UBUNTU-CVE-2025-37857

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in stsetup Change the array size to follow parms size instead of a fixed value...

CVE-2025-37857

CVE-2025-37857 affects the Linux kernel scsi: st driver. It fixes an array overflow in st_setup() by changing the array size from a fixed value to follow the parms size.

CVE-2025-37857 scsi: st: Fix array overflow in st_setup()

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in stsetup Change the array size to follow parms size instead of a fixed value...

CVE-2025-37851 fbdev: omapfb: Add 'plane' value check

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispcovlsetup is not intended to work with the value OMAPDSSWB of the enum parameter plane. The value of this parameter is initialized in dssinitoverlays and in the current state of...

D-Link DIR-619L 安全漏洞

The D-Link DIR-619L is a cost-effective wireless router designed for home office Internet needs. The D-Link DIR-619L suffers from a buffer overflow vulnerability that stems from the improper handling of the wanconnected parameter in the formEasySetupWizard3 function, which can be exploited by an...

AZL-63791 CVE-2025-37801 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spiimxsetupxfer Add check for the return value of spiimxsetupxfer. spiimx-rx and spiimx-tx function pointer can be NULL when spiimxsetupxfer return error, and make NULL pointer dereference. Unable to...

CVE-2025-37801

The CVE-2025-37801 issue affects the Linux kernel’s SPI driver for i.MX (spi-imx). The root cause is that spi_imx_setupxfer() may return an error while leaving rx/tx function pointers NULL, leading to a NULL pointer dereference during a PIO transfer path. The documented impact is a kernel crash w...

PT-2025-20330

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the spi-imx module, where the spi imx setupxfer function's return value is not properly checked. This can...

setup bug fix and enhancement update

An update is available for setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...

Exploit for CVE-2025-2011

CVE-2025-2011 - Depicter Plugin SQL Injection Vulnerability...

D-Link DIR-600L 安全漏洞

The D-Link DIR-600L is a wireless router from China-based AUO D-Link. The D-Link DIR-600L suffers from a buffer overflow vulnerability that originates from the parameter host of the function formEasySetupWizard that fails to correctly validate the length and size of the input data, which can be...

CVE-2025-3583 Newsletter < 8.7.1 - Admin+ Stored XSS

The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-3583 Newsletter < 8.7.1 - Admin+ Stored XSS

The Newsletter WordPress plugin before 8.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

Exploit-CVE-2023-22518 CVE-2023-22518 in Confluence CVE-2023-22...

NETGEAR RAX5 安全漏洞

The NETGEAR RAX5 is a wireless router from NETGEAR. NETGEAR RAX5 suffers from a command injection vulnerability that stems from the failure of the ifname parameter in the apcliwpsgenpincode function to correctly filter constructed command special characters, commands, and so on. An attacker can...

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 !imagehttps://github.com/user-attachments/ass...

SUSE CVE-2023-53103

In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...

CVE-2023-53103

In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...

DEBIAN-CVE-2023-53103

In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...

UBUNTU-CVE-2023-53103

In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...