Astra Linux – Vulnerability in Linux 6.1

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

EUVD-2026-24893

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

Ring Cancels Its Partnership with Flock

It's a demonstration of how toxic the surveillance-tech company Flock has become when Amazon's Ring cancels the partnership between the two companies. As Hamilton Nolan advises, remove your Ring doorbell...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to cancel the work queue before it is cleared, potentially leading to reuse after...

CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

AZL-75147 CVE-2025-71149 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...

CVE-2025-71149

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-71149

CVE-2025-71149 is reported in multiple advisories as a Linux kernel io_uring/poll issue. The root cause is incorrect handling of the return value from io_poll_add() during updates, which can affect completion/event signaling (CQEs) for POLL_ADD/POLL_REMOVE scenarios. Affected advisories reference...

CVE-2025-71149

...

DRUPAL-CONTRIB-2025-067

This module enables you to pay for Commerce order to an environment provided and secured by the bank The module doesn't sufficiently verify the payment status on canceled orders. An attacker can issue a specially crafted request to update the order status to completed...

DRUPAL-CONTRIB-2025-066

This module enables you to pay for Commerce order to an environment provided and secured by the bank The module doesn't sufficiently verify the payment status on canceled orders. An attacker can issue a specially crafted request to update the order status to completed...

Commerce Alphabank Redirect - Moderately critical - Access bypass - SA-CONTRIB-2025-067

This module enables you to pay for Commerce order to an environment provided and secured by the bank The module doesn't sufficiently verify the payment status on canceled orders. An attacker can issue a specially crafted request to update the order status to completed...

Commerce Eurobank (Redirect) - Moderately critical - Access bypass - SA-CONTRIB-2025-066

This module enables you to pay for Commerce order to an environment provided and secured by the bank The module doesn't sufficiently verify the payment status on canceled orders. An attacker can issue a specially crafted request to update the order status to completed...

Open5GS 安全漏洞

Open5GS is Open5GS open source an open source implementation of 5G Core and Epc in C, the core network of the Lte/Nr network. A security vulnerability exists in Open5GS, which can be exploited to cause a denial of service by an attacker who sends a "handover canceled" message that lacks the...

CVE-2024-35852

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended...

SUSE CVE-2015-8378

In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...

CVE-2022-32952

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

The vulnerability of the Google Chrome browser’s Navigation function, related to insufficient validation of input data, allows attackers to compromise the integrity of data.

The vulnerability of the Google Chrome browser’s Navigation function is related to the improper handling of canceled requests. Exploiting this vulnerability allows a remote attacker to affect data integrity through a specially created HTML page...

CVE-2018-14378

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

UBUNTU-CVE-2015-8378

In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile...