7640 matches found
UBUNTU-CVE-2022-49485
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix null pointer dereference of pointer perfmon In the unlikely event that pointer perfmon is null the WARNON return path occurs after the pointer has already been deferenced. Fix this by only dereferencing perfmon after...
CVE-2022-49130
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
CVE-2022-49559
CVE-2022-49559 (Linux kernel, KVM/x86) is resolved. The issue involved dropping WARNs that incorrectly assumed KVM cannot let a triple fault (KVM_REQ_TRIPLE_FAULT) escape from L2 to L1. The vulnerability could be triggered when userspace injects a machine check while L2 is active with CR4.MCE=0, ...
CVE-2022-49130 ath11k: mhi: use mhi_sync_power_up()
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
CVE-2022-49130 ath11k: mhi: use mhi_sync_power_up()
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
CVE-2022-49130
In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod ath11kpci'. The reason for that was that we were using mhiasyncpowerup which does not check any errors. But mhisyncpowerup on the other hand...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of bounds checking in vmaccess...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient integrity checking of inlinedots inode in f2fs...
ROS-20250226-03
Vulnerability of MongoDB database management system is related to incorrect consistency checking in the input data during index processing with PrepareUnique parameter. input data during index processing with PrepareUnique parameter. Exploitation of the vulnerability could allow an attacker actin...
Moodle 安全漏洞
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. A vulnerability exists in Moodle for privilege issues. The vulnerability stems from insufficient permission checking that allo...
Vyper 安全漏洞
Vyper is a Pythonic smart contract language for EVM open sourced by vyperlang. A security vulnerability exists in Vyper that stems from improper boundary checking for dynamic array operations...
CVE-2025-21691
In the Linux kernel, the following vulnerability has been resolved: cachestat: fix page cache statistics permission checking When the 'cachestat' system call was added in commit cf264e1329fb "cachestat: implement cachestat syscall", it was meant to be a much more convenient and performant version...
Astra Linux – Vulnerability in WebKit2GTK
A vulnerability related to out-of-bounds reads has been addressed through improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, and watchOS 10.6. Processing maliciously crafted web content...
Astra Linux – Vulnerability in WebKit2GTK
A out-of-bounds access issue has been addressed through improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, and watchOS 10.6. Processing maliciously crafted web content may lead to an...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Platform/x86: panasonic-laptop: Fixed out-of-bounds accesses to the SINF array. The panasonic laptop code in various places uses the SINF array with index values ranging from 0 to SINFCURBRIGHT0x0d, without checking whether the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting a rather old issue 1 that occurs due to incomplete checking of existing USB endpoints. As a result, incorrect endpoint types may be used during the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Added bounds checking to mienumattr. Bounds checking was added to ensure that no attribute stray beyond the valid memory region...
CVE-2025-1211
Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery SSRF due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://[email protected]/, the URI function will parse and see the host as 127.0.0.1 which is correct, and hackney...
CVE-2025-1211
Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery SSRF due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://[email protected]/, the URI function will parse and see the host as 127.0.0.1 which is correct, and hackney...
CVE-2025-1211
Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery SSRF due to improper parsing of URLs by URI built-in module and hackey. Given the URL http://[email protected]/, the URI function will parse and see the host as 127.0.0.1 which is correct, and hackney...