Espressif ESP-IDF 安全漏洞

Espressif ESP-IDF is an IoT development framework from China Loxin Espressif. A security vulnerability exists in Espressif ESP-IDF versions prior to 1.1.0, which stems from a USB event callback and user code sharing state without locking, which could lead to a double release...

EUVD-2025-114515

Malicious code in despina-event-callback-arcturus npm...

EUVD-2025-123955

Malicious code in parcel-mui-event-callback npm...

EUVD-2023-37299

Malicious code in bioql PyPI...

EUVD-2022-48340

Malicious code in bioql PyPI...

UBUNTU-CVE-2023-53267

In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnxaddcbfornotifyevent The kfree should be called when memory fails to be allocated for cbdata in xlnxaddcbfornotifyevent, otherwise there will be a memory leak, so add kfree to fix it...

SUSE CVE-2025-38565

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...

CVE-2025-38565

In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...

CVE-2025-38565

CVE-2025-38565: In the Linux kernel perf_mmap() path, if buffer allocation fails the code still invokes event_mapped(), which can increment perf_rdpmc_allowed on x86 and leaks references because perf_mmap_close() is not called. The documented fix is to return early on failure to prevent the refer...

CVE-2023-33110

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption...

Race condition

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption...

CVE-2022-45474

drachtio-server 0.8.18 has a request-handler.cpp eventcb use-after-free for any request...

PT-2022-27530 · Unknown · Drachtio-Server

Name of the Vulnerable Software and Affected Versions: drachtio-server version 0.8.18 Description: The issue is related to a use-after-free error in the event cb function within request-handler.cpp for any request. Recommendations: For drachtio-server version 0.8.18, consider disabling the event ...

libvirt security, bug fix, and enhancement update

libvirt-0.10.2-18.0.1.el6 - Replace docs/et.png in tarball with blank image 0.10.2-18 - rpc: Fix crash on error paths of message dispatching CVE-2013-0170 - spec: Disable libssh2 support rhbz513363 0.10.2-17 - storage: Fix lvcreate parameter for backingStore. rhbz896398 - qemu: Don't return succe...

Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...