CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

CVE-2025-68175

In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on release The current implementation unconditionally calls mxcisivideocleanupstreaming in mxcisivideorelease. This can lead to situations where any release call like from a simple...

CVE-2025-68222 pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc

In the Linux kernel, the following vulnerability has been resolved: pinctrl: s32cc: fix uninitialized memory in s32pinctrldesc s32pinctrldesc is allocated with devmkmalloc, but not all of its fields are initialized. Notably, numcustomparams is used in pinconfgenericparsedtconfig, resulting in...

CVE-2025-68194 media: imon: make send_packet() more robust

In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from AFBC support causing rendering errors and vblank timeouts that may lead to display issues...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improper ordering of the poisoning of the memory pool for HIGHMEM pages, which could lead to page errors...

ROS-20251216-7359

A vulnerability in the V8 JavaScript script handler of Google Chrome and Microsoft Edge browsers is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20251216-7372

A vulnerability in the SplitView component of Google Chrome and Microsoft Edge browsers is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface...

ROS-20251216-7362

A vulnerability in the Omnibox component of Google Chrome and Microsoft Edge browsers is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface using a specially crafted HTML page...

CVE-2025-67724 Tornado vulnerable to Header Injection and XSS via reason argument

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, the supplied reason phrase is used unescaped in HTTP headers where it could be used for header injection or in HTML in the default error page where it could be used for XSS and can be exploited by...

CVE-2025-66452 LibreChat's lack of JSON parsing error handling can lead to XSS

LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json includes user input in the error message, which gets reflected in responses. User input including HTML/JavaScript can be exposed in error...

CVE-2025-66452 LibreChat's lack of JSON parsing error handling can lead to XSS

LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json includes user input in the error message, which gets reflected in responses. User input including HTML/JavaScript can be exposed in error...

CVE-2025-66452

LibreChat (versions ≤ 0.8.0) is affected by a lack of handling for JSON parsing errors in express.json(). A SyntaxError triggered by user input can be reflected in error responses, exposing input (including HTML/JavaScript) and creating an XSS risk if Content-Type isn’t strictly enforced. The iss...

EUVD-2025-202928

LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json includes user input in the error message, which gets reflected in responses. User input including HTML/JavaScript can be exposed in error...

EUVD-2024-55320

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

CVE-2025-58408

Software installed and run as a non-privileged user may conduct improper GPU system calls to trigger reads of stale data that can lead to kernel exceptions and write use-after-free. The Use After Free common weakness enumeration was chosen as the stale data can include handles to resources in whi...

SUSE CVE-2025-14322

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

PT-2025-50607

A key management errors vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.2, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991142)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991142 advisory. In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sbbsizeshift after reading superblock Fuzzers like to scribble over sbbsizeshift but ...

CVE-2021-47719

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...