15 matches found
CVE-2025-24801
GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of .php files located on the GLPI server. This vulnerability is fixed in 10.0.18...
CVE-2025-2152
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The...
CVE-2024-58075
In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegracmacinit or tegrashainit function may return an error when memory is exhausted. It should not transfer the request when they return an error...
CVE-2025-21826
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject mismatching sum of fieldlen with set key length The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the...
CVE-2024-38311
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue...
CVE-2025-21765
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6defaultadvmss ip6defaultadvmss needs rcu protection to make sure the net structure it reads does not disappear...
CVE-2022-49497
In the Linux kernel, the following vulnerability has been resolved: net: remove two BUG from skbchecksumhelp I have a syzbot report that managed to get a crash in skbchecksumhelp If syzbot can trigger these BUG, it makes sense to replace them with more friendly WARNONONCE since skbchecksumhelp ca...
CVE-2022-49315
In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192e: Fix deadlock in rtllibbeaconsstop There is a deadlock in rtllibbeaconsstop, which is shown below: Thread 1 | Thread 2 | rtllibsendbeacon rtllibbeaconsstop | modtimer spinlockirqsave //1 | wait a time...
CVE-2022-49397
In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference in case of a late probe error e.g. probe deferral...
CVE-2022-49682
In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrateccount, offindcompatiblenode will return a node pointer with refcount incremented. We should use ofnodeput when it is not used anymore...
CVE-2022-49540
In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in schedule and flush work While booting secondary CPUs, cpusreadlock/unlock is not keeping online cpumask stable. The transient online mask results in below calltrace. 0.324121 CPU1: Booted secondary processo...
CVE-2022-49619
In the Linux kernel, the following vulnerability has been resolved: net: sfp: fix memory leak in sfpprobe sfpprobe allocates a memory chunk from sfp with sfpalloc. When devmaddaction fails, sfp is not freed, which leads to a memory leak. We should use devmaddactionorreset instead of devmaddaction...
CVE-2022-49093
In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool with page fragments. We encountered this problem during normal RX in the hns3 driver: 1 Initially we have three descriptors in the RX...
CVE-2022-49058
In the Linux kernel, the following vulnerability has been resolved: cifs: potential buffer overflow in handling symlinks Smatch printed a warning: arch/x86/crypto/poly1305glue.c:198 poly1305updatearch error: memcpy 'dctx-buf' too small 16 vs u32max It's caused because Smatch marks 'linklen' as...
CVE-2021-47654
In the Linux kernel, the following vulnerability has been resolved: samples/landlock: Fix pathlist memory leak Clang static analysis reports this error sandboxer.c:134:8: warning: Potential leak of memory pointed to by 'pathlist' ret = 0; ^ pathlist is allocated in parsepath but never freed...