4076 matches found
GHSA-6JXR-VC7P-9HQV vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2025-13637 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-68WW-H25V-G8MQ vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2025-13720 vulnerabilities
Vulnerabilities for packages: chromium...
USN-7923-1: Qt vulnerability
It was discovered that Qt did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
rexml: REXML denial of service
A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...
rexml: REXML denial of service
A denial of service flaw has been discovered in the rubygem REXML. Certain input can cause excess cpu usage and given sufficiently large input this can affect program performance...
GHSA-VRCR-9HJ9-JCG6 vulnerabilities
Vulnerabilities for packages: authentik, awx...
grafana security update
10.2.6-17 - Resolves RHEL-125692: CVE-2025-58183 - Resolves RHEL-120426: Grafana-selinux prevents plugins from searching cgroups...
CVE-2023-53830
In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...
CVE-2025-14328
Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2023-53834
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ina2xx: avoid NULL pointer dereference on OF device match The affected lines were resulting in a NULL pointer dereference on our platform because the device tree contained the following list of compatible strings:...
CVE-2025-14330
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...
firefox: thunderbird: Incorrect boundary conditions in the JavaScript: WebAssembly component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript: WebAssembly component...
CVE-2025-40344
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Disable periods-elapsed work when closing PCM avsdaifeshutdown handles the shutdown procedure for HOST HDAudio stream while period-elapsed work services its IRQs. As the former frees the DAI's private context,...
CVE-2025-40334
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq buffer virtual address and size It needs to validate the userq object virtual address to determine whether it is residented in a valid vm mapping...
CVE-2025-40332
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...
CVE-2025-40329
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drmschedentitykilljobscb The Mesa issue referenced below pointed out a possible deadlock: 1231.611031 Possible interrupt unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ---- 1231.611035...
CVE-2023-53777
In the Linux kernel, the following vulnerability has been resolved: erofs: kill hooked chains to avoid loops on deduplicated compressed images After heavily stressing EROFS with several images which include a hand-crafted image of repeated patterns for more than 46 days, I found two chains could ...