UBUNTU-CVE-2025-68256

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtwgetie parser The Information Element IE parser rtwgetie trusted the length byte of each IE without validating that the IE body len bytes after the 2-byte header fits inside the...

CVE-2025-68255 staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

CVE-2025-68256

CVE-2025-68256 affects the Linux kernel staging rtl8723bs IE parser (rtw_get_ie). The vulnerability arises from not validating the length field of each Information Element, allowing a malformed frame to trigger out-of-bounds reads or an infinite loop when the IE body extends beyond the remaining ...

CVE-2025-68255

CVE-2025-68255 affects the Linux kernel staging rtl8723bs driver. The OnAssocReq Information Element parsing used the incoming Supported Rates IE length directly as the memcpy length into a fixed 16-byte stack buffer, enabling a stack overflow when an attacker advertises a longer IE. The fix clam...

ROS-20251216-7315

A vulnerability in the ssh component of the OpenSSH cryptographic protection tool is related to incorrect processing of special elements. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack buffer overflow in OnAssocReq IE parsing in rtl8723bs...

Linux Distros Unpatched Vulnerability : CVE-2025-68256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: rtl8723bs: fix out-of-bounds read in rtwgetie parser The Information Element IE parser rtwgetie trusted the length byte of each IE without validating...

CVE-2025-13669

Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3...

WordPress LA-Studio Element Kit for Elementor plugin < 1.5.6.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NumeX in WordPress Plugin LA-Studio Element Kit for Elementor versions 1.5.6.3...

ROS-20251215-7313

A vulnerability in the cifs.upcall function of the CIFS cifs-utils network file system mount utility package is related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to disclose protected information...

CVE-2025-13669

Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3...

CVE-2025-13669

Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3...

CVE-2025-13669 High Level Synthesis Compiler Security Advisory

Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows allows Search Order Hijacking.This issue affects High Level Synthesis Compiler: from 19.1 through 24.3...

CVE-2025-5469

Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...

EUVD-2025-202298

Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...

EUVD-2025-202299

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

EUVD-2025-202301

Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...

CVE-2025-5471

Uncontrolled Search Path Element vulnerability in Yandex Telemost on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.19.1...

CVE-2025-5469

Uncontrolled Search Path Element vulnerability in Yandex Messenger on MacOS allows Search Order Hijacking.This issue affects Telemost: before 2.245...

CVE-2025-5470

Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS allows Search Order Hijacking.This issue affects Disk: before 3.2.45.3275...