CVE-2022-49711 bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove()

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

CVE-2022-49635 drm/i915/selftests: fix subtraction overflow bug

In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machines holeend can be small enough to cause subtraction overflow. On the other side addr + 2 minalignment can overflow in case of mock tests. This patch should handle bot...

CVE-2022-49618 pinctrl: aspeed: Fix potential NULL dereference in aspeed_pinmux_set_mux()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: aspeed: Fix potential NULL dereference in aspeedpinmuxsetmux pdesc could be null but still dereference pdesc-name and it will lead to a null pointer access. So we move a null check before dereference...

CVE-2022-49384 md: fix double free of io_acct_set bioset

In the Linux kernel, the following vulnerability has been resolved: md: fix double free of ioacctset bioset Now ioacctset is alloc and free in personality. Remove the codes that free ioacctset in mdfree and mdstop...

CVE-2022-49311 drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle()

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtwjoinbsseventprehandle There is a deadlock in rtwjoinbsseventprehandle, which is shown below: Thread 1 | Thread 2 | settimer rtwjoinbsseventprehandle| modtimer spinlockbh //1 | wait ...

CVE-2022-49275 can: m_can: m_can_tx_handler(): fix use after free of skb

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcantxhandler: fix use after free of skb canputechoskb will clone skb then free the skb. Move the canputechoskb for the mcan version 3.0.x directly before the start of the xmit in hardware, similar to the 3.1.x branch...

CVE-2025-25192

GLPI prior to 10.0.18 is affected by CVE-2025-25192 where a low-privileged user can enable debug mode and access sensitive information. A patch is included in version 10.0.18; organizations should upgrade to 10.0.18 or later. A workaround mentioned is deleting install/update.php. The vulnerabilit...

CVE-2025-27141

Metabase Enterprise Edition is affected by CVE-2025-27141: impersonation-enabled users can view cached question results that may contain data they should not access. Affected versions include 1.47.0 up to 1.50.35, 1.51.0 up to 1.51.13, 1.52.0 up to 1.52.10, and 1.53.x prior to the patched builds....

CVE-2025-27140 WeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)

WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, importardump.php endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely. The command is basically a comma...

CVE-2025-24893

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduc...

CVE-2025-24806

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...

Namada-apps allows Excessive Computation in Mempool Validation

Impact A malicious transaction may cause an expensive computation in mempool validation. A transaction with multiple repeated sections causes the section hash calculation used for signature validation to grow exponentially and potentially even cubic in proportion to number of sections. This may b...

BIT-DISCOURSE-2024-53994 Potential bypass of chat permissions in Discourse

Discourse is an open source platform for community discussion. In affected versions users who disable chat in preferences could still be reachable in some cases. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable...

CVE-2025-24806 Regulation applies separately to Username-based logins to Email-based logins in authelia

Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to t...

CVE-2025-25287

Lakeus is a simple skin made for MediaWiki. Starting in version 1.0.8 and prior to versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0, Lakeus is vulnerable to store cross-site scripting via malicious system messages, though editing the messages requires high privileges. Those with editinterface...

GHSA-H7H7-6MX3-R89V Fyrox has unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

CVE-2025-25283

CVE-2025-25283 concerns parse-duration (node package). Versions prior to 2.1.3 are vulnerable to event-loop delay due to CPU-bound duration resolution and may cause an out-of-memory crash with large Unicode-containing inputs. A patch is available in 2.1.3; remediation is to upgrade to that versio...

SUSE-SU-2025:0455-1 Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024103 fixes several issues. The following security issues were fixed: - CVE-2024-45016: netem: fix return value if duplicate enqueue fails bsc1230998. - CVE-2022-48912: Fix use-after-free in nfregisternethook bsc1229641 - CVE-2022-48923: btrfs: preve...

CVE-2025-25203 Ctrlpanel has stored XSS vulnerability in TicketsController priority field

CtrlPanel is open-source billing software for hosting providers. Prior to version 1.0, a Cross-Site Scripting XSS vulnerability exists in the TicketsController and Moderation/TicketsController due to insufficient input validation on the priority field during ticket creation and unsafe rendering o...

Astra Linux - уязвимость в imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024...