CVE-2025-37830 cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scmicpufreqgetrate does not check for this case, which results in a NULL pointer...

CVE-2025-37827

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in btrfsaddfreespacezoned that ultimately happens because a conversion from the default metadata profile...

CVE-2025-37820

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdpconvertbufftoframe The function xdpconvertbufftoframe may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or inval...

CVE-2025-37807

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kmemleak warning for percpu hashmap Vlad Poenaru reported the following kmemleak issue: unreferenced object 0x606fd7c44ac8 size 32: backtrace crc 0: pcpuallocnoprof+0x730/0xeb0 bpfmapallocpercpu+0x69/0xc0...

CVE-2025-37806 fs/ntfs3: Keep write operations atomic

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user executes ioctl2 to clear the compress flag of the file, which causes t...

CVE-2025-37803

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting sizelimitmb to u64 when calculate pglimit...

CVE-2025-37801

In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spiimxsetupxfer Add check for the return value of spiimxsetupxfer. spiimx-rx and spiimx-tx function pointer can be NULL when spiimxsetupxfer return error, and make NULL pointer dereference. Unable to...

PT-2025-20450 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.04B04 Description: A critical issue was found in the function formSetEasy Wizard, where the manipulation of the argument curTime leads to a buffer overflow. This issue can be exploited remotely. The vendor was notifi...

PT-2025-20327 · WordPress · Eventin

Name of the Vulnerable Software and Affected Versions: Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress versions up to, and including, 4.0.26 Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which c...

PT-2025-20413 · Unknown · P73 Simplepythonencryption.Py

Name of the Vulnerable Software and Affected Versions: Programs/P73 SimplePythonEncryption.py versions prior to commit 6ce60b1 Description: The issue affects a Python encryption example using the RSA Algorithm, allowing an attacker to potentially decrypt data using brute force attacks, which can...

PT-2025-20393 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6681 B20230703 Description: The issue is an authenticated stack overflow that occurs via the ssid parameter in the setWiFiBasicCfg function. This allows for potential exploitation. No information is provided...

PT-2025-20343

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, requiring CAP SYS ADMIN for all usages of TIOCL SELMOUSEREPORT. The previous patch had inconsistent logic, and TIOCL SELMOUSEREPORT...

Critical Photon OS Security Update - PHSA-2025-5.0-0519

Updates of 'apache-tomcat9', 'apache-tomcat10', 'subversion' packages of Photon OS have been released...

Multiple vulnerabilities in SonicWall SMA 100 series (FIXED)

Overview In April of 2025, Rapid7 discovered and disclosed three new vulnerabilities affecting SonicWall Secure Mobile Access “SMA” 100 series appliances SMA 200, 210, 400, 410, 500v. These vulnerabilities are tracked as CVE-2025-32819, CVE-2025-32820, and CVE-2025-32821. An attacker with access ...

CVE-2025-46720

Keystone is a content management system for Node.js. Prior to version 6.5.0, field.isFilterable access control can be bypassed in update and delete mutations by adding additional unique filters. These filters can be used as an oracle to probe the existence or value of otherwise unreadable fields...

curl bug fix and enhancement update

An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8.10...

CVE-2025-30147 ALTBN128_ADD, ALTBN128_MUL, ALTBN128_PAIRING precompile functions do not check if points are on curve

Besu Native contains scripts and tooling that is used to build and package the native libraries used by the Ethereum client Hyperledger Besu. Besu 24.7.1 through 25.2.2, corresponding to besu-native versions 0.9.0 through 1.2.1, have a potential consensus bug for the precompiles ALTBN128ADD 0x06,...

CVE-2025-46824

The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80, an attacker can execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This problem is patched in commit eed3a80 of the discourse-code-review plugin...

CVE-2025-46824

The CVE-2025-46824 entry concerns the Discourse Code Review Plugin. Before commit eed3a80, an attacker could cause arbitrary JavaScript execution in a user’s browser by clicking links to malicious GitHub commits, effectively enabling an XSS vector in Discourse code review workflows. The issue is ...

CVE-2025-46827 Graylog Allows Session Takeover via Insufficient HTML Sanitization

Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definition Remediation Step field. For this attack to succeed, the attacker needs a user account with...