Skip to main content
CVE-2025-47813 MEDIUM POC KEV PATCH THREAT Act Now

loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the application when using a long value in the UID cookie.

Information Disclosure Wing Ftp Server
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.5%
CVE-2025-6211 MEDIUM POC PATCH This Month

A vulnerability in the DocugamiReader class of the run-llama/llama_index repository, up to version 0.12.28, involves the use of MD5 hashing to generate IDs for document chunks. This approach leads to hash collisions when structurally distinct chunks contain identical text, resulting in one chunk overwriting another. This can cause loss of semantically or legally important document content, breakage of parent-child chunk hierarchies, and inaccurate or hallucinated responses in AI outputs. The issue is resolved in version 0.3.1.

Information Disclosure Llamaindex Red Hat
NVD GitHub
CVSS 3.0
6.5
EPSS
0.1%
CVE-2025-7021 MEDIUM POC This Month

Fullscreen API Spoofing and UI Redressing in the handling of Fullscreen API and UI rendering in OpenAI Operator SaaS on Web allows a remote attacker to capture sensitive user input (e.g., login credentials, email addresses) via displaying a deceptive fullscreen interface with overlaid fake browser controls and a distracting element (like a cookie consent screen) to obscure fullscreen notifications, tricking the user into interacting with the malicious site.

Information Disclosure Operator
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-28245 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Alteryx Server 2023.1.1.460 allows remote attackers to inject arbitrary web script or HTML via the notification body.

XSS Alteryx Server
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-6234 MEDIUM POC PATCH This Month

The Hostel WordPress plugin before 1.1.5.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

WordPress XSS Hostel PHP
NVD WPScan
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-7411 MEDIUM POC This Month

CVE-2025-7411 is a critical SQL injection vulnerability in code-projects LifeStyle Store 1.0 affecting the /success.php endpoint's ID parameter, allowing unauthenticated remote attackers to execute arbitrary SQL queries and potentially read/modify sensitive data. Public exploit code is available and the vulnerability is likely actively exploited in the wild, making this a high-priority remediation target despite the moderate CVSS 7.3 score which reflects limited immediate system impact rather than true severity.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-7410 MEDIUM POC This Month

CVE-2025-7410 is a critical SQL injection vulnerability in code-projects LifeStyle Store version 1.0, affecting the /cart_remove.php file's ID parameter. An unauthenticated remote attacker can exploit this vulnerability over the network to execute arbitrary SQL queries, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with exploit code available, increasing real-world exploitation risk.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-7409 MEDIUM POC This Month

CVE-2025-7409 is a critical SQL injection vulnerability in code-projects Mobile Shop 1.0 affecting the /LoginAsAdmin.php endpoint, where the 'email' parameter is improperly sanitized, allowing unauthenticated remote attackers to inject arbitrary SQL commands. The vulnerability has been publicly disclosed with exploits available, making it actively exploitable in the wild. With a CVSS score of 7.3 and network-accessible attack vector, this poses significant risk to confidentiality, integrity, and availability of affected systems.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-53364 MEDIUM POC PATCH This Month

A remote code execution vulnerability in 5.3.0 and (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Information Disclosure Node.js
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2025-6236 MEDIUM POC PATCH This Month

The Hostel WordPress plugin before 1.1.5.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

WordPress XSS Hostel PHP
NVD WPScan
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-24798 MEDIUM POC PATCH This Month

Meshtastic is an open source mesh networking solution. From 1.2.1 until 2.6.2, a packet sent to the routing module that contains want_response==true causes a crash. This can lead to a degradation of service for nodes within range of a malicious sender, or via MQTT if downlink is enabled. This vulnerability is fixed in 2.6.2.

