PT-2025-38327

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the Btrfs file system related to quota management. Specifically, the issue occurs when enabling quotas, where a transaction commit is followed by setting t...

PT-2025-38328

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null dereference issue was resolved in the Linux kernel related to the /proc/pid/smaps rollup functionality. The issue was introduced by commit 258f669e7e88, which converted the...

PT-2025-38410

Name of the Vulnerable Software and Affected Versions Press versions prior to commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615 Description Press, a Frappe custom app used for managing infrastructure, subscriptions, marketplace operations, and software-as-a-service SaaS, is susceptible to a flaw th...

CVE-2023-53348

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...

CVE-2025-35436

CISA Thorium uses '.unwrap' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27...

CVE-2025-35436

CISA Thorium uses '.unwrap' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27...

CVE-2025-35435

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6...

CVE-2025-35436 CISA Thorium account verification email error handling

CISA Thorium uses '.unwrap' to handle errors related to account verification email messages. An unauthenticated remote attacker could cause a crash by providing a specially crafted email address or response. Fixed in commit 6a65a27...

CVE-2025-35435 CISA Thorium download stream divide by zero

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6...

CVE-2025-35435 CISA Thorium download stream divide by zero

CISA Thorium accepts a stream split size of zero then divides by this value. A remote, authenticated attacker could cause the service to crash. Fixed in commit 89101a6...

CVE-2025-35435

CVE-2025-35435 affects CISA Thorium. The vulnerability arises when Thorium accepts a stream split size of zero and then divides by that value, potentially causing a service crash from a remote, authenticated attacker. The fixed version is implemented in commit 89101a6. Multiple connected document...

AZL-71903 CVE-2023-53348 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...

CVE-2023-53368 tracing: Fix race issue between cpu buffer write and swap

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at code: if RBWARNONcpubuffer, !localread&cpubuffer-committing WARNING: CPU: 0 PID: 139 at kernel/trace/ringbuffer.c:3142...

CVE-2023-53348

The CVE-2023-53348 issue affects the Linux kernel's Btrfs relocation workflow. Specifically, when relocating a block group, the scrub operation is paused during relocation and may deadlock if a transactional commit enters the critical section with a paused scrub. The vulnerability is resolved by ...

CVE-2023-53348 btrfs: fix deadlock when aborting transaction during relocation with scrub

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then do the relocation and then unpause scrub. The relocation process requires starting and committing a...

CVE-2022-50373

The CVE-2022-50373 entry describes a race in the Linux kernel's DLM lowcomms path: in fs/dlm, between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). The race can allow the final reference of a dlm_msg to be taken by queue_work(), causing msg->idx to contain garbage. A patch...

CVE-2022-50373 fs: dlm: fix race in lowcomms

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queuework in dlmlowcommscommitmsg and srcureadunlock. The queuework can take the final reference of a dlmmsg and so msg-idx can contain garbage which is signaled by th...

PT-2025-38227

Name of the Vulnerable Software and Affected Versions Swetrix Web Analytics API versions prior to 7d8b972 Description A directory traversal issue exists in Swetrix Web Analytics API 3.1.1 before commit 7d8b972. This allows a remote attacker to achieve Remote Code Execution via a crafted HTTP...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from failure to properly handle a suspended scrub operation when an error occurs during a transaction commit, whi...

PT-2025-38234

Name of the Vulnerable Software and Affected Versions: Thorium affected versions not specified Description: Thorium is susceptible to a crash issue stemming from accepting a stream split size of zero, which then leads to a division by zero error. This flaw allows a remote, authenticated attacker ...