CVE-2025-1013

A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability affects Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

CVE-2025-1013

A race condition could have led to private browsing tabs being opened in normal browsing windows. This could have resulted in a potential privacy leak. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 135, which stemmed from the possibility of opening a private browsing tab in a normal browsing window...

PT-2025-2716 · Qualcomm · Snapdragon +108

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. This issue arises due to the sequence of these...

CVE-2025-22498 WordPress LucidLMS plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N3wNormal LucidLMS lucidlms allows Reflected XSS.This issue affects LucidLMS: from n/a through = 1.0.5...

CVE-2025-22498 WordPress LucidLMS plugin <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in New Normal LLC LucidLMS allows Reflected XSS.This issue affects LucidLMS: from n/a through 1.0.5...

PRIMX ZED 安全漏洞

PRIMX ZED is a suite of sensitive data encryption software from PRIMX Corporation. A security vulnerability exists in PRIMX ZED Enterprise version 2024.3 and prior versions. An attacker could exploit the vulnerability to manipulate technical files stored in a local folder with normal user access...

MAL-2024-11225 Malicious code in normal-dep (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f2efb34b8082c086da6493f93ca16d2de070a218ff6cb8f2c32468ca268412f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in normal-dep (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f2efb34b8082c086da6493f93ca16d2de070a218ff6cb8f2c32468ca268412f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

nbd: fix race between timeout and normal completion

...

kernel: mm/sparsemem: fix race in accessing memory_section->usage

A race condition was found on a PFN in the Linux Kernel, which can fall into the device memory region with the system memory configuration. Normal zone start and end PFNs contain the device memory PFNs as well, and the compaction triggered will try on the device memory PFNs and end up in NOP. Thi...

SUSE CVE-2024-49930

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...

Linux kernel 竞争条件问题漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition between movenormalpmd and extractpagetables in the mremap function, which could lead to...

DEBIAN-CVE-2024-49931

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath12kdprxprocess function access...

DEBIAN-CVE-2024-49930

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...

AZL-51528 CVE-2024-49930 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...

UBUNTU-CVE-2024-49855

In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal completion If request timetout is handled by nbdrequeuecmd, normal completion has to be stopped for avoiding to complete this requeued request, other use-after-free can be triggered. Fix t...

UBUNTU-CVE-2024-46706

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: mark last busy before uartaddoneport With "earlycon initcalldebug=1 loglevel=8" in bootargs, kernel sometimes boot hang. It is because normal console still is not ready, but runtime suspend is called, so...

The vulnerability of the SetSmartQoSSettings function in D-Link DIR-846 Wi-Fi router software allows a hacker to execute arbitrary code.

The vulnerability of the SetSmartQoSSettings function in D-Link DIR-846 network devices lies in the lack of measures to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by manipulating the parameters of...

D-Link DIR-846W Command Execution Vulnerability (CNVD-2025-18480)

D-Link DIR-846W is a dual-band Gigabit wireless router with second-generation 11AC technology and MU-MIMO technology, supporting dual-band concurrent transmission rates up to 1200Mbps for 200M and above broadband users. The D-Link DIR-846W suffers from a command execution vulnerability that...