4570 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-54176
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: stricter state check in mptcpworker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected stat...
Linux Distros Unpatched Vulnerability : CVE-2023-54216
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswitch object mapping pool while in nic mode where it isn't initialized. This...
CVE-2025-69205
Micro Registration Utility µURU is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a special federation name and characters treated special by asterisk can be injected into the Dial...
CVE-2025-69205 In µURU, a Specially Crafted Federation Name Allows Dialplan Injection
Micro Registration Utility µURU is a telephone self registration utility based on asterisk. In versions up to and including commit 88db9a953f38a3026bcd6816d51c7f3b93c55893, an attacker can crafts a special federation name and characters treated special by asterisk can be injected into the Dial...
CVE-2025-15150
A vulnerability was found in PX4 PX4-Autopilot up to 1.16.0. Affected by this issue is the function MavlinkLogHandler::statelisting/MavlinkLogHandler::logentryfromid of the file src/modules/mavlink/mavlinkloghandler.cpp. The manipulation results in stack-based buffer overflow. The attack is only...
CVE-2025-2296 affecting package hvloader for versions less than 1.0.1-15
CVE-2025-2296 affecting package hvloader for versions less than 1.0.1-15. A patched version of the package is available...
CVE-2025-15176
A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...
CVE-2025-15176 Open5GS PFCP Session Establishment Request rule-match.c ogs_pfcp_pdr_rule_find_by_packet assertion
A flaw has been found in Open5GS up to 2.7.5. This affects the function decodeipv6header/ogspfcppdrrulefindbypacket of the file lib/pfcp/rule-match.c of the component PFCP Session Establishment Request Handler. Executing a manipulation can lead to reachable assertion. It is possible to launch the...
EUVD-2025-205532
A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function sgpipelinedescdefaults in the library sokolgfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now...
PT-2025-53781
Name of the Vulnerable Software and Affected Versions SohuTV CacheCloud versions up to 3.2.0 Description A cross site scripting issue exists in SohuTV CacheCloud. The issue is related to the redirectNoPower function within the file...
CVE-2025-15155
A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function sgpipelinedescdefaults in the library sokolgfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now...
CVE-2025-15155 floooh sokol sokol_gfx.h _sg_pipeline_desc_defaults stack-based overflow
A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function sgpipelinedescdefaults in the library sokolgfx.h. The manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now...
CVE-2025-15099
A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...
PT-2025-53622
Name of the Vulnerable Software and Affected Versions XSpeeder SXZOS through 2025-12-26 Description XSpeeder SXZOS through 2025-12-26 contains a critical flaw allowing unauthenticated attackers to achieve root remote code execution. The issue stems from the unsafe evaluation of base64-decoded inp...
CVE-2025-15099 simstudioai sim CRON Secret internal.ts improper authentication
A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the component CRON Secret Handler. The manipulation of the argument INTERNALAPISECRET leads to improper authentication. It is possible to initiate t...
Linux Distros Unpatched Vulnerability : CVE-2025-68737
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - arm64/pageattr: Propagate return value from changememorycommon The rodata=on security measure requires that any code path which does vmalloc -...
Linux Distros Unpatched Vulnerability : CVE-2023-54096
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerate...
Linux Distros Unpatched Vulnerability : CVE-2025-68357
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iomap: allocate sdiodonewq for async reads as well Since commit 222f2c7c6d14 iomap: always run error completions in user context, read error completions are...
Linux Distros Unpatched Vulnerability : CVE-2023-54154
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various...
Linux Distros Unpatched Vulnerability : CVE-2022-50748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 ipc: Free mqsysctls if ipc namespace creation failed Here's a similar memory leak to t...