21761 matches found
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
...
Nodes can bypass dynamic resource allocation authorization checks
...
platform/x86: think-lmi: Fix password opcode ordering for workstations
...
net: bridge: xmit: make sure we have at least eth header len bytes
...
proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al
...
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid.
...
drm/msm: Fix another leak in the submit error path
...
regulator: core: fix NULL dereference on unbind due to stale coupling data
...
firmware: qcom: scm: smc: Handle missing SCM device
...
Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump
...
HDF5 h5 File H5SM.c H5SM_delete heap-based overflow
...
scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()
...
parisc: fix a possible DMA corruption
...
NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN
...
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting.
...
Unexpected command execution in untrusted VCS repositories in cmd/go
...
Arbitrary code execution during build via line directives in cmd/go
...
cmake cmForEachCommand.cxx ReplayItems assertion
...
ipmi:msghandler: Fix potential memory corruption in ipmi_create_user()
...
vlan: fix memory leak in vlan_newlink()
...
net: better track kernel sockets lifetime
...
A vulnerability was found in DPDK versions 18.11 and above
...
atm: clip: Fix NULL pointer dereference in vcc_sendmsg()
...
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.
...
drm/amd/display: Check denominator crb_pipes before used
...
GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem.
...
bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT
...
rose: fix dangling neighbour pointers in rose_rt_device_down()
...
libtiff tiff2ps tiff2ps.c PS_Lvl2page null pointer dereference
...
drm/amd/display: Initialize denominators' default to 1
...
HDF5 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow
...
Stack exhaustion in Parse in go/build/constraint
...
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.
...
ksmbd: fix potential use-after-free in oplock/lease break ack
...
LibTIFF tiffcmp tiffcmp.c InitCCITTFax3 memory leak
...
shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.
...
mm/khugepaged: fix ->anon_vma race
...
bna: adjust 'name' buf size of bna_tcb and bna_ccb structures
...
Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.
...
perf: Revert to requiring CAP_SYS_ADMIN for uprobes
...
bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq
...
xdp: fix invalid wait context of page_pool_destroy()
...
Denial of Service through Data corruption in gRPC-C++
...
webpack-dev-server users' source code may be stolen when they access a malicious web site
...
virtio_net: Fix napi_skb_cache_put warning
...
HDF5 H5Faccum.c H5F__accum_free heap-based overflow
...
x86/mm/ident_map: Use gbpages only where full GB page should be mapped.
...
erofs: handle overlapped pclusters out of crafted images properly
...
Segmentation fault in fax3encode in libtiff/tif_fax3.c
...
media: pvrusb2: fix uaf in pvr2_context_set_notify
...