3046 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-68320
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invali...
CVE-2025-36747
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
EUVD-2025-203250
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
CVE-2025-36747
ShineLan-X contains a set of credentials for an FTP server was found within the firmware, allowing testers to establish an insecure FTP connection with the server. This may allow an attacker to replace legitimate files being deployed to devices with their own malicious versions, since the firmwar...
CVE-2023-53800
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...
SUSE CVE-2023-53832
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...
CVE-2023-53832
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...
DEBIAN-CVE-2023-53832
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...
UBUNTU-CVE-2023-53832
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...
UBUNTU-CVE-2022-50678
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address and causes invalid address access when printing the value of pi-reqsi-reqid. We replace reqs index...
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 (KB5071876)
Description of the security update for Microsoft Exchange Server Subscription Edition RTM: December 9, 2025 KB5071876 Original article content This security update resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common...
CVE-2023-53832 md/raid10: fix null-ptr-deref in raid10_sync_request
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...
CVE-2023-53832 md/raid10: fix null-ptr-deref in raid10_sync_request
In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...
CVE-2022-50678
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address and causes invalid address access when printing the value of pi-reqsi-reqid. We replace reqs index...
CVE-2023-53800
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...
CVE-2023-53800
CVE-2023-53800 affects the Linux kernel ubi (UBI) layer. The issue is a use-after-free during volume resize: when ubi_change_vtbl_record() returns an error in ubi_resize_volume(), the code path frees new_eba_tbl on error, but new_eba_tbl is still held by vol->eba_tbl in ubi_eba_replace_table()...
PT-2025-49723
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's md/raid10 component, specifically within the raid10 sync request function. The issue involves a null pointer dereference that can occur when recovery ...
OESA-2025-2773 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: media: davinci: vpif: fix use-after-free on driver unbind The driver allocates and registers two platform device structures during probe, but the devices were...
PYSEC-2025-154
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. If the name of the attendee contained HTML or Markdown formatting, this was rendered as HTML i...
CVE-2025-66265
CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions, granting write access to all authenticated users. This allows attackers to replace configuration files such as snmp.conf or hijack DLLs to escalate privileges...