CVE-2025-21824

In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 "gpu: host1x: Fix boot regression for Tegra" caused a use of uninitialized mutex leading to below warning when CONFIGDEBUGMUTEXES and CONFIGDEBUGLOCKALLOC are...

CVE-2025-21824 gpu: host1x: Fix a use of uninitialized mutex

In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 "gpu: host1x: Fix boot regression for Tegra" caused a use of uninitialized mutex leading to below warning when CONFIGDEBUGMUTEXES and CONFIGDEBUGLOCKALLOC are...

CVE-2025-25730

An issue in Motorola Mobility Droid Razr HD Model XT926 System Version: 9.18.94.XT926.Verizon.en.US allows physically proximate unauthorized attackers to access USB debugging, leading to control of the host device itself...

VulnCheck KEV: CVE-2024-29291

An issue in Laravel Framework 8 through 11 might allow a remote attacker to discover database credentials in storage/logs/laravel.log. NOTE: this is disputed by multiple third parties because the owner of a Laravel Framework installation can choose to have debugging logs, but needs to set the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the use of uninitialized mutex locks, resulting in debugging warnings...

CVE-2025-25730

An issue in Motorola Mobility Droid Razr HD Model XT926 System Version: 9.18.94.XT926.Verizon.en.US allows physically proximate unauthorized attackers to access USB debugging, leading to control of the host device itself...

PT-2025-9030 · Motorola Mobility · Droid Razr Hd

Name of the Vulnerable Software and Affected Versions: Motorola Mobility Droid Razr HD version 9.18.94.XT926.Verizon.en.US Description: An issue in the device allows physically proximate unauthorized attackers to access USB debugging, leading to control of the host device itself. This issue can b...

CVE-2025-25730

CVE-2025-25730 affects Motorola Mobility Droid Razr HD (Model XT926, Verizon.en.US) System Version 9.18.94.XT926. Verbatim descriptions indicate that physically proximate, unauthorized attackers can access USB debugging, potentially gaining control of the host device. The connected documents corr...

The vulnerability of the Supportsave component of the Brocade SANnav network management software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Supportsave software component for managing SAN networks in Brocade’s SANnav systems is related to the disclosure of information in debugging messages. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

CVE-2022-49662

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6dumpaddrs As reported by syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: suspicious RCU usage 5.19.0-rc2-syzkaller 0 Not tainted net/ipv6/addrconf.c:5175 suspicious...

CVE-2022-49648

In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Fix memory leak problem This reverts commit 46bbe5c671e06f070428b9be142cc4ee5cedebac. As commit 46bbe5c671e0 "tracing: fix double free" said, the "double free" problem reported by clang static analyzer is: In...

CVE-2022-49330 tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpmtupprobesuccess vs wrong sndcwnd syzbot got a new report 1 finally pointing to a very old bug, added in initial support for MTU probing. tcpmtuprobe has checks about starting an MTU probe if tcpsndcwndtp = 11. But...

CVE-2022-49081 highmem: fix checks in __kmap_local_sched_{in,out}

In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in kmaplocalschedin,out When CONFIGDEBUGKMAPLOCAL is enabled kmaplocalschedin,out check that even slots in the tsk-kmapctrl.pteval are unmapped. The slots are initialized with 0 value, but the check is done wi...

openSUSE 15 Security Update : radare2 (openSUSE-SU-2025:0072-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2025:0072-1 advisory. - CVE-2025-1378: Fixed memory corruption boo1237250 https://github.com/radareorg/radare2/releases/tag/5.9.0 Update to version 5.8.8: For details, check...

CVE-2025-22962

A critical remote code execution RCE vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters when debugging mode is enabled. An attacker with a valid session ID sessid can send specially crafted POST requests to the /json endpoint, enabling arbitrary...

CVE-2022-32506

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash...

CVE-2025-22962

A critical remote code execution RCE vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters when debugging mode is enabled. An attacker with a valid session ID sessid can send specially crafted POST requests to the /json endpoint, enabling arbitrary...

OSV-2025-111 Stack-buffer-overflow in absl::debugging_internal::ParseLocalNameSuffix

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=395959258 Crash type: Stack-buffer-overflow WRITE 1 Crash state: absl::debugginginternal::ParseLocalNameSuffix absl::debugginginternal::ParseName absl::debugginginternal::ParseClassEnumType...

CVE-2025-22962

A critical remote code execution RCE vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters when debugging mode is enabled. An attacker with a valid session ID sessid can send specially crafted POST requests to the /json endpoint, enabling arbitrary...

CVE-2025-22962

The CVE-2025-22962 issue affects GatesAir Maxiva UAXT and VAXT transmitters’ web-based management interface. The root cause is improper request handling when debugging mode is enabled, allowing an attacker with a valid sess_id to send crafted POST requests to /json and achieve arbitrary command e...