UBUNTU-CVE-2025-40071

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

CVE-2025-40071

CVE-2025-40071 pertains to the Linux kernel tty n_gsm handling. The issue arises when opening a DLC channel: gsm_queue() processes frames and invokes gsm_dlci_open() → gsm_modem_update(). In basic encoding, gsm_modem_upd_via_msc() could block the input queue waiting for a Modem Status Command (MS...

EUVD-2025-36457

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

CVE-2025-40071 tty: n_gsm: Don't block input queue by waiting MSC

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the gsmmodemupdviamsc function potentially blocking the input queue when processing basic mode, which could...

Linux Distros Unpatched Vulnerability : CVE-2025-40071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls...

SUSE-SU-2025:3809-1 Security update for rabbitmq-server

This update for rabbitmq-server fixes the following issues: - CVE-2025-50200: prevented logging of Basic Auth header from HTTP requests bsc1245105 - fixed a bad logrotate configuration that allowed escalation from rabbitmq to root, /var/log/rabbitmq ownership is now 750 bsc1246091...

EUVD-2025-36041

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Brecht WP Recipe Maker wp-recipe-maker allows Code Injection.This issue affects WP Recipe Maker: from n/a through = 10.1.1...

Malicious code in react-alerts-template-basic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea74fdb0b572b194c03927e7ed2eb81658a849eb093b395f77d6b74db3b1d7ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-35788

Malicious code in react-alerts-template-basic npm...

TOTOLINK N600R setWiFiBasicConfig function stack buffer overflow vulnerability

TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, which supports 2.4GHz and 5GHz dual-band concurrency with a maximum wireless transmission rate of 300Mbps. The TOTOLINK N600R suffers from a stack buffer overflow vulnerability, which stems from the failure o...

CVE-2025-60334

TOTOLINK N600R v4.3.0cu.7866B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

CVE-2025-11957

Improper authorization in the temporary access workflow of Devolutions Server 2025.2.12.0 and earlier allows an authenticated basic user to self-approve or approve the temporary access requests of other users and gain unauthorized access to vaults and entries via crafted API requests...

ath11k: Change max no of active probe SSID and BSSID to fw capability

...

CVE-2025-60334

TOTOLINK N600R v4.3.0cu.7866B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2025-43380

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.12.0 and earlier Description A flaw in the temporary access workflow permits a user with basic authentication to approve their own temporary access requests or those of other users. This can lead to...

CVE-2025-60334

TOTOLINK N600R v4.3.0cu.7866_B20220506 is affected by a stack overflow in the ssid parameter within the setWiFiBasicConfig function, enabling a crafted input to cause a Denial of Service. The issue is reported across multiple sources (CNVD, Red Hat, NVD, CNNVD, PT Security) and stems from inadequ...

EUVD-2022-54708

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix resource leak in lpfcsli4sendseqtoulp If no handler is found in lpfccompleteunsoliocb to match the rctl of a received frame, the frame is dropped and resources are leaked. Fix by returning resources when discardin...

CVE-2025-55035

Mattermost Desktop App versions =5.13.0 fail to manage modals in the Mattermost Desktop App that stops a user with a server that uses basic authentication from accessing their server which allows an attacker that provides a malicious server to the user to deny use of the Desktop App via having th...