21727 matches found
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
...
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
...
Redis Lua Use-After-Free may lead to remote code execution
...
octeontx2-pf: handle otx2_mbox_get_rsp errors in otx2_dmac_flt.c
...
net/smc: initialize close_work early to avoid warning
...
KVM: arm64: Disassociate vcpus from redistributor region on teardown
...
tty: add the option to have a tty reject a new ldisc
...
SUNRPC: lock against ->sock changing during sysfs read
...
Use-after-free vulnerability in Qt SVG qsvghandler.cpp allows denial of service via crafted SVG
...
Qemu-kvm: vnc websocket handshake use-after-free
...
Uncontrolled recursion in Qt SVG module
...
mm: /proc/pid/smaps_rollup: fix no vma's null-deref
...
net/mlx5e: Harden uplink netdev access against device unbind
...
crypto: af_alg - Set merge to zero early in af_alg_sendmsg
...
cgroup: split cgroup_destroy_wq into 3 workqueues
...
cnic: Fix use-after-free bugs in cnic_delete_task
...
qed: Don't collect too many protection override GRC elements
...
net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer
...
tls: make sure to abort the stream if headers are bogus
...
ksmbd: smbdirect: verify remaining_data_length respects max_fragmented_recv_size
...
ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed
...
smb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path
...
drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ
...
pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together.
...
octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp()
...
dm-stripe: fix a possible integer overflow
...
smb: client: let recv_done verify data_offset, data_length and remaining_data_length
...
wifi: wilc1000: avoid buffer overflow in WID string configuration
...
smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)
...
um: virtio_uml: Fix use-after-free after put_device in probe
...
ksmbd: smbdirect: validate data_offset and data_length field of smb_direct_data_transfer
...
io_uring/io-wq: Use set_bit() and test_bit() at worker->flags
...
Bluetooth: HCI: Remove HCI_AMP support
...
pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long().
...
An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation.
...
f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid
...
MITRE: CVE-2025-59489 Unity Gaming Engine Editor vulnerability
Unity announced a security vulnerability CVE-2025-59489 that is affecting games or applications built with the Unity Gaming Engine Editor version 2017.1 or later. You may be using a Microsoft app or playing a Microsoft game that should be uninstalled until an update is available. We are working t...
Denial of Service in CivetWeb
...
Chromium: CVE-2025-11219 Use after free in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11216 Inappropriate implementation in Storage
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11215 Off by one error in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11213 Inappropriate implementation in Omnibox
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11212 Inappropriate implementation in Media
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11211 Out of bounds read in Media
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11210 Side-channel information leakage in Tab
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11209 Inappropriate implementation in Omnibox
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11207 Side-channel information leakage in Storage
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11208 Inappropriate implementation in Media
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11206 Heap buffer overflow in Video
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2025-11205 Heap buffer overflow in WebGPU
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...