13587 matches found
CVE-2025-21956
CVE-2025-21956 : In the Linux kernel, drm/amd/display incorrectly handled color depth 14, triggering a warning in amdgpu when running on Radeon RX 6600 XT. The issue is resolved by assigning the pixel clock as pix_clk * (14 * 3) / 24, aligning with other color depths, and also fixes indentation i...
PT-2025-14312
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version containing commit b15c87263a69 Description A vulnerability in the Linux kernel has been resolved, related to the handling of hwpoisoned pages. The issue arises when the folio lock is not held before...
llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.
...
llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.
...
CVE-2022-49757 EDAC/highbank: Fix memory leak in highbank_mc_probe()
In the Linux kernel, the following vulnerability has been resolved: EDAC/highbank: Fix memory leak in highbankmcprobe When devresopengroup fails, it returns -ENOMEM without freeing memory allocated by edacmcalloc. Call edacmcfree on the error handling path to avoid a memory leak. bp: Massage comm...
The vulnerability of the `commit_planes_for_stream()` function in the drivers/gpu/drm/amd/display/dc/core/dc.c kernel of the Linux operating system allows a hacker to trigger a service failure.
The vulnerability of the commitplanesforstream function in the drivers/gpu/drm/amd/display/dc/core/dc.c file of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2024-11039
A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...
PT-2025-16753
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the ext4 file system. The issue occurs when the journal is being destroyed, and an error handling path attempts to start...
CVE-2024-11039
A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...
PYSEC-2025-94
A Regular Expression Denial of Service ReDoS vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. The server uses the regex pattern r'+' to parse user input. In Python's default regex engine, this pattern can take polynomial time to match certain crafted inputs. An attacker c...
CVE-2024-11039 Deserialization of Untrusted Data in binary-husky/gpt_academic
A pickle deserialization vulnerability exists in the Latex English error correction plug-in function of binary-husky/gptacademic versions up to and including 3.83. This vulnerability allows attackers to achieve remote command execution by deserializing untrusted data. The issue arises from the...
llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.
...
Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2025-1239)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-21852 net: Add rx_skb of kfree_skb to raw_tp_null_args[].
In the Linux kernel, the following vulnerability has been resolved: net: Add rxskb of kfreeskb to rawtpnullargs. Yan Zhai reported a BPF prog could trigger a null-ptr-deref 0 in tracekfreeskb if the prog does not check if rxsk is NULL. Commit c53795d48ee8 "net: add rxsk to tracekfreeskb" added rx...
CVE-2025-21845 mtd: spi-nor: sst: Fix SST write failure
In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: sst: Fix SST write failure 'commit 18bcb4aa54ea "mtd: spi-nor: sst: Factor out common write operation to sstnorwritedata"' introduced a bug where only one byte of data is written, regardless of the number of bytes...
CVE-2025-2173
A vulnerability was found in libzvbi up to 0.2.43. It has been classified as problematic. Affected is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to uninitialized pointer. It is possible to launch the attack remotely. The exploit has...
CVE-2025-2176
A vulnerability classified as critical has been found in libzvbi up to 0.2.43. This affects the function vbicapturesimloadcaption of the file src/io-sim.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...
CVE-2025-2174
A vulnerability was found in libzvbi up to 0.2.43. It has been declared as problematic. Affected by this vulnerability is the function vbistrndupiconvucs2 of the file src/conv.c. The manipulation of the argument srclength leads to integer overflow. The attack can be launched remotely. The exploit...
CVE-2025-27518
CVE-2025-27518 affects Cognita (the RAG framework) backend server. The issue is an insecure CORS configuration that allows arbitrary websites to send cross-site requests to the Cognita application. Root cause: misconfigured CORS on the backend. Reported impact is that cross-origin requests could ...
Linux Distros Unpatched Vulnerability : CVE-2022-48920
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transaction commit we...