SUSE CVE-2025-68237

In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so that's capped at U32MAX...

PT-2025-51951

Name of the Vulnerable Software and Affected Versions Rukovoditel version 3.3.1 Description The software contains a CSV injection issue that allows authenticated users to inject malicious formulas into the firstname field. An attacker can create payloads, such as =calc|a!z|, to execute code when ...

Rukovoditel 安全漏洞

Rukovoditel is a web-based open source project management software from the Rukovoditel team. The software features project management, customer relationship management, and more. A security vulnerability exists in Rukovoditel version 3.3.1, which stems from improper cleaning of the firstname fie...

phpMyFAQ 安全漏洞

phpMyFAQ is a multilingual, fully database-driven FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ version 3.1.12, which stems from the ability of authenticated users to inject malicious formulas into their profile names, potentially leading to CS...

PT-2025-51967

Name of the Vulnerable Software and Affected Versions phpMyFAQ version 3.1.12 Description The software contains a CSV injection flaw that permits authenticated users to inject malicious formulas into their profile names. An attacker can modify their user profile name with a payload such as...

ProjectSend 安全漏洞

ProjectSend cFTP is the ProjectSend open source suite of self-hosted applications based on PHP and MySQL. A security vulnerability exists in ProjectSend cFTP version r1605, which stems from improper cleanup of the user profile name field and could lead to a CSV injection attack...

PT-2025-51943

Name of the Vulnerable Software and Affected Versions ProjectSend version r1605 Description ProjectSend version r1605 contains a CSV injection flaw. Authenticated users can inject malicious formulas into user profile names. An attacker can use a payload like =calc|a!z| within the name field. When...

CVE-2025-65834

Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely large numbers, the application attempts to allocate excessive memory during image...

CVE-2025-68316 scsi: ufs: core: Fix invalid probe error return value

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

EUVD-2025-203668

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...

UBUNTU-CVE-2025-68281

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...

CVE-2025-34412

The Convercent Whistleblowing Platform operated by EQS Group contains a protection mechanism failure in its browser and session handling. By default, affected deployments omit HTTP security headers such as Content-Security-Policy, Referrer-Policy, Permissions-Policy, Cross-Origin-Embedder-Policy,...

CVE-2025-68281

The CVE-2025-68281 entry concerns the Linux kernel ASoC SDCA component. The root cause is a mismatch in the sdca_control structure where the values field is declared as an integer array but memory was allocated as a char array, causing a crash in the sdca_parse_function API. A patch was applied t...

CVE-2025-68281 ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...

CVE-2025-68266

The CVE-2025-68266 entry concerns Linux kernel BFS filesystem handling when loading file types from disk. The root cause is that S_IFMT bits of inode->i_mode can become bogus if the 32-bit mode or attributes fields loaded from disk are corrupted. The Linux kernel documentation indicates BFS us...

CVE-2025-68228 drm/plane: Fix create_in_format_blob() return value

In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix createinformatblob return value createinformatblob is either supposed to return a valid pointer or an error, but never NULL. The caller will dereference the blob when it is not an error, and thus will oops if NULL...

CVE-2025-68228

CVE-2025-68228 concerns the Linux kernel DRM plane code: specifically create_in_format_blob() could return NULL instead of a valid pointer or an error, causing a potential kernel oops when the blob is dereferenced. The issue is resolved by returning proper error values in failure cases. Multiple ...

SUSE CVE-2025-66411

Coder allows organizations to provision remote development environments via Terraform. Prior to 2.26.5, 2.27.7, and 2.28.4, Workspace Agent manifests containing sensitive values were logged in plaintext unsanitized. An attacker with limited local access to the Coder Workspace VM, K8s Pod etc. or ...

PT-2025-51622

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the mlx5 driver related to the creation of completion queues CQs. Currently, CQs without a completion function are assigned the mlx5 add cq to tasklet...

CVE-2023-53873

SyncBreeze 15.2.24 contains a denial of service vulnerability in the login authentication mechanism that allows attackers to crash the service. Attackers can send an oversized password parameter with repeated 'password=' values to overwhelm the login endpoint and potentially disrupt service...