CVE-2025-40292 virtio-net: fix received length check in big packets

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix received length check in big packets Since commit 4959aebba8c0 "virtio-net: use mtu size as buffer length for big packets", when guest gso is off, the allocated size for big packets is not MAXSKBFRAGS PAGESIZE...

PT-2025-49425

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the virtio-net component of the Linux kernel related to the handling of received packet lengths in large packets. A change introduced by commit 4959aebba8c0 altered how...

Linux Distros Unpatched Vulnerability : CVE-2025-40225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panthor: Fix kernel panic on partial unmap of a GPU VA region This commit address a kernel panic issue that can happen if Userspace tries to partially unmap...

Linux Distros Unpatched Vulnerability : CVE-2025-40292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtio-net: fix received length check in big packets Since commit 4959aebba8c0 virtio-net: use mtu size as buffer length for big packets, when guest gso is off,...

CVE-2025-40288

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms and other scenarios with uninitialized VRAM managers triggered a NULL pointer dereference in ttmresourcemanagerusage. The root cause...

CVE-2025-66624

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. Prior to 1.5.0.rc2, The npduisexpectedreply function in src/bacnet/npdu.c indexes requestpduoffset+2/3/5 and replypduoffset+1/2/4 without verifying that those APDU...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unhidden VRAM sysfs attribute of a VRAM-less GPU, which could lead to a system crash...

CVE-2025-66624 BACnet-stack MS/TP reply matcher OOB read

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. Prior to 1.5.0.rc2, The npduisexpectedreply function in src/bacnet/npdu.c indexes requestpduoffset+2/3/5 and replypduoffset+1/2/4 without verifying that those APDU...

EUVD-2025-201496

BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. Prior to 1.5.0.rc2, The npduisexpectedreply function in src/bacnet/npdu.c indexes requestpduoffset+2/3/5 and replypduoffset+1/2/4 without verifying that those APDU...

CVE-2025-34265

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/rule-engines endpoint. When an authenticated user creates or updates a rule for an agent, the rule fields min, max, and unit are stored and later rendered in rule listings o...

CVE-2025-34265

Advantech WISE-DeviceOn Server (prior to version 5.4) exposes a stored XSS in the /rmm/v1/rule-engines endpoint. When an authenticated user creates/updates a rule, the min, max, and unit fields are stored and later rendered without proper HTML sanitization, allowing injected script to run in the ...

CVE-2025-34265 Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via rule-engines

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/rule-engines endpoint. When an authenticated user creates or updates a rule for an agent, the rule fields min, max, and unit are stored and later rendered in rule listings o...

EUVD-2025-201429

Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/rule-engines endpoint. When an authenticated user creates or updates a rule for an agent, the rule fields min, max, and unit are stored and later rendered in rule listings o...

USN-7909-4 linux-gcp, linux-gke, linux-gkeop vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...

BACnet Stack 缓冲区错误漏洞

BACnet Stack is a BACnet open source protocol stack C library for embedded systems, Linux, MacOS, BSD and Windows. A buffer error vulnerability exists in BACnet Stack versions prior to 1.5.0.rc2, which stems from the npduisexpectedreply function failing to validate the presence of an APDU byte,...

[SECURITY] Fedora 43 Update: kf6-kunitconversion-6.20.0-2.fc43

KDE Frameworks 6 Tier 2 addon for unit conversions...

CVE-2025-63896

An issue in the Bluetooth Human Interface Device HID of JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to inject arbitrary keystrokes via a spoofed Bluetooth HID device...

CVE-2025-20789

In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538...

CVE-2025-20788

In GPU pdma, there is a possible memory corruption due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117735; Issue ID: MSV-4539...

BIT-NGINX-GATEWAY-2024-34161 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...