113 matches found
SUSE CVE-2025-71290
In the Linux kernel, the following vulnerability has been resolved: misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is automatically released when the loop scope ends...
CVE-2025-71290 misc: ti_fpc202: fix a potential memory leak in probe function
In the Linux kernel, the following vulnerability has been resolved: misc: tifpc202: fix a potential memory leak in probe function Use foreachchildofnodescoped to simplify the code and ensure the device node reference is automatically released when the loop scope ends...
GHSA-FPJQ-C37H-CQCV Kyverno Controller Denial of Service via forEach Mutation Panic
Summary An unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller into a persistent CrashLoopBackOff. The same bug also causes the admission controller to drop connections and blo...
Reachable Assertion
Overview Affected versions of this package are vulnerable to Reachable Assertion via the forEach mutation handler. An attacker can cause the cluster-wide background controller to crash into a persistent CrashLoopBackOff and disrupt all matching resource operations by creating a specially crafted...
EUVD-2026-25392
Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...
Siemens SIMATIC S7-1500 Use After Free (CVE-2025-38212)
In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, 0 0: https://lore.ke rnel.org/all/[email protected]/ idrforeach is protected by rwsem, but th...
SUSE CVE-2026-23175
In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38212)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38212 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using R...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21865)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21865 advisory. - In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in...
CVE-2025-65349
A Stored Cross-Site Scripting XSS vulnerability in Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to execute arbitrary scripts via a crafted payload due to unsanitized repeater AP SSID value when is displayed in any page at...
Each Italy Wireless Mini Router WIRELESS-N 300M has security vulnerabilities
The Each Italy Wireless Mini Router WIRELESS-N 300M is a wireless router produced by Each Italy. There is a security vulnerability in the version v28K.MiniRouter.20190211 of the Each Italy Wireless Mini Router WIRELESS-N 300M. This vulnerability stems from the lack of cleaning of the repeater AP...
Each Italy Wireless Mini Router WIRELESS-N 300M has code-related vulnerabilities.
The Each Italy Wireless Mini Router WIRELESS-N 300M is a wireless router produced by Each Italy. There are code vulnerabilities in versions prior to 6.10.5 and 6.11.1, which stem from insecure .NET Remoting exposure in the SmartCardController service. These vulnerabilities could lead to arbitrary...
CVE-2025-49354
Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category recent-posts-from-each-category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through = 1.4...
CVE-2025-49354
Technical details for CVE-2025-49354 are not provided in the supplied documents; no product, vendor, impact, or remediation specifics are disclosed here. Monitor for official updates.
EUVD-2025-205880
Cross-Site Request Forgery CSRF vulnerability in Mindstien Technologies Recent Posts From Each Category allows Stored XSS.This issue affects Recent Posts From Each Category: from n/a through 1.4...
PT-2025-54280
Name of the Vulnerable Software and Affected Versions Mindstien Technologies Recent Posts From Each Category versions 1.4 and earlier Description The Recent Posts From Each Category plugin contains a Cross-Site Request Forgery CSRF issue and a Stored Cross-Site Scripting XSS issue. The CSRF flaw...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993099)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993099 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in mesonvpuhasavailableconnectors In this function, there are two...
CVE-2022-50868
In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...
CVE-2022-50868 hwrng: amd - Fix PCI device refcount leak
In the Linux kernel, the following vulnerability has been resolved: hwrng: amd - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count for...
EUVD-2023-60296
In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...