EUVD-2025-205137

In the Linux kernel, the following vulnerability has been resolved: iommufd: Make sure to zero vfioiommutype1info before copying to user Missed a zero initialization here. Most of the struct is filled with a copyfromuser, however minsz for that copy is smaller than the actual struct by 8 bytes,...

EUVD-2025-205145

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...

EUVD-2025-205153

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds read in hdrdeletede Here is a BUG report from syzbot: BUG: KASAN: slab-out-of-bounds in hdrdeletede+0xe0/0x150 fs/ntfs3/index.c:806 Read of size 16842960 at addr ffff888079cc0600 by task...

EUVD-2025-205173

In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...

EUVD-2025-205165

In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...

EUVD-2025-205177

In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifsdeldeferredclose function has a critical section which modifies the deferred close file list. We must acquire deferredlock before calling cifsdeldeferredclose functi...

EUVD-2025-205040

Not used...

EUVD-2025-205030

Not used...

EUVD-2025-205042

A vulnerability was detected in code-projects Student Information System 1.0. This vulnerability affects unknown code of the file /profile.php. Performing manipulation of the argument firstname/lastname results in cross site scripting. The attack is possible to be carried out remotely. The exploi...

EUVD-2025-204812

NSF Unidata NetCDF-C Variable Name Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target...

EUVD-2025-204811

NSF Unidata NetCDF-C Dimension Name Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NSF Unidata NetCDF-C. User interaction is required to exploit this vulnerability in that the target...

EUVD-2025-204827

Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

EUVD-2025-204832

Hugging Face Transformers SEW convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the targe...

EUVD-2025-204831

Hugging Face Accelerate Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Accelerate. User interaction is required to exploit this vulnerability in that the target...

EUVD-2025-204823

Hugging Face Transformers SEW-D convertconfig Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...

EUVD-2025-204819

PMB 7.4.6 contains a SQL injection vulnerability in the storage parameter of the ajax.php endpoint that allows remote attackers to manipulate database queries. Attackers can exploit the unsanitized 'id' parameter by injecting conditional sleep statements to extract information or perform time-bas...

EUVD-2025-204842

A stack overflow in the src/main.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service DoS via injecting a crafted input into the filename parameter...

EUVD-2025-204862

This CVE id was assigned but later discarded...

EUVD-2025-204855

NVIDIA Isaac Launchable contains a vulnerability where an attacker could exploit a hard-coded credential issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, denial of service, and data tampering...

EUVD-2025-204798

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...