Lucene search
K

54839 matches found

OSV
OSV
added 2025/12/08 1:19 a.m.6 views

CVE-2023-53756 KVM: VMX: Fix crash due to uninitialized current_vmcs

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

6.3AI score0.0016EPSS
Exploits0References8
OSV
OSV
added 2025/12/08 1:16 a.m.5 views

CVE-2022-50628 drm/gud: Fix UBSAN warning

In the Linux kernel, the following vulnerability has been resolved: drm/gud: Fix UBSAN warning UBSAN complains about invalid value for bool: 101.165172 drm Initialized gud 1.0.0 20200422 for 2-3.2:1.0 on minor 1 101.213360 gud 2-3.2:1.0: drm fb1: guddrmfb frame buffer device 101.213426 usbcore:...

6.5AI score0.00166EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/08 1:16 a.m.25 views

CVE-2022-50624 net: netsec: fix error handling in netsec_register_mdio()

In the Linux kernel, the following vulnerability has been resolved: net: netsec: fix error handling in netsecregistermdio If phydeviceregister fails, phydevicefree need be called to put refcount, so memory of phy device and device name can be freed in callback function. If getphydevice fails,...

0.00173EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/08 1:16 a.m.31 views

CVE-2022-50619 drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfdmemdmamapuserptr If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a memor...

0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/08 12:46 a.m.25 views

CVE-2025-40299 gve: Implement gettimex64 with -EOPNOTSUPP

In the Linux kernel, the following vulnerability has been resolved: gve: Implement gettimex64 with -EOPNOTSUPP gve implemented a ptpclock for sole use of doauxwork at this time. ptpclockgettime and ptpsysoffset assume every ptpclock has implemented either gettimex64 or gettime64. Stub gettimex64...

0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.4 views

PT-2025-49520

Name of the Vulnerable Software and Affected Versions versions prior to 2025-66323 Description An issue exists in the card module due to an improper criterion security check. Successful exploitation could affect availability. There are no reports of real-world incidents or affected devices. The...

5.5CVSS6.3AI score0.00066EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.3 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei HarmonyOS suffers from a competitive condition vulnerability, which originates from a competitive condition vulnerability in the audio module, and can be exploited by an attacker to affect...

6.7CVSS6.6AI score0.00059EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.3 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is a distributed operating system developed independently by Huawei Technologies Co. Huawei HarmonyOS suffers from an Improper Security Check vulnerability that originates from a vulnerability in the improper standard security check in the card module, which can be exploited by a...

5.5CVSS6.7AI score0.00066EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.3 views

PT-2025-49523

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A race condition exists within the network module. Successful exploitation could compromise the confidentiality of the service. Recommendations At the moment, there is no information about a newer...

7.1CVSS6.3AI score0.00057EPSS
Exploits0References8
Amazon
Amazon
added 2025/12/08 12:0 a.m.7 views

Medium: rsync

Issue Overview: A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. CVE-2025-101...

4.3CVSS6.5AI score0.00283EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.6 views

PT-2025-49518

Name of the Vulnerable Software and Affected Versions Versions prior to 2025-66321 Description A multi-thread race condition exists in the camera framework module. Successful exploitation of this issue may affect system availability. Recommendations At the moment, there is no information about a...

5.1CVSS6.3AI score0.00056EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49517

Name of the Vulnerable Software and Affected Versions versions prior to 2025-66320 Description A multi-thread race condition exists within the camera framework module. Successful exploitation of this issue may affect system availability. Recommendations At the moment, there is no information abou...

5.1CVSS6.3AI score0.00056EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49533

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A permission control issue exists in the window management module that may affect availability. Successful exploitation of this issue could impact system availability. Recommendations At the moment,...

5.5CVSS6.4AI score0.00073EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49519

Name of the Vulnerable Software and Affected Versions versions prior to 2025-66322 Description A multi-thread race condition exists in the camera framework module. Successful exploitation of this issue may affect availability. Recommendations At the moment, there is no information about a newer...

5.1CVSS6.3AI score0.00056EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49522

Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability...

6.7CVSS6.9AI score0.00059EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.8 views

Amazon Linux 2 : audiofile, --advisory ALAS2-2025-3087 (ALAS-2025-3087)

The version of audiofile installed on the remote host is prior to 0.3.6-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3087 advisory. Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function. CVE-2025-50950 Tenabl...

7.5CVSS5.5AI score0.0033EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.5 views

PT-2025-49521

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An input verification issue exists in the compression and decompression module. Successful exploitation could impact app data integrity. Recommendations At the moment, there is no information about a...

8.4CVSS6.3AI score0.00076EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2025/12/08 12:0 a.m.9 views

kernel security update

4.18.0-553.89.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

6.5AI score0.00148EPSS
Exploits0
EUVD
EUVD
added 2025/12/07 6:31 p.m.4 views

EUVD-2025-201606

A security vulnerability has been detected in Verysync 微力同步 up to 2.21.3. The impacted element is an unknown function of the file /rest/f/api/resources/f96956469e7be39d of the component Web Administration Module. Such manipulation leads to information disclosure. The attack can be executed...

6.9CVSS5.8AI score0.00346EPSS
Exploits0References7
EUVD
EUVD
added 2025/12/07 6:31 p.m.4 views

EUVD-2025-201609

A vulnerability was detected in Verysync 微力同步 2.21.3. This affects an unknown function of the file /safebrowsing/clientreport/download?key=dummytoken of the component Web Administration Module. Performing manipulation results in information disclosure. The attack is possible to be carried out...

6.9CVSS5.8AI score0.00396EPSS
Exploits1References5
Rows per page
Query Builder