Lucene search
K

513 matches found

OSV
OSV
added 2025/05/09 6:45 a.m.9 views

CVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARNON!ctx in freeevent for partial init Move the getctxchildctx call and the childevent-ctx assignment to occur immediately after the child event is allocated. Ensure that childevent-ctx is non-NULL before any...

5.5CVSS6.6AI score0.00226EPSS
Exploits0References6
NVD
NVD
added 2025/04/01 6:15 p.m.17 views

CVE-2025-29208

CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php...

6.5CVSS0.00286EPSS
Exploits1References1
NVD
NVD
added 2025/04/01 4:15 p.m.7 views

CVE-2025-21944

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix bug on trap in smb2lock If lock count is greater than 1, flags could be old value. It should be checked with flags of smblock, not flags. It will cause bug-on trap from locksfreelock in error handling routine...

5.5CVSS0.00144EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.6 views

Codezips Gym Management System 安全漏洞

Codezips Gym Management System is an open source gym management system from Codezips. A security vulnerability exists in Codezips Gym Management System version 1.0, which originates from an SQL injection in the name parameter of dashboardadmindeleteoutine.php...

6.5CVSS7.9AI score0.00286EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/03/18 12:9 a.m.13 views

CVE-2025-30074

Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine...

7.8CVSS7.1AI score0.00116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/16 12:0 a.m.8 views

CVE-2025-30074

Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine...

7.8CVSS7.8AI score0.00116EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-35945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References4
NVD
NVD
added 2025/02/26 7:1 a.m.18 views

CVE-2022-49398

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace listforeachentrysafe if using giveback The listforeachentrysafe macro saves the current item n and the item after n+1, so that n can be safely removed without corrupting the list. However, when traversi...

5.5CVSS0.00252EPSS
Exploits0References4
NVD
NVD
added 2025/02/26 7:0 a.m.11 views

CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

7.8CVSS0.00285EPSS
Exploits0References8
CVE
CVE
added 2025/02/26 2:12 a.m.133 views

CVE-2022-49398

CVE-2022-49398 relates to the Linux kernel’s USB DWC3 gadget path. The vulnerability arises when traversing the cancelled_list during dwc3_gadget_ep_cleanup_cancelled_requests() while a pull-up disable sequence runs in parallel, causing a window where removing an item (n) and then the next item (...

5.5CVSS5.4AI score0.00252EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/02/26 1:55 a.m.13 views

CVE-2022-49206 RDMA/mlx5: Fix memory leak in error flow for subscribe event routine

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xainsert fails, the objevent is not released. Fix the error unwind flow to free that memory to avoid a memory leak...

0.00253EPSS
Exploits0References6
OSV
OSV
added 2025/02/26 1:54 a.m.12 views

CVE-2022-49059 nfc: nci: add flush_workqueue to prevent uaf

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...

7.8CVSS5.2AI score0.00285EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/02/14 7:22 p.m.6 views

CVE-2025-1146

CrowdStrike uses industry-standard TLS transport layer security to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where o...

8.1CVSS6.9AI score0.00251EPSS
Exploits0References3
OSV
OSV
added 2025/02/11 8:15 a.m.1 views

DEBIAN-CVE-2025-1181

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...

2.3CVSS4.4AI score0.00698EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fixed a potential deadlock warning from the deltimersync call in isr. When deltimersync is called in an interrupt context, a warning is thrown due to a potential deadlock. The timer is only used to exit from...

5.5CVSS5.9AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/01/22 3:48 a.m.4 views

SUSE CVE-2024-57933

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

5.5CVSS7.6AI score0.00202EPSS
Exploits0References13
CVE
CVE
added 2025/01/11 2:30 p.m.183 views

CVE-2024-57850

CVE-2024-57850 affects the Linux kernel feature jffs2, where the rtime decompression code could corrupt memory outside the decompression buffer if compressed data is malformed. The issue is resolved by adding bounds checks during the rtime decompression pass. Supported documents confirm the vulne...

7.8CVSS6.7AI score0.00215EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.12 views

PT-2025-34406

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's net/mlx5 component where a missing NULL check before accessing device memory could lead to a system crash if the dev-dm allocation in the mlx5 init...

5.5CVSS6.1AI score0.00147EPSS
Exploits0
NVD
NVD
added 2024/12/27 2:15 p.m.13 views

CVE-2024-53190

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with ueventshow on stack trace. That specific issue was addressed by another commit 0, but even with that fix applied...

5.5CVSS0.00236EPSS
Exploits0References6
OSV
OSV
added 2024/11/09 11:15 a.m.7 views

UBUNTU-CVE-2024-50230

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, blockwritebeginint, which is called to prepare bloc...

7.8CVSS6.4AI score0.0027EPSS
Exploits0References48
Rows per page
Query Builder