Lucene search
K

514 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-48762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64: extable: fix loadunalignedzeropad reg indices In exhandlerloadunalignedzeropad we...

6.2CVSS5.1AI score0.00188EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-52827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix possible out-of- bound read in ath12khttpullppdustats len is extracted fro...

7.1CVSS5.8AI score0.00246EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-32399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/bluetooth/hcirequest.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. CVE-2021-32399 Note that Nessus relies on...

7CVSS6.7AI score0.00697EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-4037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system wi...

7.8CVSS6.8AI score0.00279EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-40952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2journaldirty bdev-bdsuper has been removed and...

5.5CVSS5.8AI score0.00238EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-27409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The...

5.5CVSS5.2AI score0.00236EPSS
Exploits0References2
OSV
OSV
added 2025/07/28 11:21 a.m.4 views

CVE-2025-38471 tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.3AI score0.00152EPSS
Exploits0References9
NVD
NVD
added 2025/07/25 4:15 p.m.8 views

CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV-ES intra host migration if vCPU creation is in-flight Reject migration of SEV-ES state if either the source or destination VM is actively creating a vCPU, i.e. if kvmvmioctlcreatevcpu is in the section betwee...

5.5CVSS0.00147EPSS
Exploits0References6
NVD
NVD
added 2025/07/25 4:15 p.m.4 views

CVE-2025-38449

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...

5.5CVSS0.00148EPSS
Exploits0References4
OSV
OSV
added 2025/07/25 3:27 p.m.5 views

CVE-2025-38444 raid10: cleanup memleak at raid10_make_request

In the Linux kernel, the following vulnerability has been resolved: raid10: cleanup memleak at raid10makerequest If raid10readrequest or raid10writerequest registers a new request and the REQNOWAIT flag is set, the code does not free the malloc from the mempool. unreferenced object...

5.5CVSS7.3AI score0.00147EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/07/25 2:16 p.m.8 views

CVE-2025-38430 nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4spomustallow must check this is a v4 compound request If the request being processed is not a v4 compound request, then examining the cstate can have undefined results. This patch adds a check that the rpc procedure...

0.00175EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/07/25 2:16 p.m.9 views

CVE-2025-38428 Input: ims-pcu - check record size in ims_pcu_flash_firmware()

In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...

0.00179EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/07/25 2:16 p.m.5 views

CVE-2025-38427

In the Linux kernel, the following vulnerability has been resolved: video: screeninfo: Relocate framebuffers behind PCI bridges Apply PCI host-bridge window offsets to screeninfo framebuffers. Fixes invalid access to I/O memory. Resources behind a PCI host bridge can be relocated by a certain...

5.5CVSS5.5AI score0.00155EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/25 2:0 p.m.14 views

CVE-2025-38416 NFC: nci: uart: Set tty->disc_data only in success path

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in success path Setting tty-discdata before opening the NCI device means we need to clean it up on error paths. This also opens some short window if device starts sending data, even before...

0.00183EPSS
Exploits0References8
OSV
OSV
added 2025/07/25 2:0 p.m.7 views

CVE-2025-38416 NFC: nci: uart: Set tty->disc_data only in success path

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty-discdata only in success path Setting tty-discdata before opening the NCI device means we need to clean it up on error paths. This also opens some short window if device starts sending data, even before...

7.8CVSS6.5AI score0.00183EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/07/25 1:32 p.m.14 views

CVE-2025-38415 Squashfs: check return result of sb_min_blocksize

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check return result of sbminblocksize Syzkaller reports an "UBSAN: shift-out-of-bounds in squashfsbioread" bug. Syzkaller forks multiple processes which after mounting the Squashfs filesystem, issues an ioctl"/dev/loop0...

0.00181EPSS
Exploits0References8
CVE
CVE
added 2025/07/25 1:32 p.m.96 views

CVE-2025-38415

CVE-2025-38415 is a Linux kernel vulnerability affecting Squashfs where sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE) can return 0, causing msblk->devblksize to be 0 and leading to an out-of-bounds shift (64) in msblk->devblksize_log2. The issue stems from not handling a 0 return from sb_min_b...

7.8CVSS6.5AI score0.00181EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2025/07/25 1:20 p.m.54 views

CVE-2025-38413

CVE-2025-38413 : In the Linux kernel virtio-net XDP path (xsk RX), len passed to buf_to_xdp did not consistently account for virtio header length for the first buffer, risking an incorrect frame size check. The fix differentiates the first buffer from subsequent ones by introducing an extra param...

5.5CVSS6.5AI score0.00154EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2025/07/25 12:53 p.m.26 views

CVE-2025-38398

The CVE-2025-38398 issue concerns the Linux kernel driver for spi-qpic-snand. The root cause is out-of-bounds memory access in BAM transactions due to allocating BAM memory for only a single codeword during probe; as a result, operations can exceed allocated space, causing memory corruption, NULL...

5.5CVSS6.8AI score0.00129EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/25 12:53 p.m.6 views

CVE-2025-38392 idpf: convert control queue mutex to a spinlock

In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...

0.00155EPSS
Exploits0References3
Rows per page
Query Builder