Lucene search
K

567 matches found

NVD
NVD
added 2025/12/30 1:16 p.m.3 views

CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

7.8CVSS0.0013EPSS
Exploits0References6
OSV
OSV
added 2025/12/30 1:16 p.m.11 views

AZL-78377 CVE-2023-54207 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

7.8CVSS5.6AI score0.0013EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.4 views

CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

7.8CVSS6.6AI score0.0013EPSS
Exploits0References19
OSV
OSV
added 2025/12/30 1:16 p.m.5 views

UBUNTU-CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

7.8CVSS5.7AI score0.0013EPSS
Exploits0References20
Debian CVE
Debian CVE
added 2025/12/30 12:11 p.m.3 views

CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

7.8CVSS6.2AI score0.0013EPSS
Exploits0
Cvelist
Cvelist
added 2025/12/30 12:11 p.m.20 views

CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

0.0013EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992275)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992275 advisory. In the Linux kernel, the following vulnerability has been resolved: PNP: fix name memory leak in pnpallocdev After commit 1fa5ae857bb1 driver core: get rid of struct...

5.5CVSS5.8AI score0.0015EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2023-54207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the...

7.8CVSS7.1AI score0.0013EPSS
Exploits0References3
OSV
OSV
added 2025/12/24 1:6 p.m.4 views

CVE-2022-50772 netdevsim: fix memory leak in nsim_bus_dev_new()

In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsimbusdevnew If deviceregister failed in nsimbusdevnew, the value of reference in nsimbusdev-dev is 1. obj-name in nsimbusdev-dev will not be released. unreferenced object 0xffff88810352c480 size 16...

6.4AI score0.00195EPSS
Exploits0References5
OSV
OSV
added 2025/12/24 12:22 p.m.8 views

CVE-2022-50734 nvmem: core: Fix memleak in nvmem_register()

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...

6.4AI score0.002EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/12/24 12:22 p.m.26 views

CVE-2022-50734 nvmem: core: Fix memleak in nvmem_register()

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...

0.002EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53038

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the nvmem register function within the Linux kernel's nvmem core. The dev set name function allocates memory for nvmem-dev.kobj.name, but this memory is not freed...

6.2AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.3 views

PT-2025-53138

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the nsim bus dev new function within the netdevsim module of the Linux kernel. If device register fails during the execution of this function, the dev reference i...

6.4AI score0.00195EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991205)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991205 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: trigger: sysfs: fix possible memory leak in iiosysfstriginit devsetname allocates memory for...

5.5CVSS6.1AI score0.00188EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.34 views

PT-2025-50332

Hi All, Looking at the Action1 reports, and unable to see anything which would be useful to for reporting from for the vulnerability of devices. I'm looking for an export with the data similar to the below DeviceName, CveId, Severity, CVSS, PatchAvailable, Product, OS, LastSeen PC-001,...

6.5CVSS6.8AI score0.01593EPSS
Exploits13References1
CNVD
CNVD
added 2025/12/10 12:0 a.m.3 views

Advantech WISE-DeviceOn Server Cross-Site Scripting Vulnerability (CNVD-2025-3097302)

Advantech WISE-DeviceOn Server is Advantech's next-generation unified device management solution based on the WISE-DeviceOn platform. Advantech WISE-DeviceOn Server suffers from a cross-site scripting vulnerability that originates from the lack of effective filtering and escaping of user-supplied...

5.4CVSS6.3AI score0.00182EPSS
Exploits0References1
CVE
CVE
added 2025/12/05 5:16 p.m.12 views

CVE-2025-34262

Advantech WISE-DeviceOn Server has a stored XSS in /rmm/v1/devices/name/{agent_id} affecting versions prior to 5.4. An authenticated user can rename a device; the new_name is stored and later rendered in listings/details without HTML escaping, allowing injected script to run in the browser contex...

5.4CVSS5AI score0.00182EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-66221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. O...

6.3CVSS6.5AI score0.00474EPSS
Exploits0References2
Snyk
Snyk
added 2025/11/29 3:39 a.m.4 views

Improper Handling of Windows Device Names

Overview Affected versions of this package are vulnerable to Improper Handling of Windows Device Names via the safejoin function. An attacker can cause the application to hang indefinitely by requesting a path ending with a Windows special device name, e.g. CON or NUL. Note: This is only vulnerab...

6.3CVSS6.8AI score0.00474EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/29 12:0 a.m.5 views

Werkzeug 安全漏洞

Werkzeug is a comprehensive WSGI web application library open-sourced by Pallets. A security vulnerability exists in Werkzeug versions prior to 3.1.4, which stems from improper handling of Windows device names by the safejoin function, which may result in file read hangs...

6.3CVSS6.3AI score0.00474EPSS
Exploits0References3
Rows per page
Query Builder