Rows per page
Query Builder