54838 matches found
CVE-2025-66324
Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...
CVE-2025-40332
CVE-2025-40332: In the Linux kernel, drm/amdkfd mmap write lock could deadlock when draining a retry fault, because svm_range_restore_pages would unlock mmap_read_lock and return. The fix downgrades the mmap write lock to a read lock during draining retry faults, preventing deadlock and subsequen...
CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
CVE-2025-42880
CVE-2025-42880 concerns SAP Solution Manager. Underlying issue is missing input sanitation that allows an authenticated attacker to insert arbitrary code when calling a remote-enabled function module, potentially giving full control of the system and high impact to confidentiality, integrity, and...
CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
CVE-2023-53825
In the Linux kernel, the following vulnerability has been resolved: kcm: Fix error handling for SOCKDGRAM in kcmsendmsg. syzkaller found a memory leak in kcmsendmsg, and commit c821a88bd720 "kcm: Fix memory leak in error path of kcmsendmsg" suppressed it by updating kcmtxmsghead-lastskb if partia...
CVE-2022-50674
In the Linux kernel, the following vulnerability has been resolved: riscv: vdso: fix NULL deference in vdsojointimens when vfork Testing tools/testing/selftests/timens/vforkexec.c got below kernel log: 6.838454 Unable to handle kernel access to user memory without uaccess routines at virtual...
CVE-2023-53805
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
UBUNTU-CVE-2023-53791
In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...
CVE-2023-53802 wifi: ath9k: htc_hst: free skb in ath9k_htc_rx_msg() if there is no callback function
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: htchst: free skb in ath9khtcrxmsg if there is no callback function It is stated that ath9khtcrxmsg either frees the provided skb or passes its management to another callback function. However, the skb is not freed in...
CVE-2023-53791 md: fix warning for holder mismatch from export_rdev()
In the Linux kernel, the following vulnerability has been resolved: md: fix warning for holder mismatch from exportrdev Commit a1d767191096 "md: use mddev-external to select holder in exportrdev" fix the problem that 'claimrdev' is used for blkdevgetbydev while 'rdev' is used for blkdevput...
📄 React / Next.js Unauthenticated Remote Code Execution
A critical unauthenticated remote code execution vulnerability exists in React Server Components RSC Flight protocol. The vulnerability allows attackers to achieve prototype pollution during deserialization of RSC payloads by sending specially crafted multipart requests with proto, constructor, o...
PT-2025-49769
Name of the Vulnerable Software and Affected Versions SAP Solution Manager affected versions not specified Description SAP Solution Manager is susceptible to a code injection issue stemming from inadequate input sanitation. An authenticated attacker can inject malicious code when invoking a...
Linux Distros Unpatched Vulnerability : CVE-2022-50624
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree need be called to put refcount, so memory of phy device and devi...
CVE-2025-14199
A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false of the component Web Administration Module. Executing manipulation can lead to unrestricted upload. The attack may be performed from...
CVE-2025-48622
CVE-2025-48622 affects the Android/OpenCV-related code path in the dng_misc_opcodes.cpp file, within the ProcessArea, where a buffer overflow can cause an out-of-bounds read. This leads to local information disclosure without requiring user interaction or elevated privileges. The available connec...
CVE-2025-14197
A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...
EUVD-2025-201674
Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-66327
Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-66327
Race condition vulnerability in the network module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...