CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

DEBIAN-CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

PT-2026-34896

In the Linux kernel, the following vulnerability has been resolved: firmware: arm scmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: arm scmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmi event handler get ops...

CVE-2026-40249

free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the PUT handler for updating Policy Data notification subscriptions at /nudr-dr/v2/policy-data/subs-to-notify/subsId does not return after request body retrieval or deserialization...

PT-2025-37330

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw related to lock dependency in xsk notify triggered via register netdevice. Specifically, the issue arises from using register netdevice within notifier...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice The ethnlreqgetPhyDev function is used to look up a phyDevice, in cases where an ethtool netlink command targets a specific phyDevice within a netDevice’s topolog...

SUSE CVE-2025-21921

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

DEBIAN-CVE-2025-21921

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

CVE-2023-7185

A vulnerability was found in 7-card Fakabao up to 1.0build20230805. It has been classified as critical. This affects an unknown part of the file shop/wxpaynotify.php. The manipulation of the argument outtradeno leads to sql injection. The exploit has been disclosed to the public and may be used...

7-card Fakabao SQL Injection Vulnerability

7-card Fakabao is a 7-card open source application. A SQL injection vulnerability exists in 7-card Fakabao version 1.0build20230805 and earlier versions, which stems from a problem with an unknown function in shop/wxpaynotify.php...