720 matches found
CVE-2025-10063 itsourcecode POS Point of Sale System deferred_table.php cross site scripting
A vulnerability was identified in itsourcecode POS Point of Sale System 1.0. This vulnerability affects unknown code of the file /inventory/main/vendors/datatables/unittesting/templates/deferredtable.php. The manipulation of the argument scripts leads to cross site scripting. Remote exploitation ...
CVE-2025-10063
The CVE concerns itsourcecode POS Point of Sale System 1.0 with a Cross-Site Scripting (XSS) vulnerability in the file /inventory/main/vendors/datatables/unit_testing/templates/deferred_table.php. The root cause is lack of proper filtering/escaping of input in the scripts parameter, enabling an a...
PT-2025-36402
Name of the Vulnerable Software and Affected Versions: itsourcecode POS Point of Sale System version 1.0 Description: A vulnerability exists in itsourcecode POS Point of Sale System that allows for cross site scripting. The vulnerability affects unknown code within the file...
CVE-2025-39721 crypto: qat - flush misc workqueue during device shutdown
In the Linux kernel, the following vulnerability has been resolved: crypto: qat - flush misc workqueue during device shutdown Repeated loading and unloading of a device specific QAT driver, for example qat4xxx, in a tight loop can lead to a crash due to a use-after-free scenario. This occurs when...
CVE-2025-38722 habanalabs: fix UAF in export_dmabuf()
In the Linux kernel, the following vulnerability has been resolved: habanalabs: fix UAF in exportdmabuf As soon as we'd inserted a file reference into descriptor table, another thread could close it. That's fine for the case when all we are doing is returning that descriptor to userland it's a...
net: bridge: switchdev: Skip MDB replays of deferred events on offload
...
Linux Distros Unpatched Vulnerability : CVE-2025-38656
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if...
SUSE CVE-2025-38656
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
AZL-78267 CVE-2025-38656 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
AZL-71023 CVE-2025-38656 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
UBUNTU-CVE-2025-38656
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
CVE-2025-38656
CVE-2025-38656 affects the Linux kernel’s wifi iwlwifi path (iwl_op_mode_dvm_start). The vulnerability stems from preserving the error code when iwl_setup_deferred_work() fails; the code previously returned ERR_PTR(0) (NULL), which could cause a use-after-free involving debugfs. A patch has been ...
CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
CVE-2025-38656
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Fix error code in iwlopmodedvmstart Preserve the error code if iwlsetupdeferredwork fails. The current code returns ERRPTR0 which is NULL on this path. I believe the missing error code potentially leads to a use...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from iwlwifi dvm not retaining an error code when iwlsetupdeferredwork fails, which could lead to reuse after...
PT-2025-34417
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue within the iwlwifi module related to error handling in the iwl op mode dvm start function. Specifically, the code was returning an incorrect error co...
SUSE CVE-2025-38612
In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...
AZL-73608 CVE-2025-38612 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...
UBUNTU-CVE-2025-38612
In the Linux kernel, the following vulnerability has been resolved: staging: fbtft: fix potential memory leak in fbtftframebufferalloc In the error paths after fbinfo structure is successfully allocated, the memory allocated in fbdeferredioinit for info-pagerefs is not freed. Fix that by adding t...
CVE-2025-38520
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Don't call mmput from MMU notifier callback If the process is exiting, the mmput inside mmu notifier callback from compactd or fork or numa balancing could release the last reference of mm struct to call exitmmap and...