UBUNTU-CVE-2025-38081

In the Linux kernel, the following vulnerability has been resolved: spi-rockchip: Fix register out of bounds access Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbered much higher than native CS. Also, it makes no sense...

CVE-2025-38081 spi-rockchip: Fix register out of bounds access

In the Linux kernel, the following vulnerability has been resolved: spi-rockchip: Fix register out of bounds access Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbered much higher than native CS. Also, it makes no sense...

CVE-2025-38081 spi-rockchip: Fix register out of bounds access

In the Linux kernel, the following vulnerability has been resolved: spi-rockchip: Fix register out of bounds access Do not write native chip select stuff for GPIO chip selects. GPIOs can be numbered much higher than native CS. Also, it makes no sense...

PT-2025-25855

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel, specifically the spi-rockchip component. It involves fixing a register out of bounds access. The problem arises because GPIOs can be numbered mu...

BIT-MARIADB-MIN-2021-46668

MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-engine resource limitations for temporary data structures...

BIT-MARIADB-MIN-2021-46663

MariaDB through 10.5.13 allows a hamaria::extra application crash via certain SELECT statements...

PT-2025-24408 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread version 5.1.0 Description: A critical issue affects the sys select function of the Parameter Handler component in the file rt-thread/components/lwp/lwp syscall.c. The manipulation of the timeout argument leads to memory corruption...

📄 Frappe Framework 15.56.1 SQL Injection

Frappe Framework version 15.56.1 suffers from a remote SQL injection vulnerability. An authenticated SQL injection vulnerability exists in the frappe.desk.reportview.getlist API of the Frappe Framework, affecting versions v15.56.1. The vulnerability stems from improper sanitization of the fields...

CVE-2025-23899

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bookalet Bookalet bookalet allows Stored XSS.This issue affects Bookalet: from n/a through = 1.0.3...

CVE-2024-21990

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials...

CVE-2024-24051

Improper input validation of printing files in Monoprice Select Mini V2 V37.115.32 allows attackers to instruct the device's movable parts to destinations that exceed the devices' maximum coordinates via the printing of a malicious .gcode file...

CVE-2024-9440

Slim Select 2.0 versions through 2.9.0 are affected by a potential cross-site scripting vulnerability. In select.ts:createOption, the text variable from the user-provided Options object is assigned to an innerHTML without sanitation. Software that depends on this library to dynamically generate...

CVE-2024-51841

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Abdul Awal Uzzal File Select Control For Elementor file-select-control-for-elementor allows DOM-Based XSS.This issue affects File Select Control For Elementor: from n/a through = 1.3...

CVE-2023-46820

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Iulia Cazan Image Regenerate & Select Crop.This issue affects Image Regenerate & Select Crop: from n/a through 7.3.0...

CVE-2023-46287

XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php...

CVE-2023-2059

A vulnerability was found in DedeCMS 5.7.87. It has been rated as problematic. Affected by this issue is some unknown functionality of the file uploads/include/dialog/selecttemplets.php. The manipulation leads to path traversal: '..\filedir'. The attack may be launched remotely. The exploit has...

CVE-2023-27477

wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's code generation backend, Cranelift, has a bug on x8664 platforms for the WebAssembly i8x16.select instruction which will produce the wrong results when the same operand is provided to the instruction and some of the selected indice...

CVE-2022-31104

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

CVE-2022-47072

SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box...

CVE-2022-40404

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php...