CVE-2025-21633

Removed by vendor...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the netfsreadtopagecache function not properly decreasing the -nroutstanding count when handling errors,...

ROS-20250117-07

A vulnerability in the dmaengine component of the Linux operating system kernel is related to the transfer of private resources. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the powerpc/fixmap component of the Linux kernel is related to...

The vulnerability of the Ivanti EPM endpoint management software, related to errors in verifying the cryptographic signature, allows a hacker to execute remote code.

The vulnerability of the Ivanti EPM endpoint management software is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow a perpetrator to execute remote code...

The vulnerability in the implementation of the Secure Boot protocol for Windows operating systems allows attackers to disclose sensitive information that is protected by this security mechanism.

The vulnerability of the Secure Boot secure bootloading protocol for the Windows operating system is related to access control errors. Exploiting this vulnerability could allow a perpetrator to disclose protected information...

The vulnerability of the Active Directory Domain Services service on the Windows operating system allows a perpetrator to elevate their privileges to a system-level level.

The vulnerability of the Active Directory Domain Services service on the Windows operating system is related to access control errors. Exploiting this vulnerability can allow a malicious actor to elevate their privileges to a system-level level...

The vulnerability of Dell PowerScale InsightIQ software for performance monitoring and reporting, related to context switching errors during privilege escalation, allows a perpetrator to elevate their privileges to the root level.

The vulnerability of the Dell PowerScale InsightIQ software for performance monitoring and reporting is related to context switching privilege errors. Exploiting this vulnerability could allow an attacker to elevate their privileges to the root level...

The vulnerability of the Microsoft Message Queuing (MSMQ) service on Microsoft Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the Microsoft Message Queuing MSMQ service on Microsoft Windows operating systems is related to pointer swapping errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the Remote Desktop Gateway (RD Gateway) for Microsoft Windows operating systems allows a hacker to trigger a service failure.

The vulnerability of the Remote Desktop Gateway RD Gateway for Microsoft Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerabilities fixed in Fortinet FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy

Fortinet has fixed vulnerabilities in FortiSwitch, FortiManager, FortiAnalyzer, FortiOS and FortiProxy. The vulnerabilities include hard-coded cryptographic keys, improper processing of OS commands, and out-of-bounds write and read errors. Attackers can exploit these vulnerabilities to gain...

CVE-2024-57894

...

CVE-2025-0343

Swift ASN.1 can be caused to crash when parsing certain BER/DER constructions. This crash is caused by a confusion in the ASN.1 library itself which assumes that certain objects can only be provided in either constructed or primitive forms, and will trigger a preconditionFailure if that constrain...

The vulnerability of the Azure Marketplace component of Microsoft Azure’s software platform allows a perpetrator to disclose protected information.

The vulnerability of the Azure Marketplace component of Microsoft Azure’s software platform is related to access control errors. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

ROS-20250115-06

A vulnerability in the ocfs2 component of the Linux kernel is related to the dereferencing of a NULL pointer in the ocfs2fillsuper function in fs/ocfs2/super.c, toocfs2trigger, ocfs2dbfrozentrigger and ocfs2journalaccess in fs/ocfs2/journal.c. Exploitation of the vulnerability could allow an...

SUSE-SU-2025:0103-1 Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122201 fixes several issues. The following security issues were fixed: - CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. - CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. -...

CVE-2024-52898

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned...

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...

PT-2025-1091 · Microsoft · Windows Remote Desktop Gateway +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Gateway RD Gateway affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the Windows Remote Desktop Gateway RD Gateway. It is associated with synchronization errors wh...

ROS-20250114-14

A vulnerability in the compress component of the Linux operating system kernel is related to incorrect blocking in the f2fsreleasecompressblocks and f2fsreservecompressblocks functions in f2fs/file.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service A...

ROS-20250114-04

The incognito mode vulnerability in Mozilla Firefox, Firefox ESR browsers is due to the application not properly impose security restrictions. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the implemented security restrictions Incognito mode vulnerability in...