CVE-2025-64081

CVE-2025-64081 is a SQL injection in SourceCodester’s Patients Waiting Area Queue Management System v1, affecting the file /php/api_patient_schedule.php via the appointmentID parameter. The root cause is improper input validation/sanitization, enabling attackers to execute arbitrary SQL commands....

SourceCodester Patients Waiting Area Queue Management System SQL注入漏洞

SourceCodester Patients Waiting Area Queue Management System is SourceCodester open source a patient waiting area queue management system. SourceCodester Patients Waiting Area Queue Management System v1 version exists SQL injection vulnerability , the vulnerability stems from /...

Oracle Linux 10 : kernel (ELSA-2025-22395)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-22395 advisory. - mm/memory-failure: fix VMBUGONPAGEPagePoisonedpage when unpoison memory CKI Backport Bot RHEL-119161 CVE-2025-39883 - nfsd: handle getclientlocked...

PT-2025-49434

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s videobuf2 subsystem. The vb2 ioctl remove bufs function can manipulate the internal buffer list of a queue, potentially overwriting pointers used when...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly freeing the work queue of a background tracker, which could lead to a memory leak...

Linux Distros Unpatched Vulnerability : CVE-2025-40302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some...

RLSA-2025:22395 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ublk: make sure ubq-canceling is set when queue is frozen CVE-2025-22068 kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: mm/memory-failure:...

RockyLinux 10 : kernel (RLSA-2025:22395)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:22395 advisory. kernel: ublk: make sure ubq-canceling is set when queue is frozen CVE-2025-22068 kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfir...

CVE-2025-40249

The CVE-2025-40249 issue affects the Linux kernel GPIO character device (gpio cdev). The release path can defer the fput() action to a work queue while the descriptor’s reference count already reached zero, risking a use-after-free if get_file() is used. The documented fix is to use get_file_acti...

CVE-2025-40222

In the Linux kernel, the following vulnerability has been resolved: tty: serial: sh-sci: fix RSCI FIFO overrun handling The receive error handling code is shared between RSCI and all other SCIF port types, but the RSCI overrunreg is specified as a memory offset, while for other SCIF types it is a...

kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none

...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a work queue not being properly canceled, which could lead to memory corruption...

PT-2025-49079

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to GPIO character device handling. Specifically, the issue arises when a GPIO change event occurs after the file descriptor associated with the...

Linux Distros Unpatched Vulnerability : CVE-2025-40252

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using...

RockyLinux 8 : kernel-rt (RLSA-2025:21920)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:21920 advisory. kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: i40e: fix idx validation in config queues msg CVE-2025-39971 Tenable has...

Oracle Linux 10 : ELSA-2025-20095-0: / kernel (ELSA-2025-200950)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-200950 advisory. - selftests: tls: add tests for zero-length records CKI Backport Bot RHEL-114328 CVE-2025-39682 - tls: fix handling of zero-length records on the...

Oracle Linux 9 : kernel (ELSA-2025-21469)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-21469 advisory. - kernfs: Fix UAF in polling when open file is released Pavel Reichl RHEL-122087 CVE-2025-39881 - i40e: add max boundary check for VF filters Michal...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...