2988 matches found
CVE-2025-68216
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Disable trampoline for kernel module function trace The current LoongArch BPF trampoline implementation is incompatible with tracing functions in kernel modules. This causes several severe and user-visible problem...
CVE-2025-68190
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/atom: Check kcalloc for WS buffer in amdgpuatomexecutetablelocked kcalloc may fail. When WS is non-zero and allocation fails, ectx.ws remains NULL while ectx.wssize is set, leading to a potential NULL pointer dereferen...
CVE-2023-53827
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2capdisconnectreq,rsp Similar to commit d0be8347c623 "Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput", just use l2capchanholdunlesszero to prevent referencing a channel that i...
CVE-2023-53852
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchapsecretstore Free dhchapsecret in nvmectrldhchapsecretstore before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 size 64: comm "check", pid 22048, jiffies 4344316705...
CVE-2023-53841
In the Linux kernel, the following vulnerability has been resolved: devlink: report devlinkporttypewarn source device devlinkporttypewarn is scheduled for port devlink and warning when the port type is not set. But from this warning it is not easy found out which device driver has no devlink port...
CVE-2023-53746
In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...
CVE-2025-40264
In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrbparams in case of OS2BMC beinsertvlaninpkt is called with the wrbparams argument being NULL at besendpkttobmc call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific...
CVE-2025-12819
Untrusted search path in authquery connection handler in PgBouncer before 1.25.1 allows an unauthenticated attacker to execute arbitrary SQL during authentication via a malicious searchpath parameter in the StartupMessage...
GHSA-G7RM-8PW5-WVG2 vulnerabilities
Vulnerabilities for packages: linux-aws, linux-gcp, linux-azure...
Linux Distros Unpatched Vulnerability : CVE-2025-13837
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...
CVE-2025-63938
Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the stripreturnport function within src/reqs.c...
CVE-2025-64505
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. Prior to version 1.6.51, a heap buffer over-read vulnerability exists in libpng's pngdoquantize function when processing PNG files with malformed palette...
CVE-2025-65501
Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...
CVE-2025-65493
NULL pointer dereference in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS/TLS connection that triggers BIOgetdata to return NULL...
Linux Distros Unpatched Vulnerability : CVE-2025-11935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the...
CVE-2025-40210
In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...
CVE-2025-64756
Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...
CVE-2025-64718
js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the result of a parsed yaml document via prototype pollution proto. All users who parse untrusted yaml documents may be impacted. The problem is patched in...
CVE-2025-40192
In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in ...
CVE-2025-40145
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devmaddactionorreset failure When devmaddactionorreset fails, it calls the passed cleanup function. Hence the caller must not repeat that cleanup. Replace the "goto errregulatorfree" by the actu...