1907 matches found
DEBIAN-CVE-2025-22108
In the Linux kernel, the following vulnerability has been resolved: bnxten: Mask the bdcnt field in the TX BD properly The bdcnt field in the TX BD specifies the total number of BDs for the TX packet. The bdcnt field has 5 bits and the maximum number supported is 32 with the value 0...
CVE-2025-22079
In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate ltreedepth to avoid out-of-bounds access The ltreedepth field is 16-bit le16, but the actual maximum depth is limited to OCFS2MAXPATHDEPTH. Add a check to prevent out-of-bounds access if ltreedepth has an invalid...
UBUNTU-CVE-2025-29915
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...
PT-2025-18450
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero issue has been resolved in the Linux kernel. The problem occurs when the user sets a speed value greater than UINT MAX/8, making division by zero possible. This issue...
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
A flaw was found in the spring-security-core password encoder. This vulnerability allows incorrect password matching via input manipulation...
SUSE CVE-2025-21985
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses WHAT & HOW hpostreamtolinkencodermapping has size MAXHPODP2ENCODERS=4, but location can have size up to 6. As a result, it is necessary to check location against MAXHPODP2ENCODERS...
UBUNTU-CVE-2025-21985
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses WHAT & HOW hpostreamtolinkencodermapping has size MAXHPODP2ENCODERS=4, but location can have size up to 6. As a result, it is necessary to check location against MAXHPODP2ENCODERS...
AZL-62639 CVE-2025-21868 affecting package kernel for versions less than 6.6.117.1-1
In the Linux kernel, the following vulnerability has been resolved: net: allow small head cache usage with large MAXSKBFRAGS values Sabrina reported the following splat: WARNING: CPU: 0 PID: 1 at net/core/dev.c:6935 netifnapiaddweightlocked+0x8f2/0xba0 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm...
PT-2025-18448
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue has been identified in the Linux kernel where the user can set any speed value, potentially leading to division by zero if the speed is greater than UINT MAX/8. This issue was...
PT-2025-18449
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue has been found in the Linux kernel where the user can set any speed value. If the speed is greater than UINT MAX/8, it is possible to cause a division by zero. This issue was...
PT-2025-18447
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero issue has been resolved in the Linux kernel. The problem occurs when a user sets a speed value greater than UINT MAX/8, making division by zero possible. This issue wa...
PT-2025-18451
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A division by zero issue has been resolved in the Linux kernel. The problem occurs when a user sets a speed value greater than UINT MAX/8, making division by zero possible. This issue wa...
Privilege Escalation
github.com/containerd/containerd is vulnerable to Privilege Escalation. The vulnerability is due to an integer overflow and improper handling of UID:GID values larger than the maximum 32-bit signed integer, allowing containers to run as root UID 0...
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller BMC software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085 , carries a CVSS v4 score of 10.0,...
DEBIAN-CVE-2025-0755
The various bsonappend functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size INT32MAX, resulting in a segmentation fault and possible application crash. This...
UBUNTU-CVE-2025-0755
The various bsonappend functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size INT32MAX, resulting in a segmentation fault and possible application crash. This...
CVE-2025-29911 CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...
sctp: sysctl: rto_min/max: avoid using current->nsproxy
...
netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level
...
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
...