20 matches found
Microsoft Office Multiple Vulnerabilities (Apr 2025) - Mac OS X
This host is missing an important security update for Microsoft Office on Mac OSX according to Microsoft security update April 2025 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2025-39728
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...
CVE-2025-22088
In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdmaacceptnewconn After the erdmacepputnewcep being called, newcep will be freed, and the following dereference will cause a UAF problem. Fix this issue...
CVE-2025-22026
In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...
CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...
CVE-2025-27732
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review 2025-05-19 23:03:00+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lpkokz2bns24...
CVE-2025-27486
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review...
CVE-2025-27730
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review...
CVE-2025-27743
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review...
CVE-2025-27484
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review...
CVE-2025-29808
creationtimestamp| type| source ---|---|--- 2025-04-08 16:14:25+00:00| seen| https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review 2025-04-08 17:46:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10967...
CVE-2025-20938
Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts...
PT-2025-15586 · Microsoft · Windows Kerberos +1
Name of the Vulnerable Software and Affected Versions: Windows Kerberos versions prior to April 2025 Patch Tuesday Description: A security-feature bypass vulnerability exists in Windows Kerberos due to insecure storage of sensitive information. Exploitation allows an authorized attacker to bypass...
CVE-2025-22000
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folioputrefsfolio, folionrpagesfolio should be used to drop all page cache refs. Otherwise...
CVE-2025-21903
In the Linux kernel, the following vulnerability has been resolved: mctp i3c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...
CVE-2025-21927
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...
CVE-2025-21969
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...
CVE-2023-52997
In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type being used as an array index, we need to prevent cpu speculation or risk leaking...
2025-04 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 (KB5055681)
2025-04 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10 Version 1809 KB5055681...
2025-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2 for x64 (KB5054979)
2025-04 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2 for x64 KB5054979...