133 matches found
CVE-2023-53168
In the Linux kernel, the following vulnerability has been resolved: usb: ucsiacpi: Increase the command completion timeout Commit 130a96d698d7 "usb: typec: ucsi: acpi: Increase command completion timeout value" increased the timeout from 5 seconds to 60 seconds due to issues related to alternate...
CVE-2025-39804
In the Linux kernel, the following vulnerability has been resolved: lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts Restore the SIMD usability check that was removed by commit a59e5468a921 "crypto: arm64/poly1305 - Add block-only interface". This safety check is cheap and ...
CVE-2025-39767
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Optimize module load time by optimizing PLT/GOT counting When enabling CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD and CONFIGPREEMPTVOLUNTARY at the same time, there will be soft deadlock, the relevant logs are as follows...
CVE-2025-39705
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability Why A null pointer dereference vulnerability exists in the AMD display driver's DC module cleanup function dcdestruct. When display control context dc-ctx construction...
CVE-2025-52930
A memory corruption vulnerability exists in the BMPv3 RLE Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decompressing the image data from a specially crafted .bmp file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to...
CVE-2025-53518
An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted ABF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2025-38657
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89coremlsrswitch The "linkid" value comes from the user via debugfs. If it's larger than BITSPERLONG then that would result in shift wrapping and potentially an out of bounds access...
OPENSUSE-SU-2025:15479-1 ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 on GA media
These are all security issues fixed in the ruby3.4-rubygem-activerecord-8.0-8.0.1-2.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-38567
In the Linux kernel, the following vulnerability has been resolved: nfsd: avoid ref leak in nfsdopenlocalfh If two calls to nfsdopenlocalfh race and both successfully call nfsdfileacquirelocal, they will both get an extra reference to the net to accompany the file reference stored in pnf. One of...
CVE-2025-38577
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid panic in f2fsevictinode As syzbot 1 reported as below: R10: 0000000000000100 R11: 0000000000000206 R12: 00007ffe17473450 R13: 00007f28b1c10854 R14: 000000000000dae5 R15: 00007ffe17474520 --- end trace...
CVE-2025-38536
In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix potential use-after-free in airohanpuget np-name was being used after calling ofnodeputnp, which releases the node and can lead to a use-after-free bug. Previously, ofnodeputnp was called unconditionally after...
CVE-2025-38541
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: Fix null-ptr-deref in mt7925thermalinit devmkasprintf returns NULL on error. Currently, mt7925thermalinit does not check for this case, which results in a NULL pointer dereference. Add NULL check after...
CVE-2025-50154
creationtimestamp| type| source ---|---|--- 2025-08-12 16:01:32+00:00| seen| https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review 2025-08-12 17:43:14+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lw7udlbtfw25 2025-08-12 17:54:32+00:00| seen|...
CVE-2025-53134
creationtimestamp| type| source ---|---|--- 2025-08-12 16:01:32+00:00| seen| https://www.thezdi.com/blog/2025/8/12/the-august-2025-security-update-review...
Important: Red Hat Security Advisory: unbound security update
An update for unbound is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2025-45770
jwt v5.4.3 was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are expected to be set by an application, not by this library. This dispute is subject to review under CNA rules 4.1.4, 4.1.14, and other rules; the dispute tagging is not meant ...
firefox security update
An update is available for firefox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...
Debian: Security Advisory (DSA-5966-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-38336
In the Linux kernel, the following vulnerability has been resolved: ata: patavia: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device attached, it can also...
Ubuntu: Security Advisory (USN-7625-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...