Lucene search
K

767 matches found

Cvelist
Cvelist
added 2025/12/30 12:8 p.m.22 views

CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

0.00166EPSS
Exploits0References3
OSV
OSV
added 2025/12/30 12:8 p.m.5 views

CVE-2023-54164 Bluetooth: ISO: fix iso_conn related locking and validity issues

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

6.2AI score0.00166EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/12/30 12:8 p.m.5 views

CVE-2023-54164

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and access conn should hold locksock, otherwise they can race. The order of...

5.2AI score0.00166EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.2 views

PT-2025-54087

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the CIFS implementation, specifically in the cifs oplock break function. A race condition can occur with deferred close operations and lease break...

5.9AI score0.00168EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper locking and insufficient validity checking, which could lead to a race condition...

5.8AI score0.00166EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2025/12/30 12:0 a.m.8 views

security/libsodium -- crypto_core_ed25519_is_valid_point mishandles checks for whether an elliptic curve point is valid

Libsodium maintainer reports: The function cryptocoreed25519isvalidpoint, a low-level function used to check if a given elliptic curve point is valid, was supposed to reject points that aren't in the main cryptographic group, but some points were slipping through...

4.5CVSS6.6AI score0.00166EPSS
Exploits0References1
OSV
OSV
added 2025/12/24 12:23 p.m.5 views

CVE-2023-54062 ext4: fix invalid free tracking in ext4_xattr_move_to_block()

In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrmovetoblock In ext4xattrmovetoblock, the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...

6.6AI score0.00195EPSS
Exploits0References12
NVD
NVD
added 2025/12/24 11:15 a.m.7 views

CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

0.00156EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a substitution of incorrect ASCE index values, which could lead to address delivery errors and validity...

6.1AI score0.00209EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.10 views

PT-2025-53037

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to the idmouse driver. Specifically, within the idmouse create image function, a failure in any ftip command can lead to uninitialized data in...

7.8CVSS6.3AI score0.00465EPSS
Exploits2References916
OSV
OSV
added 2025/12/19 5:38 p.m.6 views

OPENSUSE-SU-2025:20172-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

7.8CVSS6.8AI score0.00236EPSS
Exploits1References219
CVE
CVE
added 2025/12/09 12:1 a.m.17 views

CVE-2023-53817

CVE-2023-53817 — Linux kernel crypto: lib/mpi . The vulnerability stems from mpi_cmp_ui() dereferencing a NULL u->d when handling a DH value in NVMe/TCP authentication, triggered by using an 8192-bit DH group with a correctly sized but zeroed value. The issue occurs because mpi_cmp_ui() treats...

6AI score0.002EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/08 3:31 a.m.7 views

EUVD-2023-60071

In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebugicpprobe ofirqfindparent returns a node pointer with refcount incremented, We should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcount leak...

4.7AI score0.00165EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/11/28 12:0 a.m.7 views

PT-2025-48316

Name of the Vulnerable Software and Affected Versions MISP versions prior to 2.5.24 Description The software contains flawed logic when validating uploaded files, specifically concerning the tmp name parameter. This issue resides in the app/Controller/EventsController.php file. Recommendations...

8.2CVSS6.6AI score0.00315EPSS
Exploits0References8
OSV
OSV
added 2025/11/26 8:13 a.m.5 views

SUSE-SU-2025:21144-1 Security update for mysql-connector-java

This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...

7.5CVSS6AI score0.0052EPSS
Exploits0References3
OSV
OSV
added 2025/11/26 8:12 a.m.6 views

OPENSUSE-SU-2025:20089-1 Security update for mysql-connector-java

This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...

7.5CVSS7.2AI score0.0052EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.8 views

CVE-2025-64708

authentik is an open-source Identity Provider. Prior to versions 2025.8.5 and 2025.10.2, in previous authentik versions, invitations were considered valid regardless if they are expired or not, thus relying on background tasks to clean up expired ones. In a normal scenario this can take up to 5...

5.8CVSS6.7AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/19 12:0 a.m.6 views

PT-2025-47495

Name of the Vulnerable Software and Affected Versions authentik versions prior to 2025.8.5 authentik versions prior to 2025.10.2 Description authentik, an open-source Identity Provider, had a flaw where invitations remained valid even after expiration. This relied on background tasks to remove...

9.9CVSS6.4AI score0.7654EPSS
Exploits33References92
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.7 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check resource validity, which could result in a null pointer dereference...

6.1AI score0.00171EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989822)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989822 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Check endpoint is valid before dereferencing it When the host controller is not...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References4
Rows per page
Query Builder