240 matches found
CVE-2025-68189
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...
CVE-2025-68189
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...
UBUNTU-CVE-2025-68189
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...
CVE-2025-68189
CVE-2025-68189 : Linux kernel DRM MSM GEM object free for imported dma-bufs could mishandle residency checks (obj->resv vs. obj->_resv) alongside the _NO_SHARE flag, leading to a crash. The fix updates msm_gem_free_object to correctly validate both conditions; patch available via Patchwork ...
CVE-2025-68189 drm/msm: Fix GEM free for imported dma-bufs
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...
CVE-2025-68189 drm/msm: Fix GEM free for imported dma-bufs
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...
PT-2025-51602
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc7 Description The Linux kernel contains a flaw within the drm/msm subsystem related to the handling of imported DMA buffers during object freeing. Specifically, the condition checking for the NO SHARE ca...
CVE-2025-67634
The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...
CVE-2025-67634 Software Acquisition Guide Supplier Response Web Tool XSS
The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If an attacker could convince a user to import a specially-crafted JSON file, the Tool would load JavaScript from the file into the page. The JavaScript would...
CVE-2025-12510
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13.2.4 due to insufficient input sanitization and output escaping on Google Reviews data imported by the plugin. This makes it possible for unauthenticated...
EUVD-2025-201510
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13.2.4 due to insufficient input sanitization and output escaping on Google Reviews data imported by the plugin. This makes it possible for unauthenticated...
CVE-2025-12510
The CVE 2025-12510 entry concerns the WordPress plugin Widgets for Google Reviews (aka Widgets for Google Reviews) vulnerable to unauthenticated stored XSS via Google Reviews data. Affected versions are up to and including 13.2.4; the root cause is insufficient input sanitization and output escap...
PT-2025-49325
Name of the Vulnerable Software and Affected Versions Widgets for Google Reviews versions prior to 13.2.5 Description The Widgets for Google Reviews plugin for WordPress is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping when handling Google...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.0.1, which stems from improper acces...
EUVD-2022-15516
Malicious code in bioql PyPI...
EUVD-2025-25033
Malicious code in bioql PyPI...
EUVD-2022-42721
Malicious code in bioql PyPI...
EUVD-2023-43883
Malicious code in bioql PyPI...
EUVD-2022-42753
Malicious code in bioql PyPI...
EUVD-2023-54807
Malicious code in bioql PyPI...