3975 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-21995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix fence reference count leak The lastscheduled fence leaks when an entity is...
Linux Distros Unpatched Vulnerability : CVE-2022-49830
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/drv: Fix potential memory leak in drmdevinit drmdevinit will add drmdevinitrelease as a...
octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback
...
Linux Distros Unpatched Vulnerability : CVE-2023-52994
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: acpi: Fix suspend with Xen PV Commit f1e525009493 x86/boot: Skip realmode init code when...
Linux Distros Unpatched Vulnerability : CVE-2025-38130
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/connector: only call HDMI audio helper plugged cb if non-null On driver remove,...
SUSE CVE-2025-38440
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race between DIM disable and netdim There's a race between disabling DIM and NAPI callbacks using the dim pointer on the RQ or SQ. If NAPI checks the DIM state bit and sees it still set, it assumes rq-dim or sq-dim...
DEBIAN-CVE-2025-38473
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix null-ptr-deref in l2capsockresumecb syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar problem that was fixed by commit 1bff51ea59a9 "Bluetooth: fix use-after-free error in...
UBUNTU-CVE-2025-38473
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix null-ptr-deref in l2capsockresumecb syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar problem that was fixed by commit 1bff51ea59a9 "Bluetooth: fix use-after-free error in...
kernel: rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
A locking violation was found in the Linux kernel RCU-tasks subsystem's callback list initialization. During system boot, the initialization code calls prinfo while holding the rtp-cbsgbllock spinlock, causing a potentially sleeping function to be called in atomic context, which results in kernel...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference in the l2capsockresumecb function...
SUSE CVE-2025-38374
In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notifcallback for FF-A notifications. However, this function is called in an atomic context leading to errors like this when processing asynchronous...
CVE-2025-38390 firmware: arm_ffa: Fix memory leak by freeing notifier callback node
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
CVE-2025-38390
CVE-2025-38390 relates to the Linux kernel firmware/arm_ffa notifier callbacks. The issue arises from allocating and inserting a notifier callback node into a hashtable during registration, but during unregistration the code only removes the node from the hashtable without freeing the allocated m...
CVE-2025-38390 firmware: arm_ffa: Fix memory leak by freeing notifier callback node
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
CVE-2025-38390
In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Fix memory leak by freeing notifier callback node Commit e0573444edbf "firmware: armffa: Add interfaces to request notification callbacks" adds support for notifier callbacks by allocating and inserting a callba...
WordPress WP JobHunt plugin input validation error vulnerability
WordPress WP JobHunt plugin is a companion theme to the WP Job Manager plugin, designed for creating professional job boards. The WordPress WP JobHunt plugin suffers from an input validation error vulnerability that stems from a lack of user control key validation in the csremoveprofilecallback...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unreleased notification callback node could lead to a memory leak...
PT-2025-30555 · Invision Power Board · Invision Community
Name of the Vulnerable Software and Affected Versions: Invision Community versions 5.0.0 through 5.0.7 Description: The software contains a reflected cross-site scripting issue in the oauth/callback endpoint. Recommendations: Update to a version later than 5.0.7. As a temporary workaround, consid...
📄 Invision Community 5.0.7 Cross Site Scripting
Invision Community versions 5.0.7 and below have an issue where user input passed through the state POST parameter to the /oauth/callback/index.php script is not properly sanitized before being used to generate HTML output. This can be exploited by attackers to perform reflected cross site...