Denial Of Service Meshtastic Firmware
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-47811 MEDIUM POC This Month

In Wing FTP Server through 7.4.4, the administrative web interface (listening by default on port 5466) runs as root or SYSTEM by default. The web application itself offers several legitimate ways to execute arbitrary system commands (i.e., through the web console or the task scheduler), and they are automatically executed in the highest possible privilege context. Because administrative users of the web interface are not necessarily also system administrators, one might argue that this is a privilege escalation. (If a privileged application role is not available to an attacker, CVE-2025-47812 can be leveraged.) NOTE: the vendor reportedly considers this behavior "fine to keep."

Privilege Escalation Wing Ftp Server
NVD
CVSS 3.1
4.1
EPSS
0.1%
CVE-2025-38322 MEDIUM PATCH CISA This Month

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix crash in icl_update_topdown_event() The perf_fuzzer found a hard-lockup crash on a RaptorLake machine: Oops: general protection fault, maybe for address 0xffff89aeceab400: 0000 CPU: 23 UID: 0 PID: 0 Comm: swapper/23 Tainted: [W]=WARN Hardware name: Dell Inc. Precision 9660/0VJ762 RIP: 0010:native_read_pmc+0x7/0x40 Code: cc e8 8d a9 01 00 48 89 03 5b cd cc cc cc cc 0f 1f ... RSP: 000:fffb03100273de8 EFLAGS: 00010046 .... Call Trace: <TASK> icl_update_topdown_event+0x165/0x190 ? ktime_get+0x38/0xd0 intel_pmu_read_event+0xf9/0x210 __perf_event_read+0xf9/0x210 CPUs 16-23 are E-core CPUs that don't support the perf metrics feature. The icl_update_topdown_event() should not be invoked on these CPUs. It's a regression of commit: f9bdf1f95339 ("perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read") The bug introduced by that commit is that the is_topdown_event() function is mistakenly used to replace the is_topdown_count() call to check if the topdown functions for the perf metrics feature should be invoked. Fix it.

Dell Linux Denial Of Service Intel Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-39752 MEDIUM This Month

IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could be vulnerable to malicious file upload by not validating the type of file uploaded to Explore Content. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing further attacks.

File Upload IBM Analytics Content Hub
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2024-38327 MEDIUM This Month

IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and further attacks due to an exposed JavaScript source map which could assist an attacker to read and debug JavaScript used in the application's API.

Information Disclosure IBM Analytics Content Hub
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-46789 MEDIUM This Month

Classic buffer overflow in certain Zoom Clients for Windows may allow an authorized user to conduct a denial of service via network access.

Microsoft Buffer Overflow Denial Of Service Zoom Windows
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49464 MEDIUM PATCH This Month

Classic buffer overflow in certain Zoom Clients for Windows may allow an authorised user to conduct a denial of service via network access.

Microsoft Buffer Overflow Denial Of Service Zoom Windows
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-6395 MEDIUM PATCH This Month

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

Null Pointer Dereference Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49463 MEDIUM PATCH This Month

A security vulnerability in certain Zoom Clients for iOS (CVSS 6.5) that allows an unauthenticated user. Remediation should follow standard vulnerability management procedures.

Information Disclosure Apple Zoom iOS
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-2522 MEDIUM This Month

The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource vulnerability in the component Control Data Access (CDA). An attacker could potentially exploit this vulnerability, leading to a Communication Channel Manipulation, which could result in buffer reuse which may cause incorrect system behavior. Honeywell also recommends updating to the most recent version of Honeywell Experion PKS:520.2 TCU9 HF1 and 530.1 TCU3 HF1 and OneWireless: 322.5 and 331.1.  The affected Experion PKS products are C300, FIM4, FIM8, UOC, CN100, HCA, C300PM, and C200E. The Experion PKS versions affected are 520.1 before 520.2 TCU9 HF1 and 530 before 530 TCU3. The OneWireless WDM affected versions are 322.1 through 322.4 and 330.1 through 330.3.

Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-35983 MEDIUM This Month

Improper Certificate Validation (CWE-295) in the Controller 7000 OneLink implementation could allow an unprivileged attacker to perform a limited denial of service or perform privileged overrides during the initial configuration of the Controller, there is no risk for Controllers once they are connected. This issue affects Controller 7000: 9.30 prior to vCR9.30.250624a (distributed in 9.30.1871 (MR1)).

Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-5022 MEDIUM This Month

CVE-2025-5022 is a security vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-7650 MEDIUM This Month

Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Services allows Remote Code Inclusion. The vulnerability could allow access to the system via script injection.This issue affects Directory Services: 23.4.

RCE Code Injection
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2025-5807 MEDIUM This Month

The Gwolle Guestbook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘gwolle_gb_content’ parameter in all versions up to, and including, 4.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2025-45662 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in the component /master/login.php of mpgram-web commit 94baadb allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload.

PHP XSS Mpgram Web
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2024-36697 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp.

XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-53626 MEDIUM PATCH This Month

pdfme is a TypeScript-based PDF generator and React-based UI. The expression evaluation feature in pdfme 5.2.0 to 5.4.0 contains critical vulnerabilities allowing sandbox escape leading to XSS and prototype pollution attacks. This vulnerability is fixed in 5.4.1.

XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-52473 MEDIUM PATCH This Month

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Multiple secret-dependent branches have been identified in the reference implementation of the HQC key encapsulation mechanism when it is compiled with Clang for optimization levels above -O0 (-O1, -O2, etc). A proof-of-concept local attack exploits this secret-dependent information to recover the entire secret key. This vulnerability is fixed in 0.14.0.

Information Disclosure Debian Liboqs Red Hat Suse
NVD GitHub
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-46406 MEDIUM PATCH This Month

CVE-2025-46406 is a security vulnerability (CVSS 5.6) that allows a privileged operator with high level access. Remediation should follow standard vulnerability management procedures.

Information Disclosure
NVD
CVSS 3.1
5.6
EPSS
0.0%
CVE-2025-38290 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in ar->arvifs list In current WLAN recovery code flow, ath12k_core_halt() only reinitializes the "arvifs" list head. This will cause the list node immediately following the list head to become an invalid list node. Because the prev of that node still points to the list head "arvifs", but the next of the list head "arvifs" no longer points to that list node. When a WLAN recovery occurs during the execution of a vif removal, and it happens before the spin_lock_bh(&ar->data_lock) in ath12k_mac_vdev_delete(), list_del() will detect the previously mentioned situation, thereby triggering a kernel panic. The fix is to remove and reinitialize all vif list nodes from the list head "arvifs" during WLAN halt. The reinitialization is to make the list nodes valid, ensuring that the list_del() in ath12k_mac_vdev_delete() can execute normally. Call trace: __list_del_entry_valid_or_report+0xd4/0x100 (P) ath12k_mac_remove_link_interface.isra.0+0xf8/0x2e4 [ath12k] ath12k_scan_vdev_clean_work+0x40/0x164 [ath12k] cfg80211_wiphy_work+0xfc/0x100 process_one_work+0x164/0x2d0 worker_thread+0x254/0x380 kthread+0xfc/0x100 ret_from_fork+0x10/0x20 The change is mostly copied from the ath11k patch: https://lore.kernel.org/all/20250320053145.3445187-1-quic_stonez@quicinc.com/ Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1

Race Condition Linux Information Disclosure Ubuntu Debian +3
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2025-38347 MEDIUM PATCH CISA This Month

