1096 matches found
SUSE CVE-2025-38689
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512status Problem ------- With CONFIGX86DEBUGFPU enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This is because the AVX-512 timestamp code uses...
CVE-2025-38689
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512status Problem ------- With CONFIGX86DEBUGFPU enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This is because the AVX-512 timestamp code uses...
UBUNTU-CVE-2025-38689
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512status Problem ------- With CONFIGX86DEBUGFPU enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This is because the AVX-512 timestamp code uses...
CVE-2025-38689 x86/fpu: Fix NULL dereference in avx512_status()
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512status Problem ------- With CONFIGX86DEBUGFPU enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This is because the AVX-512 timestamp code uses...
CVE-2025-38689
CVE-2025-38689 affects the Linux kernel’s x86 FPU code. When CONFIG_X86_DEBUG_FPU is enabled, AVX-512 timestamp handling calls x86_task_fpu() without a NULL check, returning NULL for kernel threads (PF_KTHREAD) and triggering a NULL pointer dereference when reading /proc/[kthread]/arch_status. Th...
CVE-2025-38689 x86/fpu: Fix NULL dereference in avx512_status()
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix NULL dereference in avx512status Problem ------- With CONFIGX86DEBUGFPU enabled, reading /proc/kthread/archstatus causes a warning and a NULL pointer dereference. This is because the AVX-512 timestamp code uses...
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
...
CVE-2025-52494
Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...
CVE-2025-52494
Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...
CVE-2025-52494
Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from US-based Mattermost. A security vulnerability exists in Mattermost version 10.5.8 and earlier, which stems from insufficient access control validation and could lead to a user reading threads via AI posts...
TencentOS Server 4: perl (TSSA-2025:0552)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0552 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
ROS-20250819-07
Xen hypervisor vulnerability is related to mutual blocking of execution threads. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in message board threads and categories. An attacker can execute arbitrary JavaScript code in the context of another user by injecting malicious scripts into these fields. Details Cross-site scripting or XSS is ...
CVE-2025-43731
A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows ...
UBUNTU-CVE-2025-38524
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...
CVE-2025-38524 rxrpc: Fix recv-recv race of completed call
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...
CVE-2025-38524 rxrpc: Fix recv-recv race of completed call
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...
MAL-2025-20532 Malicious code in file-alb-um-zip-new-mp3-200499-threads-i0tvt-cdrrmq (npm)
The package file-alb-um-zip-new-mp3-200499-threads-i0tvt-cdrrmq was found to contain malicious code...
EulerOS 2.0 SP11 : perl (EulerOS-SA-2025-1938)
According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread...