40349 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-71140
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex wa...
Protection Mechanism Failure
Overview enclave-vm is a Sandbox runtime for secure JavaScript code execution Affected versions of this package are vulnerable to Protection Mechanism Failure via the exposure of a host-side Error object to sandboxed code, which retains its host realm prototype chain. An attacker can intentionall...
CVE-2025-69271
Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...
CVE-2025-65552
D3D Wi-Fi Home Security System ZX-G12 v2.1.1 is vulnerable to RF replay attacks on the 433 MHz sensor communication channel. The system does not implement rolling codes, message authentication, or anti-replay protection, allowing an attacker within RF range to record valid alarm/control frames an...
CVE-2026-22603
OpenProject is an open-source, web-based project management software. Prior to version 16.6.2, OpenProject’s unauthenticated password-change endpoint /account/changepassword was not protected by the same brute-force safeguards that apply to the normal login form. In affected versions, an attacker...
CVE-2026-20824
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-20824
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally...
CVE-2026-20824
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally...
AZL-74378 CVE-2025-68800 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...
CVE-2025-68800
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...
AZL-74357 CVE-2025-68798 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...
CVE-2025-68798
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...
UBUNTU-CVE-2025-68798
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...
CVE-2025-68800
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...
Windows Remote Assistance Security Feature Bypass Vulnerability
Protection mechanism failure in Windows Remote Assistance allows an unauthorized attacker to bypass a security feature locally...
CVE-2025-68802 drm/xe: Limit num_syncs to prevent oversized allocations
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Limit numsyncs to prevent oversized allocations The exec and vmbind ioctl allow userspace to specify an arbitrary numsyncs value. Without bounds checking, a very large numsyncs can force an excessively large allocation,...
CVE-2025-68800 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...
CVE-2025-68800
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrummr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex instead of RTNL to protect the multicast route list, so that it will not change while the driver periodically traverse...
CVE-2025-68800
The CVE-2025-68800 issue affects the Linux kernel mlxsw spectrum_mr component. It arises from a use-after-free in multicast route stats updates when the driver traverses the multicast route list. A dedicated mutex was added (replacing the previous RTNL-based protection) to guard the list during u...
CVE-2025-68798
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...