36090 matches found
CVE-2025-21921
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...
UBUNTU-CVE-2025-21986
In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding / removing...
UBUNTU-CVE-2025-21921
In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...
UBUNTU-CVE-2025-21955
In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent connection release during oplock break notification ksmbdwork could be freed when after connection release. Increment rcount of ksmbdconn to indicate that requests are not finished yet and to not release the...
CVE-2025-21986 net: switchdev: Convert blocking notification chain to a raw one
In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding / removing...
CVE-2025-21986
In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding / removing...
CVE-2025-21986
CVE-2025-21986 affects the Linux kernel net: switchdev notification path. The root cause is a blocking notification chain that uses a read-write semaphore to protect the chain, which allows recursive notifications to cause the semaphore to be acquired twice for reading. In certain bridge/offload ...
CVE-2025-21986 net: switchdev: Convert blocking notification chain to a raw one
In the Linux kernel, the following vulnerability has been resolved: net: switchdev: Convert blocking notification chain to a raw one A blocking notification chain uses a read-write semaphore to protect the integrity of the chain. The semaphore is acquired for writing when adding / removing...
CVE-2025-21955
CVE-2025-21955 affects the Linux kernel’s ksmbd component. The issue occurs when ksmbd_work could be freed after a connection release during an oplock break notification, risking use-after-release. The fix increments the ksmbd_conn r_count to indicate ongoing requests and prevents releasing the c...
CVE-2025-21917
In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the notifyhotplugwork When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message "Unable to handle kernel NULL pointer...
gardenconnect.com Cross Site Scripting vulnerability OBB-4041615
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
arthparkash.com Cross Site Scripting vulnerability OBB-4041582
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bda-niedersachsen.de Cross Site Scripting vulnerability OBB-4041569
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
contentforindustry.com Cross Site Scripting vulnerability OBB-4041562
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a recursive notification problem in the notification chain of the net switchdev module...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ksmbd potentially releasing connections during oplock interrupt notification...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from dereferencing a struct page pointer without holding a notification lock...
ASB-A-338024220
In contentDescForNotification of NotificationContentDescription.kt, there is a possible notification content leak through the lockscreen due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed...
Fedora: Security Advisory (FEDORA-2025-f7a12118f3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of the email notification sending function in Netgear WNR854T router software allows a hacker to execute arbitrary commands.
The vulnerability of the email notification sending function in Netgear WNR854T router microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the emailaddress parameter. Exploiting this vulnerability allows ...