644 matches found
UBUNTU-CVE-2023-54307
In the Linux kernel, the following vulnerability has been resolved: ptpqoriq: fix memory leak in probe Smatch complains that: drivers/ptp/ptpqoriq.c ptpqoriqprobe warn: 'base' from ioremap not released. Fix this by revising the parameter from 'ptpqoriq-base' to 'base'. This is only a bug if...
CVE-2025-60458
UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted RTSP TEARDOWN request can trigger multiple calls to free on the same memory address, potentially causing a Denial of Service...
CVE-2025-15094
A weakness has been identified in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The impacted element is the function userLogin of the file src/main/java/com/flycms/web/front/UserController.java of the component User Login. Executing a manipulation of the argument redirectUrl ca...
CVE-2023-54142
In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...
CVE-2025-68583
Cross-Site Request Forgery CSRF vulnerability in Tikweb Management Fast User Switching fast-user-switching allows Cross Site Request Forgery.This issue affects Fast User Switching: from n/a through = 1.4.10...
Linux Distros Unpatched Vulnerability : CVE-2025-68335
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: pcl818: fix null-ptr-deref in pcl818aicancel Syzbot identified an issue 1 in pcl818aicancel, which stems from the fact that in case of early device deta...
CVE-2025-68389
A flaw was found in Kibana. A low-privileged authenticated user can exploit this vulnerability by sending a specially crafted HTTP request, leading to an excessive allocation of computing resources. This can result in a denial of service DoS for the Kibana process, making the service unavailable ...
CVE-2025-68198
In the Linux kernel, the following vulnerability has been resolved: crash: fix crashkernel resource shrink When crashkernel is configured with a high reservation, shrinking its value below the low crashkernel reservation causes two issues: 1. Invalid crashkernel resource objects 2. Kernel crash...
CVE-2025-13780
pgAdmin versions up to 9.10 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...
Desktop Alert PingAlert Elevation of Privilege Vulnerability
Desktop Alert PingAlert is a network status monitoring tool developed by Desktop Alert, Inc. and is mainly used to monitor the status of network devices in real time and send alerts. Desktop Alert PingAlert suffers from an elevation of privilege vulnerability that stems from improper access...
CVE-2025-12817
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before...
CVE-2025-59777
NULL pointer dereference vulnerability exists in GNU libmicrohttpd v1.0.2 and earlier. The vulnerability was fixed in commit ff13abc on the master branch of the libmicrohttpd Git repository, after the v1.0.2 tag. A specially crafted packet sent by an attacker could cause a denial-of-service DoS...
PT-2025-44966
Name of the Vulnerable Software and Affected Versions Huawei Modem affected versions not specified Description A heap buffer overflow exists in the Modem software that could lead to remote escalation of privilege. An attacker could exploit this by controlling a rogue base station to which a User...
CVE-2025-40083
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue To prevent a potential crash in aggdequeue net/sched/schqfq.c when cl-qdisc-ops-peekcl-qdisc returns NULL, we check the return value before using it, similar to the existing approac...
Linux Distros Unpatched Vulnerability : CVE-2025-39979
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace 1 caused by releasing an HWS action of a local flow counter in mlx5cmdhwsdeletefte, where the H...
CVE-2022-50575
In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: Fix a possible warning in privcmdioctlmmapresource As 'kdata.num' is user-controlled data, if user tries to allocate memory larger than= MAXORDER, then kcalloc will fail, it creates a stack trace and messes up dmesg...
CVE-2025-62375
go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is...
CVE-2025-61779
Confidential Containers's Trustee project contains tools and components for attesting confidential guests and providing secrets to them. In versions prior to 0.15.0, the attestation-policy endpoint didn't check if the kbs-client submitting the request was actually authenticated had the right key...
Linux Distros Unpatched Vulnerability : CVE-2023-53611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ipmisi: fix a memleak in trysmiinit Kmemleak reported the following leak info in trysmiinit:...
EUVD-2025-26979
Malicious code in bioql PyPI...