513 matches found
CVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix WARNON!ctx in freeevent for partial init Move the getctxchildctx call and the childevent-ctx assignment to occur immediately after the child event is allocated. Ensure that childevent-ctx is non-NULL before any...
CVE-2025-29208
CodeZips Gym Management System v1.0 is vulnerable to SQL injection in the name parameter within /dashboard/admin/deleteroutine.php...
CVE-2025-21944
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix bug on trap in smb2lock If lock count is greater than 1, flags could be old value. It should be checked with flags of smblock, not flags. It will cause bug-on trap from locksfreelock in error handling routine...
Codezips Gym Management System 安全漏洞
Codezips Gym Management System is an open source gym management system from Codezips. A security vulnerability exists in Codezips Gym Management System version 1.0, which originates from an SQL injection in the name parameter of dashboardadmindeleteoutine.php...
CVE-2025-30074
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine...
CVE-2025-30074
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows privilege escalation to root via the VM creation routine...
Linux Distros Unpatched Vulnerability : CVE-2024-35945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: phy: phydevice: Prevent nullptr exceptions on ISR If phydev-irq is set unconditionally, check for valid interrupt handler or fall back to polling mode to...
CVE-2022-49398
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Replace listforeachentrysafe if using giveback The listforeachentrysafe macro saves the current item n and the item after n+1, so that n can be safely removed without corrupting the list. However, when traversi...
CVE-2022-49059
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...
CVE-2022-49398
CVE-2022-49398 relates to the Linux kernel’s USB DWC3 gadget path. The vulnerability arises when traversing the cancelled_list during dwc3_gadget_ep_cleanup_cancelled_requests() while a pull-up disable sequence runs in parallel, causing a window where removing an item (n) and then the next item (...
CVE-2022-49206 RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in error flow for subscribe event routine In case the second xainsert fails, the objevent is not released. Fix the error unwind flow to free that memory to avoid a memory leak...
CVE-2022-49059 nfc: nci: add flush_workqueue to prevent uaf
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flushworkqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching an NCI device. The main reason for this bug is the unexpected scheduling between the used delayed mechanism timer and...
CVE-2025-1146
CrowdStrike uses industry-standard TLS transport layer security to secure communications from the Falcon sensor to the CrowdStrike cloud. CrowdStrike has identified a validation logic error in the Falcon sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor where o...
DEBIAN-CVE-2025-1181
A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: i2c: pnx: Fixed a potential deadlock warning from the deltimersync call in isr. When deltimersync is called in an interrupt context, a warning is thrown due to a potential deadlock. The timer is only used to exit from...
SUSE CVE-2024-57933
In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...
CVE-2024-57850
CVE-2024-57850 affects the Linux kernel feature jffs2, where the rtime decompression code could corrupt memory outside the decompression buffer if compressed data is malformed. The issue is resolved by adding bounds checks during the rtime decompression pass. Supported documents confirm the vulne...
PT-2025-34406
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel's net/mlx5 component where a missing NULL check before accessing device memory could lead to a system crash if the dev-dm allocation in the mlx5 init...
CVE-2024-53190
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with ueventshow on stack trace. That specific issue was addressed by another commit 0, but even with that fix applied...
UBUNTU-CVE-2024-50230
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, blockwritebeginint, which is called to prepare bloc...