CLSA-2025-1757698525 gdk-pixbuf2: Fix of CVE-2025-7345

CVE-2025-7345: fix heap buffer overflow during base64 encoding in gdkpixbufjpegimageloadincrement...

CVE-2025-10225

Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-119 in the OpenSSL-based session module in AxxonSoft Axxon One C-Werk 2.0.6 and earlier on Windows allows a remote attacker under high load conditions to cause application crashes or unpredictable behavior via triggering...

SUSE CVE-2025-39767

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Optimize module load time by optimizing PLT/GOT counting When enabling CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD and CONFIGPREEMPTVOLUNTARY at the same time, there will be soft deadlock, the relevant logs are as follows...

SUSE CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

AZL-74667 CVE-2025-39772 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

AZL-67193 CVE-2025-39767 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Optimize module load time by optimizing PLT/GOT counting When enabling CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD and CONFIGPREEMPTVOLUNTARY at the same time, there will be soft deadlock, the relevant logs are as follows...

AZL-67241 CVE-2025-39772 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

DEBIAN-CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

UBUNTU-CVE-2025-39772

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

CVE-2025-39772 drm/hisilicon/hibmc: fix the hibmc loaded failed bug

In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmcunload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto...

ROS-20250911-01

A vulnerability in the DNS load balancer and proxy for DNS traffic DNSdist is related to the assertion of availability when support for inbound DNS over HTTPS is enabled using the nghttp2 provider, and requests are are routed to a TCP-only backend or DNS over TLS. Exploitation of the vulnerabilit...

PT-2025-37193

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: A race condition can occur during authentication or token refresh operations under heavy system utilization. This allows a user to be granted a token intended for another user, potentially leading ...

Wind River Studio Developer 安全漏洞

Wind River Studio Developer is a tool with the ability to build, test, and debug embedded system applications from Wind River Studio Developer, USA. A security vulnerability exists in Wind River Studio Developer that originates from a random contention condition that can occur during an...

Guidelines for Mass Instant Recovery to Azure

Article Applicability This article contains information related to Veeam Backup & Replication build 13.0.1.180 and later, as performance for IR to Azure was significantly improved starting with this build. Challenge When attempting to perform mass recovery using Instant Recovery to Azure, the...

UTT 1200GW Buffer Overflow Vulnerability

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that originates from the sub4B48F8 function in...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly initialize a mutual exclusion lock when hibmc fails to load, which could result in a...

PT-2025-37225

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to module loading time optimization. Specifically, the module frob arch sections function utilizes a counting algorithm with On^2 complexity wh...

CVE-2025-20248 Cisco IOS XR Software Image Verification Bypass Vulnerability

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system...

CVE-2025-10225 Incorrect Memory Allocation in OpenSSL-Based Session Module in AxxonSoft Axxon One (C-Werk)

Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-119 in the OpenSSL-based session module in AxxonSoft Axxon One C-Werk 2.0.6 and earlier on Windows allows a remote attacker under high load conditions to cause application crashes or unpredictable behavior via triggering...