6095 matches found
CVE-2025-22015
In the Linux kernel, the following vulnerability has been resolved: mm/migrate: fix shmem xarray update during migration A shmem folio can be either in page cache or in swap cache, but not at the same time. Namely, once it is in swap cache, folio-mapping should be NULL, and the folio is no longer...
CVE-2025-22010
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix soft lockup during bt pages loop Driver runs a for-loop when allocating bt pages and mapping them with buffer pages. When a large buffer e.g. MR over 100GB is being allocated, it may require a considerable loop coun...
[SECURITY] [DLA 4114-1] zfs-linux security update
Debian LTS Advisory DLA-4114-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert April 05, 2025 https://wiki.debian.org/LTS Package : zfs-linux Version : 2.0.3-9+deb11u2 CVE ID : CVE-2013-20001 CVE-2023-49298 Debian Bug : 1056752 1059322 Multiple vulnerabilities were...
CVE-2025-31284
A broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backe...
CVE-2025-31282
A broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31283
A broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31285
A broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31286
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code. Please note: this issue has already been addressed on the backend service and is no longer considered an active vulnerability...
CVE-2025-31284
A broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backe...
CVE-2025-31285
A broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31286
CVE-2025-31286 refers to an HTML injection vulnerability in Trend Vision One. A malicious user could have caused arbitrary code execution via the affected HTML injection pathway. The issue has been addressed on the backend service and is no longer considered an active vulnerability; no user actio...
CVE-2025-31286
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code. Please note: this issue has already been addressed on the backend service and is no longer considered an active vulnerability...
CVE-2025-31286
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a malicious user to execute arbitrary code. Please note: this issue has already been addressed on the backend service and is no longer considered an active vulnerability...
CVE-2025-31285
The CVE refers to a broken access control issue in Trend Vision One’s Role Name component that could enable an administrator to create users who can change account roles, leading to privilege escalation. The root cause is described as improper access control within that component. Multiple source...
CVE-2025-31285
A broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31285
A broken access control vulnerability previously discovered in the Trend Vision One Role Name component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31284
A broken access control vulnerability previously discovered in the Trend Vision One Status component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the backe...
CVE-2025-31283
A broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-31282
A broken access control vulnerability previously discovered in the Trend Vision One User Account component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
CVE-2025-21990
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo-tbo.resource will be NULL. Check for that before dereferencing. cherry picked from commit...