6957 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992483)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992483 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in...
CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
DEBIAN-CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-15284
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-15284 arrayLimit bypass in bracket notation allows DoS via memory exhaustion
Improper Input Validation vulnerability in qs parse modules allows HTTP DoS.This issue affects qs: 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation a=1&a=2, only for indexed notation a0=1. This is a consistency bug; arrayLimit should apply uniformly across a...
CVE-2025-15284
CVE-2025-15284 is a vulnerability in the qs library (parse modules) where the arrayLimit check does not apply to bracket notation (a[]=...) as in the vulnerable code path (lib/parse.js:159-162). The issue enables potential DoS via memory exhaustion by creating larger-than-expected arrays, though ...
SUSE CVE-2023-54075
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...
RiteCMS Code Execution Vulnerability
RiteCMS is an open source content management system based on php and sqlite. RiteCMS has a code execution vulnerability that stems from a flaw in the parsespecialtags function, which can be exploited by an attacker to cause remote code execution...
EUVD-2023-60334
In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchippinctrlparsegroups offindnodebyphandle returns a node pointer with refcount incremented, We should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcou...
EUVD-2023-60251
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...
CVE-2023-54075
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...
UBUNTU-CVE-2023-54075
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...
CVE-2023-54075
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: common: Fix refcount leak in parsedailinkinfo Add missing ofnodeputs before the returns to balance ofnodegets and ofnodeputs, which may get unbalanced in case the for loop 'foreachavailablechildofnode' returns ear...
CVE-2023-54111 pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchippinctrlparsegroups offindnodebyphandle returns a node pointer with refcount incremented, We should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcou...
CVE-2023-54111 pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups
In the Linux kernel, the following vulnerability has been resolved: pinctrl: rockchip: Fix refcount leak in rockchippinctrlparsegroups offindnodebyphandle returns a node pointer with refcount incremented, We should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcou...
CVE-2023-54075
CVE-2023-54075 affects the Linux kernel ASoC: mediatek: common code, specifically parse_dai_link_info. The root cause is a refcount leak caused by missing balance of of_node_get()/of_node_put() calls, which may become unbalanced if the loop for_each_available_child_of_node returns early. The avai...
CVE-2023-54057 iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrsacpihid command-line parameter The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf has no width limitation...
PT-2025-53073
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the ASoC Audio System on Chip component, specifically within the mediatek common code in the parse dai link info function. The issue stems from missing...