CVE-2025-2155

CVE-2025-2155 affects Specto CM (Echo Call Center Services Trade and Industry Inc.). The vulnerability is an Unrestricted Upload of File with Dangerous Type, enabling Remote Code Inclusion. Affected versions are before 17032025. Root cause: improper file‑type validation allowing executable conten...

CVE-2025-2155 Arbitrary File Upload in EchoCCS's Specto CM

Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Remote Code Inclusion. This issue affects Specto CM: before 17032025...

CVE-2025-2154

CVE-2025-2154 is a Stored XSS vulnerability affecting Specto CM (Echo Specto Call Center Management) prior to version 17032025, caused by improper input neutralization during web page generation. The issue is documented across multiple sources (NVD, Red Hat, CVE listing) as a stored XSS in Specto...

CVE-2025-2154 Stored XSS in EchoCCS's Specto CM

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Echo Call Center Services Trade and Industry Inc. Specto CM allows Stored XSS. This issue affects Specto CM: before 17032025...

CVE-2022-50755

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid double brelse in udfrename syzbot reported a warning like below 1: VFS: brelse: Trying to free free buffer WARNING: CPU: 2 PID: 7301 at fs/buffer.c:1145 brelse+0x67/0xa0 ... Call Trace: invalidatebhlru+0x99/0x150...

CVE-2023-54113

In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke callrcu, will dump rcuhead objects memory info, if the objects is not allocated from the slab allocator, the vmallocdumpobj will be invoke and the vmaparealock...

UBUNTU-CVE-2022-50729

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix resource leak in ksmbdsessionrpcopen When ksmbdrpcopen fails then it must call ksmbdrpcidfree to undo the result of ksmbdipcidalloc...

CVE-2023-54108 scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests The following message and call trace was seen with debug kernels: DMA-API: qla2xxx 0000:41:00.0: device driver failed to check map error device address=0x00000002a3ff38d8...

CVE-2023-54073 tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site

In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 kernel BUG...

CVE-2023-53992 wifi: cfg80211: ocb: don't leave if not joined

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just confusing. Since set/clear the chandef state, that's a simple check...

CVE-2022-50711 net: ethernet: mtk_eth_soc: fix possible memory leak in mtk_probe()

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible memory leak in mtkprobe If mtkwedaddhw has been called, mtkwedexit needs be called in error path or removing module to free the memory allocated in mtkwedaddhw...

CVE-2025-68369

In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the dotruncate routine, causing the runlock uninitialized error reported by syzbot...

PT-2025-53146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the nfqnl nf hook drop function. This occurs when the ops init interface fails during net initialization, leading to an invalid...

PT-2025-53117

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the configfs create dir function that can lead to a memory leak. The issue arises from an incorrect reference count within the configfs make dirent...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a resource leak in the ksmbdsessionrpcopen function...

Echo Specto CM 代码问题漏洞

Echo Specto CM is a call center management system from Echo Turkey. A code issue vulnerability exists in versions prior to Echo Specto CM 17032025, which stems from an unrestricted upload of hazardous types of files, which could lead to remote code inclusion...

Echo Specto CM 跨站脚本漏洞

Echo Specto CM is a call center management system from Echo Turkey. A cross-site scripting vulnerability exists in versions prior to Echo Specto CM 17032025, which stems from improper input neutralization and could lead to a stored cross-site scripting attack...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a duplicate DMA mapping that could lead to a DMA-API call trace...

PT-2025-53114

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the init mqueue fs function within the message queue subsystem of the Linux kernel. The issue occurs when init mqueue fs fails after setup mq sysctls, and retire ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly contextualized call to fsnotify, which could lead to a deadlock...