The vulnerability of the /goform/formTcpipSetup function in D-Link DIR-618 and DIR-605L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the /goform/formTcpipSetup function in D-Link DIR-618 and DIR-605L router microprogramming software is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20250514-01

A vulnerability in the iiosimpledummytriggerh function of driver drivers/iio/dummy/iiosimpledummybuffer.c of the Linux kernel's IIO stub driver support is related to the use of an uninitialized resource. an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain...

The vulnerability of the Microsoft Virtual Machine Bus (VMBus) component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Virtual Machine Bus VMBus component in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerability of D-Link DIR-618 and DIR-605L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of D-Link DIR-618 and DIR-605L router microprogramming software is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

CVE-2024-56526

An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error...

CVE-2024-56526

An issue was discovered in OXID eShop before 7. CMS pages in combination with Smarty may display user information if a CMS page contains a Smarty syntax error...

kernel: HID: amd_sfh: Switch to device-managed dmam_alloc_coherent()

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Switch to device-managed dmamalloccoherent Using the device-managed version allows to simplify clean-up in probe error path. Additionally, this device-managed ensures proper cleanup, which helps to resolve memory...

kernel: dm array: fix releasing a faulty array block twice in dm_array_cursor_end

In the Linux kernel, the following vulnerability has been resolved: dm array: fix releasing a faulty array block twice in dmarraycursorend When dmbmreadlock fails due to locking or checksum errors, it releases the faulty block implicitly while leaving an invalid output pointer behind. The caller ...

kernel: ovl: Filter invalid inodes with missing lookup function

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause error...

kernel: ext4: don't set SB_RDONLY after filesystem errors

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SBRDONLY flag to stop all filesystem modifications. We knew this misses proper locking sb-sumount and does no...

kernel: drm/amdgpu: the warning dereferencing obj for nbio_v7_4

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: the warning dereferencing obj for nbiov74 if rasmanager obj null, don't print NBIO err data...

Invalid login error is show when FAS is enabled on Rocky Linux 9.2

You deploy Rocky Linux 9.x FAS is configured and works fine on other OS like Windows, Ubuntu Issue is seen only with RHEL 9.x or Rocky Linux 9.x Invalid login prompt is thrown. Preauthentication errors are noticed in ctxkrb debug tool when installed for debug purposes on the Linux VDA...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to pointer naming errors, allows attackers to trigger a service failure.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to errors in pointer assignment. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially created malicious file...

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in synchronization errors when using shared resources. This allows attackers to circumvent existing security restrictions and gain unauthorized access to protected information.

The vulnerabilities of programming platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to synchronization errors when using shared resources. Exploiting these vulnerabilities can allow remote attackers to bypass...

The vulnerability of software platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B lies in synchronization errors when using shared resources. This allows attackers to circumvent existing security restrictions and gain unauthorized access to protected information.

The vulnerabilities of programming platforms for developing and managing online stores such as Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to synchronization errors when using shared resources. Exploiting these vulnerabilities can allow remote attackers to bypass...

DEBIAN-CVE-2025-37872

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix memory leak in txgbeprobe error path When txgbeswinit is called, memory is allocated for wx-rsskey in wxinitrsskey. However, in txgbeprobe function, the subsequent error paths after txgbeswinit don't free the...

CVE-2025-37837 iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()

In the Linux kernel, the following vulnerability has been resolved: iommu/tegra241-cmdqv: Fix warnings due to dmamfreecoherent Two WARNINGs are observed when SMMU driver rolls back upon failure: arm-smmu-v3.9.auto: Failed to register iommu arm-smmu-v3.9.auto: probe with driver arm-smmu-v3 failed...

The vulnerability of the f2fs_unlock_rpages() function in the fs/f2fs/compress.c module of the F2FS file system support in Linux kernel allows a malicious actor to cause a service failure.

The vulnerability of the f2fsunlockrpages function in the fs/f2fs/compress.c module of the F2FS file system support in Linux operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the sprd_i2c_master_xfer() function in the drivers/i2c/busses/i2c-sprd.c module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the sprdi2cmasterxfer function in the drivers/i2c/busses/i2c-sprd.c module of the Linux kernel is related to security configuration errors. Exploiting this vulnerability could allow an attacker to cause a service failure...