68528 matches found
CVE-2025-53008
GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.3.1 through 10.0.19, a connected user can use a malicious payload to steal mail receiver...
CVE-2025-52567
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 0.84 through 10.0.18, usage of RSS feeds or external calendars when planning is subject to SSRF exploit. The previous security patches provided...
CVE-2025-52897
GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. This is fixed in version 10.0.19...
CVE-2025-54410
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...
CVE-2025-54572
The Ruby SAML library is for implementing the client side of a SAML authorization. In versions 1.18.0 and below, a denial-of-service vulnerability exists in ruby-saml even with the messagemaxbytesize setting configured. The vulnerability occurs because the SAML response is validated for Base64...
CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...
CVE-2025-38498
In the Linux kernel, the following vulnerability has been resolved: dochangetype: refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts located in the caller's mount namespace. This change aligns permission checking with the rest of mount2...
CVE-2025-8292
Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-43216
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-43214
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-31278
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...
CVE-2025-31273
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...
CVE-2025-31277
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption...
CVE-2025-43211
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service...
CVE-2025-43213
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-43228
The issue was addressed with improved UI. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6. Visiting a malicious website may lead to address bar spoofing...
CVE-2025-43265
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose internal states of the app...
CVE-2025-43212
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash...
CVE-2025-43227
This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose sensitive user information...
CVE-2025-43240
A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be incorrectly associated...
CVE-2025-4674
The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS e.g. Git, but contains metadata for another VCS e.g. Mercurial...
CVE-2025-27514
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...
CVE-2025-7458
An integer overflow in the sqlite3KeyInfoFromExprList function in SQLite versions 3.39.2 through 3.41.1 allows an attacker with the ability to execute arbitrary SQL statements to cause a denial of service or disclose sensitive information from process memory via a crafted SELECT statement with a...
CVE-2025-8264
Versions of the package z-push/z-push-dev before 2.7.6 are vulnerable to SQL Injection due to unparameterized queries in the IMAP backend. An attacker can inject malicious commands by manipulating the username field in basic authentication. This allows the attacker to access and potentially modif...
CVE-2025-8194
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...
CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
CVE-2025-43023
A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA...
CVE-2025-4056
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines...
CVE-2025-38481
In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct comediinsn, getting the length from the ninsns member of the struct...
CVE-2025-38474
In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints and having bulk in and out endpoints, but not that the third endpoint is interrupt input. Rectify the omission...
CVE-2025-38472
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrack entry from the hash bucket list: exception RIP: nfctdeletefromlists+172 .. 7...
CVE-2025-38470
In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put...
CVE-2025-38478
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix initialization of data for instructions that write to subdevice Some Comedi subdevice instruction handlers are known to access instruction data elements beyond the first insn-n elements in some cases. The doinsnioctl...
CVE-2025-38495
In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account f...
CVE-2025-38492
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix race between cache write completion and ALLQUEUED being set When netfslib is issuing subrequests, the subrequests start processing immediately and may complete before we reach the end of the issuing function. At the en...
CVE-2025-38487
In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel NULL pointer...
CVE-2025-38490
In the Linux kernel, the following vulnerability has been resolved: net: libwx: remove duplicate pagepoolputfullpage pagepoolputfullpage should only be invoked when freeing Rx buffers or building a skb if the size is too short. At other times, the pages need to be reused. So remove the redundant...
CVE-2025-38489
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfarchtextpoke with newaddr == NULL again Commit 7ded842b356d "s390/bpf: Fix bpfplt pointer arithmetic" has accidentally removed the critical piece of commit c730fce7c70c "s390/bpf: Fix bpfarchtextpoke with newaddr...
CVE-2025-38496
In the Linux kernel, the following vulnerability has been resolved: dm-bufio: fix sched in atomic context If "tryverifyintasklet" is set for dm-verity, DMBUFIOCLIENTNOSLEEP is enabled for dm-bufio. However, when bufio tries to evict buffers, there is a chance to trigger scheduling in spinlockbh,...
CVE-2025-38476
In the Linux kernel, the following vulnerability has been resolved: rpl: Fix use-after-free in rpldosrhinline. Running lwtdstcacherefloop.sh in selftest with KASAN triggers the splat below 0. rpldosrhinline fetches ipv6hdrskb and accesses it after skbcowhead, which is illegal as the header could ...
CVE-2025-38491
In the Linux kernel, the following vulnerability has been resolved: mptcp: make fallback action and fallback decision atomic Syzkaller reported the following splat: WARNING: CPU: 1 PID: 7704 at net/mptcp/protocol.h:1223 mptcpdofallback net/mptcp/protocol.h:1223 inline WARNING: CPU: 1 PID: 7704 at...
CVE-2025-38477
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...
CVE-2025-38468
In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htblookupleaf encounters an empty rbtree htblookupleaf has a BUGON that can trigger with the following: tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb default 1 tc class add dev lo...
CVE-2025-38485
In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962affifoflush fxls8962affifoflush uses indiodev-activescanmask with iioforeachactivechannel without making sure the indiodev stays in buffer mode. There is a race if indiodev...
CVE-2025-38475
In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inetsock type confusion. syzbot reported weird splats 01 in cipsov4socksetattr while freeing inetsksk-inetopt. The address was freed multiple times even though it was read-only memory...
CVE-2025-38469
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvmxenschedoppoll does a kmallocarray when a VM polls the host for more than one event channel potr nrports 1. After the kmallocarray, the error paths ne...
CVE-2025-38486
In the Linux kernel, the following vulnerability has been resolved: soundwire: Revert "soundwire: qcom: Add setchannelmap api support" This reverts commit 7796c97df6b1b2206681a07f3c80f6023a6593d5. This patch broke Dragonboard 845c sdm845. I see: Unexpected kernel BRK exception at EL1 Internal...
CVE-2025-38473
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix null-ptr-deref in l2capsockresumecb syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar problem that was fixed by commit 1bff51ea59a9 "Bluetooth: fix use-after-free error in...
CVE-2025-38493
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix crash in timerlatdumpstack We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 byte write of buffer size 0 WARNING: CPU:...
CVE-2025-38480
In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insnrwemulatebits For Comedi INSNREAD and INSNWRITE instructions on "digital" subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevice drive...