AZL-68510 CVE-2025-39994 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

CVE-2025-39982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...

UBUNTU-CVE-2025-39982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...

CVE-2025-39994 media: tuner: xc5000: Fix use-after-free in xc5000_release

In the Linux kernel, the following vulnerability has been resolved: media: tuner: xc5000: Fix use-after-free in xc5000release The original code uses canceldelayedwork in xc5000release, which does not guarantee that the delayed work item timersleep has fully completed if it was already running. Th...

CVE-2025-39982

CVE-2025-39982 is a Linux kernel Bluetooth (hci_event) UAF in hci_acl_create_conn_sync. The initial CVE description confirms a use-after-free in hci_acl_create_conn_sync that can occur while a pending connection is being submitted (conn->state == BT_OPEN) and is similarly implicated for hci_le...

CVE-2025-39982 Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...

CVE-2025-39966

CVE-2025-39966 (Linux kernel, iommufd) : A race during abort for file descriptors could cause a use-after-free when the object is freed while a file’s private_data references it. The bug arises because fput() defers release() to a workqueue; ifAbort allocation fails before installing the file, th...

CVE-2023-7304

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmcsync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the...

CVE-2023-7304 Ruijie RG-UAC nmc_sync.php Command Injection

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmcsync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the...

Ruijie RG-UAC Application Management Gateway 安全漏洞

Ruijie RG-UAC Application Management Gateway is an Internet behavior management security gateway from Ruijie. A security vulnerability exists in the Ruijie RG-UAC Application Management Gateway, which is caused by a command injection in the nmcsync.php interface, which could lead to the execution...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a post-release reuse issue in hciaclcreateconnsync and hcilecreateconnsync, which could lead to memory...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1223)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1223 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix use-after-free in stateshow CVE-2025-39877 In the Linux kernel, the following vulnerability has been...

VulnCheck KEV: CVE-2023-7304

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the 'nmcsync.php' interface. An unauthenticated attacker able to reach the affected endpoint can inject shell commands via crafted request data, causing the application to execute arbitrary commands on the...

CVE-2025-9621

The WidgetPack Comment System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.1. This is due to missing or incorrect nonce validation on the wpcmtsync action in the wpcmtrequesthandler function. This makes it possible for unauthenticated...

Fedora 41 : chromium (2025-ed59372bc2)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ed59372bc2 advisory. Update to 141.0.7390.65 High CVE-2025-11458: Heap buffer overflow in Sync High CVE-2025-11460: Use after free in Storage Medium CVE-2025-11211: Out ...

Withdrawn Advisory: cross-zip is vulnerable to Directory Traversal through selective use of zip/unzip operations

Withdrawn Advisory This advisory has been withdrawn because it does not discuss a valid vulnerability. This link is maintained to preserve external references. Original Description All versions of the package cross-zip are vulnerable to Directory Traversal via consecutive usage of zipSync and...

CVE-2025-11569

The connected data identifies a concrete vulnerability in the cross-zip JavaScript package. A Directory Traversal flaw exists when repeatedly using zipSync() and unzipSync() with arguments such as __dirname, allowing an attacker to access host system files. Red Hat lists all versions of cross-zip...

CVE-2025-11569

...

Chromium: CVE-2025-11458 Heap buffer overflow in Sync

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in Google Chrome that stems from a heap buffer overflow issue in Sync...