xsk: fix OOB map writes when deleting elements

...

CVE-2024-53145 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-53145 affecting package kernel for versions less than 5.15.176.3-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-53693 QTS, QuTS hero

An improper neutralization of CRLF sequences 'CRLF Injection' vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify application data. We have already fixed the...

CVE-2024-53692 QTS, QuTS hero

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions:...

CVE-2024-50390

CVE-2024-50390 affects QNAP QuRouter/QHora vulnerability described as a remote command injection. Evidence across sources indicates the issue allows executing arbitrary commands and is mitigated by a patch in QuRouter 2.4.5.032 and later. The NVD entry lists a high-severity impact (CVSS 3.1: CRIT...

CVE-2025-22869 affecting package cert-manager for versions less than 1.11.2-20

CVE-2025-22869 affecting package cert-manager for versions less than 1.11.2-20. A patched version of the package is available...

GHSA-6QVP-39MM-95V8 com.xwiki.confluencepro:application-confluence-migrator-pro-ui Remote Code Execution via unescaped translations

Impact A user that doesn't have programming rights can execute arbitrary code when creating a page using the Migration Page template. A possible attack vector is the following: Create a page and add the following content: confluencepro.job.question.advanced.input=/html async async="true"...

CVE-2025-21843

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: avoid garbage value in panthorioctldevquery 'prioritiesinfo' is uninitialized, and the uninitialized value is copied to user object when calling PANTHORUOBJSET. Using memset to initialize 'prioritiesinfo' to avoid th...

CVE-2025-21839

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Load DR6 with guest value only before entering .vcpurun loop Move the conditional loading of hardware DR6 with the guest's DR6 value out of the core .vcpurun loop to fix a bug where KVM can load hardware with a stale...

Out-of-bounds Write in SixLabors ImageSharp

Impact An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. Patches The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10...

CVE-2025-0337

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise wou...

CVE-2024-11957

Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate CVE-2024-7262 was not restrictive enough...

CVE-2025-0337

CVE-2025-0337 describes an authorization bypass in the Now Platform (Washington release) where an authenticated user could access data they are not entitled to. The vulnerability is addressed via patches and a family release made available to hosted and self-hosted customers and partners. Connect...

CVE-2025-0337 Authorization bypass in Now Platform

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise wou...

CVE-2024-58085 tomoyo: don't emit warning in tomoyo_write_control()

In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyowritecontrol syzbot is reporting too large allocation warning at tomoyowritecontrol, for one can write a very very long line without new line character. To fix this warning, I use GFPNOWARN...

CVE-2024-58070

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT In PREEMPTRT, kmallocGFPATOMIC is still not safe in non preemptible context. bpfmemalloc must be used in PREEMPTRT. This patch is to enforce bpfmemalloc in the...

CVE-2024-58070

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT In PREEMPTRT, kmallocGFPATOMIC is still not safe in non preemptible context. bpfmemalloc must be used in PREEMPTRT. This patch is to enforce bpfmemalloc in the...

CVE-2024-58070 bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT

In the Linux kernel, the following vulnerability has been resolved: bpf: bpflocalstorage: Always use bpfmemalloc in PREEMPTRT In PREEMPTRT, kmallocGFPATOMIC is still not safe in non preemptible context. bpfmemalloc must be used in PREEMPTRT. This patch is to enforce bpfmemalloc in the...

CVE-2024-58055

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ftcm: Don't free command immediately Don't prematurely free the command. Wait for the status completion of the sense status. It can be freed then. Otherwise we will double-free the command...

CVE-2024-56195

Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 9.2.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...