APSB25-120 : Security update available for Adobe Creative Cloud Desktop

Adobe has released an update for the Creative Cloud Desktop for macOS. This update includes a fix for an important vulnerability that could lead to application denial-of-service in the context of the current user...

PT-2025-49721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Linux kernel related to the think-lmi module when displaying current settings. Specifically, when retrieving an item string using the tlmi setting function, t...

RARLAB WinRAR Path Traversal Vulnerability

RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user...

CVE-2023-53756 KVM: VMX: Fix crash due to uninitialized current_vmcs

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

CVE-2023-53756

Summary of CVE-2023-53756 (CVE-2023-53756) : The issue is in KVM with Intel VMX where MSR bitmap updates could use a per-CPU current_vmcs that may be uninitialized, allowing a NULL-dereference and potential crash on nested Hyper-V configurations. The root cause is the check for current_vmcs in ev...

CVE-2023-53756

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

CVE-2022-50626 media: dvb-usb: fix memory leak in dvb_usb_adapter_init()

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized currentvmcs, which could lead to memory corruption...

EUVD-2025-201599

A flaw has been found in Chanjet TPlus up to 20251121. Affected by this vulnerability is an unknown functionality of the file /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. This manipulation of the argument currentAccId causes sql injection. It is...

CVE-2025-14190 Chanjet TPlus sql injection

A flaw has been found in Chanjet TPlus up to 20251121. Affected by this vulnerability is an unknown functionality of the file /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. This manipulation of the argument currentAccId causes sql injection. It is...

CVE-2025-14190 Chanjet TPlus sql injection

A flaw has been found in Chanjet TPlus up to 20251121. Affected by this vulnerability is an unknown functionality of the file /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. This manipulation of the argument currentAccId causes sql injection. It is...

PT-2025-49403

Name of the Vulnerable Software and Affected Versions Chanjet TPlus versions prior to 20251121 Description A flaw exists in Chanjet TPlus that allows for SQL injection. The issue is related to the manipulation of the currentAccId argument within the file...

nios2: ensure that memblock.current_limit is set when setting pfn limits

...

CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

SUSE CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

[slackware-security] libpng

New libpng packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libpng-1.6.52-i586-1slack15.0.txz: Upgraded. This update fixes a high severity security issue: Out-of-bounds read in...

[slackware-security] httpd

New httpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.66-i586-1slack15.0.txz: Upgraded. This release fixes bugs and the following security issues: moduserdir+suexec bypass via...

CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

UBUNTU-CVE-2025-40245

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...

EUVD-2025-201214

In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...