Lucene search
K

12658 matches found

OSV
OSV
added 2025/05/09 7:16 a.m.4 views

AZL-70159 CVE-2025-37882 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

7.8CVSS6.8AI score0.00237EPSS
Exploits0References1
OSV
OSV
added 2025/05/09 7:16 a.m.1 views

DEBIAN-CVE-2025-37882

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

7.8CVSS5.8AI score0.00237EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/05/09 3:23 a.m.1 views

SUSE CVE-2025-37816

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...

5.5CVSS6.9AI score0.00163EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/05/09 3:23 a.m.1 views

SUSE CVE-2025-37826

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

5.5CVSS6.5AI score0.00148EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/05/08 11:39 a.m.3 views

SUSE CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when Transfer-Encoding: chunked is used or when no Content-Length header is provided. A remote attacker can send a chunked...

7.5CVSS7.1AI score0.00603EPSS
Exploits1References3
OSV
OSV
added 2025/05/08 7:15 a.m.7 views

AZL-62624 CVE-2025-37826 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

5.5CVSS6.6AI score0.00148EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 7:15 a.m.1 views

DEBIAN-CVE-2025-37826

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

5.5CVSS5.6AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2025/05/08 7:15 a.m.11 views

CVE-2025-37813

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before preparetransfer and preparering, so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of time...

5.5CVSS0.00149EPSS
Exploits0References4
OSV
OSV
added 2025/05/08 7:15 a.m.6 views

AZL-63791 CVE-2025-37801 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spiimxsetupxfer Add check for the return value of spiimxsetupxfer. spiimx-rx and spiimx-tx function pointer can be NULL when spiimxsetupxfer return error, and make NULL pointer dereference. Unable to...

5.5CVSS6.2AI score0.00161EPSS
Exploits0References1
OSV
OSV
added 2025/05/08 7:15 a.m.2 views

UBUNTU-CVE-2025-37826

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Add NULL check in ufshcdmcqcomplpendingtransfer Add a NULL check for the returned hwq pointer by ufshcdmcqreqtohwq. This is similar to the fix in commit 74736103fb41 "scsi: ufs: core: Fix ufshcdabortone racing...

5.5CVSS6.2AI score0.00148EPSS
Exploits0References22
OSV
OSV
added 2025/05/08 7:15 a.m.1 views

UBUNTU-CVE-2025-37816

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...

5.5CVSS6.4AI score0.00163EPSS
Exploits0References22
OSV
OSV
added 2025/05/08 7:15 a.m.1 views

UBUNTU-CVE-2025-37813

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before preparetransfer and preparering, so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of time...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References22
OSV
OSV
added 2025/05/08 6:26 a.m.7 views

CVE-2025-37813 usb: xhci: Fix invalid pointer dereference in Etron workaround

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix invalid pointer dereference in Etron workaround This check is performed before preparetransfer and preparering, so enqueue can already point at the final link TRB of a segment. And indeed it will, some 0.4% of time...

5.5CVSS6.5AI score0.00149EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/05/08 12:0 a.m.3 views

PT-2025-20330

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved. The issue is related to the spi-imx module, where the spi imx setupxfer function's return value is not properly checked. This can...

5.5CVSS6.7AI score0.00161EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/08 12:0 a.m.2 views

PT-2025-20342

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, specifically in the xhci Extensible Host Controller Interface component related to the Etron workaround. The issue involves an...

5.5CVSS6.5AI score0.00149EPSS
Exploits0
OSV
OSV
added 2025/05/07 7:11 p.m.7 views

RLSA-2025:0422 Moderate: java-17-openjdk security update for Rocky Linux 8.6, 8.8, 8.10, 9.4 and 9.5

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Enhance array handling CVE-2025-21502 Bug Fixes: The Rocky Enterprise Software Foundation OpenJDK packages rely on the copy-jdk-configs package to...

4.8CVSS6.9AI score0.00971EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/07 12:0 a.m.8 views

IBM InfoSphere Information Server Plaintext Transfer Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A plaintext transfer vulnerability exists in IBM InfoSphere Information Server version 11.7, whi...

3.7CVSS6AI score0.00144EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.3 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from the fact that running gNOI File TransferToRemote RPC with gNMI transfer enabled may result in the disclosure of remote...

6.5CVSS6.6AI score0.00231EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/07 12:0 a.m.5 views

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries during the processing of the send parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

7.5CVSS7.6AI score0.0062EPSS
Exploits1References5Affected Software1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.5 views

Do Not Install the TFTP Client

Trivial File Transfer Protocol TFTP is used for file transfer between a Linux server and other servers, desktop systems, as well as terminal devices. TFTP does not support authentication and encryption mechanisms. Data tends to be forged, tampered with, or stolen by attackers during communication...

7.2AI score
Exploits0References3
Rows per page
Query Builder