CVE-2025-47735

inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an mpi3mr driver reset competing with a task management thread, which could result in invalid queue accesses...

PT-2025-20470 · Wgp · Wgp

Name of the Vulnerable Software and Affected Versions: wgp crate versions 0.2.0 and earlier Description: The issue is related to the lack of drop slow thread synchronization in the inner::drop function within the inner.rs file of the wgp crate for Rust. This synchronization issue may lead to...

SUSE CVE-2022-49822

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix connections leak when tlink setup failed If the tlink setup failed, lost to put the connections, then the module refcnt leak since the cifsd kthread not exit. Also leak the fscache info, and for next mount with fsc, it...

PT-2025-22213

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue is possible in the Linux kernel due to insufficient checks on file reference counts. This occurs when one thread destroys a file while another thread holds a...

CVE-2023-53131

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthreadstop may prevent the threadfn from ever getting called. If that happens the svcrqst will not be cleaned up...

SUSE CVE-2022-49852

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

CVE-2023-53131

CVE-2023-53131 refers to a Linux kernel issue in SUNRPC: a server shutdown leak caused by a race where kthread_stop() may prevent threadfn from running, leaving svc_rqst cleanup incomplete. The connected Nessus/OpenVAS entries for Unity Linux and EulerOS acknowledge the same description block and...

DEBIAN-CVE-2022-49852

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

CVE-2022-49852 riscv: process: fix kernel info leakage

In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory content, which may be finally leaked to userspace. This is a security hole. Fix it by clearing the s12 array in threadstruct when fork. A...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to clear the array of threadstruct when a process is forked in the riscv architecture, which could...

PT-2025-18569

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A security issue has been identified in the Linux kernel, specifically related to the riscv process, where the s12 array in thread struct may contain random kernel memory content. This...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop indefinitely until...

ALSA-2025:4244 Moderate: glibc security update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fixes: glibc:...

SUSE CVE-2025-41423

Mattermost versions 10.4.x = 10.4.2, 10.5.x = 10.5.0, 9.11.x = 9.11.10 fail to properly validate permissions for the API endpoint /plugins/playbooks/api/v0/signal/keywords/ignore-thread, allowing any user or attacker to delete posts containing actions created by the Playbooks bot, even without...

CVE-2025-46613

OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access handleConnections arguments after the parent stack frame becomes unavailable...

CVE-2025-46613

OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access handleConnections arguments after the parent stack frame becomes unavailable...

CVE-2025-46613

OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a thread may access handleConnections arguments after the parent stack frame becomes unavailable...

CVE-2025-46613

OpenPLC 3 through 64f9c11 is affected by a memory corruption vulnerability in server.cpp caused by a thread accessing the handleConnections arguments after the parent stack frame becomes unavailable, i.e., a race condition. This is documented across multiple sources (NVD/Red Hat/CIRCL/CNNVD, PT-S...