PT-2025-44991

Name of the Vulnerable Software and Affected Versions CFMOTO RIDE affected versions not specified Description An Insecure Direct Object Reference IDOR vulnerability exists in the vehicleId parameter, allowing unauthorized access to sensitive information of other users’ vehicles. Exploiting this...

EUVD-2025-37481

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

UBUNTU-CVE-2025-40107

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-40107

Technical details about CVE-2025-40107 are not publicly provided in the supplied documents. No affected products, root cause, or fixes are specified here. Monitor for official advisories for confirmation and remediation guidance.

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-40107 can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled

In the Linux kernel, the following vulnerability has been resolved: can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled This issue is similar to the vulnerability in the mcp251x driver, which was fixed in commit 03c427147b2d "can: mcp251x: fix resume fr...

CVE-2025-12618

A vulnerability has been found in Tenda AC8 16.03.34.06. This impacts an unknown function of the file /goform/DatabaseIniSet. The manipulation of the argument Time leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used...

[SECURITY] Fedora 41 Update: rust-collection_literals-1.0.3-1.fc41

Easy-to-use macros for initializing any collection...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly initialize a work queue in the hi311x driver, which could lead to null pointer...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

CVE-2025-11906

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

KVM: arm64: Prevent access to vCPU events before init

...

ALSA: hda: Fix missing pointer check in hda_component_manager_init function

...

EUVD-2023-60047

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

SUSE CVE-2025-40102

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

F5 Networks F5OS-A FIPS HSM Password Initialization (K000154661)

The version of F5 Networks F5OS-A installed on the remote host is affected by a vulnerability as referenced in the K000154661 advisory. - When a user attempts to initialize the rSeries FIPS module using a password with special shell metacharacters, the FIPS hardware security module HSM may fail t...

EUVD-2025-36976

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

AZL-69412 CVE-2025-40102 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

UBUNTU-CVE-2025-40102

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...

CVE-2025-40102 KVM: arm64: Prevent access to vCPU events before init

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Prevent access to vCPU events before init Another day, another syzkaller bug. KVM erroneously allows userspace to pend vCPU events for a vCPU that hasn't been initialized yet, leading to KVM interpreting a bunch of...