CVE-2025-5992

When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1...

CVE-2025-5992

When passing values outside of the expected range to QColorTransferGenericFunction it can cause a denial of service, for example, this can happen when passing a specifically crafted ICC profile to QColorSpace::fromICCProfile.This issue affects Qt from 6.6.0 through 6.8.3, from 6.9.0 through 6.9.1...

CVE-2025-52434

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Tomcat when using the APR/Native connector. This was particularly noticeable with client initiated closes of HTTP/2 connections. This issue affects Apache Tomcat: from 9.0.0.M1 throug...

CVE-2025-49812

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

CVE-2025-53020

Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4.64, which fixes the issue...

CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

CVE-2025-7425

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

CVE-2025-38321

In the Linux kernel, the following vulnerability has been resolved: smb: Log an error when closeallcacheddirs fails Under low-memory conditions, closeallcacheddirs can't move the dentries to a separate list to dput them once the locks are dropped. This will result in a "Dentry still in use" error...

CVE-2025-38341

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnicmbxmapmsg retains the ownership of the message on error. All existing callers dutifully free the page...

CVE-2025-38343

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: drop fragments with multicast or broadcast RA IEEE 802.11 fragmentation can only be applied to unicast frames. Therefore, drop fragments with multicast or broadcast RA. This patch addresses vulnerabilities suc...

CVE-2025-38344

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...

CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - csdspmockbinaddnameorinfo, because the source string length was rounded up to the allocation size...

CVE-2025-38339

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf: fix JIT code size calculation of bpf trampoline archbpftrampolinesize provides JIT size of the BPF trampoline before the buffer for JIT'ing it is allocated. The total number of instructions emitted for BPF trampoline...

CVE-2025-38329

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Fix OOB memory read access in KUnit test wmfw info KASAN reported out of bounds access - csdspmockwmfwaddinfo, because the source string length was rounded up to the allocation size...

CVE-2025-38342

In the Linux kernel, the following vulnerability has been resolved: software node: Correct a OOB check in softwarenodegetreferenceargs softwarenodegetreferenceargs wants to get @index-th element, so the property value requires at least 'index + 1 sizeofref' bytes but that can not be guaranteed by...

CVE-2025-38337

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2journaldirtymetadata Since handle-htransaction may be a NULL pointer, so we should change it to call ishandleabortedhandle first before dereferencing it. And the following data-race w...

CVE-2025-38344

In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I work for National Security Research Institute of South Korea. I have been doing a research on ACPI and...

CVE-2025-38313

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix double-free on mcdev The blamed commit tried to simplify how the deallocations are done but, in the process, introduced a double-free on the mcdev variable. In case the MC device is a DPRC, a new mcbus is allocat...

CVE-2025-38300

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8icecipherprepare Fix two DMA cleanup issues on the error path in sun8icecipherprepare: 1 If dmamapsg fails for areq-dst, the device driver would try to free DMA memory it has no...