CVE-2025-3757

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...

CVE-2025-46717

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . Users with local access to a machine can discover the...

CVE-2025-46718

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges e.g. execution of a single command can list sudo privileges of other users using the -U flag. This vulnerability allows users with limited sudo privileges to enumerat...

CVE-2025-4432 vulnerabilities

Vulnerabilities for packages: parseable, lychee, xh, oranda, wasmtime, wasm-pack, linkerd-extension-init, ztunnel, zed, pixi, cargo-audit, fnm, zizmor, rustls-ffi, wasmcloud, sccache, wash, ntpd-rs, rustup, kdash, zola, nushell, tealdeer, wadm, atuin, shadowsocks-rust, buck2, linkerd2-proxy,...

GHSA-Q4RV-GQ96-W7C5 vulnerabilities

Vulnerabilities for packages: webswing, cassandra-reaper, celeborn, spark-fips...

CVE-2025-37877

In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommudeviceregister encounters an error, it can end up tearing down already-configured groups and default domains, however this currently still leaves devices hooked up to iommu-dma and ev...

CVE-2025-37855

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Guard Possible Null Pointer Dereference WHY In some situations, dc-respool may be null. HOW Check if pointer is null before dereference...

CVE-2025-37850

In the Linux kernel, the following vulnerability has been resolved: pwm: mediatek: Prevent divide-by-zero in pwmmediatekconfig With CONFIGCOMPILETEST && !CONFIGHAVECLK, pwmmediatekconfig has a divide-by-zero in the following line: dodivresolution, clkgetratepc-clkpwmspwm-hwpwm; due to the fact th...

CVE-2025-37867

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Silence oversized kvmalloc warning syzkaller triggered an oversized kvmalloc warning. Silence it by adding GFPNOWARN. syzkaller log: WARNING: CPU: 7 PID: 518 at mm/util.c:665 kvmallocnodenoprof+0x175/0x180 CPU: 7 UID: ...

CVE-2025-37863

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, onl...

CVE-2025-37884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcutaskstrace and eventmutex. Fix the following deadlock: CPU A freeevent perfkprobedestroy mutexlock&eventmutex perftraceeventunreg synchronizercutaskstrace There are several paths where freeevent grabs...

CVE-2025-37875

In the Linux kernel, the following vulnerability has been resolved: igc: fix PTM cycle trigger logic Writing to clear the PTM status 'valid' bit while the PTM cycle is triggered results in unreliable PTM operation. To fix this, clear the PTM 'trigger' and status after each PTM transaction. The...

CVE-2025-37839

In the Linux kernel, the following vulnerability has been resolved: jbd2: remove wrong sb-ssequence check Journal emptiness is not determined by sb-ssequence == 0 but rather by sb-sstart == 0 which is set a few lines above. Furthermore 0 is a valid transaction ID so the check can spuriously...

CVE-2025-26847

An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked...

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

CVE-2025-37832

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-37831

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...

CVE-2025-37813

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before preparetransfer and preparering, so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of time...

CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcdmcqabort A race can occur between the MCQ completion path and the abort handler: once a request completes, blkmqfreerequest sets rq-mqhctx to NULL, meaning the subsequent ufshcdmcqreqtohwq...

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...