CVE-2025-15251 beecue FastBee SIP Message ReqAbstractHandler.java getRootElement xml external entity reference

A vulnerability was detected in beecue FastBee up to 2.1. Impacted is the function getRootElement of the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java of the component SIP Message Handler. The manipulation results in xml external entit...

CVE-2025-15251

The CVE-2025-15251 entry describes a vulnerability in beecue FastBee (SIP Message Handler) up to version 2.1. The issue is in getRootElement (springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java) and manifests as an XML External Entity (XXE) refer...

CVE-2023-54212

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2022-50880

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: add peer map clean up for peer delete in ath10kstastate When peer delete failed in a disconnect operation, use-after-free detected by KFENCE in below log. It is because for each vdevid and address, it has only one...

CVE-2023-54212

...

CVE-2023-54212

CVE-2023-54212 is rejected/not used as per the initial description.

CVE-2025-65570

A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992210)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992210 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypidiscoverclocks relies on...

CVE-2025-65570

A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...

CVE-2025-65570

A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...

CVE-2025-65570

A type confusion in jsish 2.0 allows incorrect control flow during execution of the OPNEXT opcode. When an “instanceof” expression uses an array element access as the left-hand operand inside a for-in loop, the instructions implementation leaves an additional array reference on the stack rather...

SUSE CVE-2025-14178

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE, due to an integer overflow in the precomputation of...

CVE-2025-14178

In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE, due to an integer overflow in the precomputation of...

CVE-2025-14178

CVE-2025-14178 is a heap-based buffer overflow in PHP's array_merge() that can occur when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts (zend_hash_num_elements). The issue affects PHP 8.1.x, 8.2.x,...

SUSE-SU-2025:4522-1 Security update for python39

This update for python39 fixes the following issues: - CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. - CVE-2025-13836: use of...

CVE-2023-54033

In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...

SUSE CVE-2025-68731

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...

CVE-2025-68574

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in voidcoders WPBakery Visual Composer WHMCS Elements void-visual-whmcs-element allows DOM-Based XSS.This issue affects WPBakery Visual Composer WHMCS Elements: from n/a through = 1.0.4.3...

UBUNTU-CVE-2025-68731

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...

CVE-2025-68731

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...