CVE-2025-38347 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38337 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() Since handle->h_transaction may be a NULL pointer, so we should change it to call is_handle_aborted(handle) first before dereferencing it. And the following data-race was reported in my fuzzer: ================================================================== BUG: KCSAN: data-race in jbd2_journal_dirty_metadata / jbd2_journal_dirty_metadata write to 0xffff888011024104 of 4 bytes by task 10881 on cpu 1: jbd2_journal_dirty_metadata+0x2a5/0x770 fs/jbd2/transaction.c:1556 __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358 ext4_do_update_inode fs/ext4/inode.c:5220 [inline] ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869 __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074 ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103 .... read to 0xffff888011024104 of 4 bytes by task 10880 on cpu 0: jbd2_journal_dirty_metadata+0xf2/0x770 fs/jbd2/transaction.c:1512 __ext4_handle_dirty_metadata+0xe7/0x4b0 fs/ext4/ext4_jbd2.c:358 ext4_do_update_inode fs/ext4/inode.c:5220 [inline] ext4_mark_iloc_dirty+0x32c/0xd50 fs/ext4/inode.c:5869 __ext4_mark_inode_dirty+0xe1/0x450 fs/ext4/inode.c:6074 ext4_dirty_inode+0x98/0xc0 fs/ext4/inode.c:6103 .... value changed: 0x00000000 -> 0x00000001 ================================================================== This issue is caused by missing data-race annotation for jh->b_modified. Therefore, the missing annotation needs to be added.

Linux Null Pointer Dereference Denial Of Service Ubuntu Debian +4
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38273 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix refcount warning in tipc_aead_encrypt syzbot reported a refcount warning [1] caused by calling get_net() on a network namespace that is being destroyed (refcount=0). This happens when a TIPC discovery timer fires during network namespace cleanup. The recently added get_net() call in commit e279024617134 ("net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done") attempts to hold a reference to the network namespace. However, if the namespace is already being destroyed, its refcount might be zero, leading to the use-after-free warning. Replace get_net() with maybe_get_net(), which safely checks if the refcount is non-zero before incrementing it. If the namespace is being destroyed, return -ENODEV early, after releasing the bearer reference. [1]: https://lore.kernel.org/all/68342b55.a70a0220.253bc2.0091.GAE@google.com/T/#m12019cf9ae77e1954f666914640efa36d52704a2

Google Linux Information Disclosure Ubuntu Debian +4
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38293 MEDIUM PATCH This Month

CVE-2025-38293 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Debian Linux Kernel Debian Linux +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-7387 MEDIUM This Month

The Lana Downloads Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the endpoint parameters in versions up to, and including, 1.10.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with administrator-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

WordPress XSS PHP
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38285 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix WARN() in get_bpf_raw_tp_regs syzkaller reported an issue: WARNING: CPU: 3 PID: 5971 at kernel/trace/bpf_trace.c:1861 get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861 Modules linked in: CPU: 3 UID: 0 PID: 5971 Comm: syz-executor205 Not tainted 6.15.0-rc5-syzkaller-00038-g707df3375124 #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 RIP: 0010:get_bpf_raw_tp_regs+0xa4/0x100 kernel/trace/bpf_trace.c:1861 RSP: 0018:ffffc90003636fa8 EFLAGS: 00010293 RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff81c6bc4c RDX: ffff888032efc880 RSI: ffffffff81c6bc83 RDI: 0000000000000005 RBP: ffff88806a730860 R08: 0000000000000005 R09: 0000000000000003 R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000004 R13: 0000000000000001 R14: ffffc90003637008 R15: 0000000000000900 FS: 0000000000000000(0000) GS:ffff8880d6cdf000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7baee09130 CR3: 0000000029f5a000 CR4: 0000000000352ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1934 [inline] bpf_get_stack_raw_tp+0x24/0x160 kernel/trace/bpf_trace.c:1931 bpf_prog_ec3b2eefa702d8d3+0x43/0x47 bpf_dispatcher_nop_func include/linux/bpf.h:1316 [inline] __bpf_prog_run include/linux/filter.h:718 [inline] bpf_prog_run include/linux/filter.h:725 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2363 [inline] bpf_trace_run3+0x23f/0x5a0 kernel/trace/bpf_trace.c:2405 __bpf_trace_mmap_lock_acquire_returned+0xfc/0x140 include/trace/events/mmap_lock.h:47 __traceiter_mmap_lock_acquire_returned+0x79/0xc0 include/trace/events/mmap_lock.h:47 __do_trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline] trace_mmap_lock_acquire_returned include/trace/events/mmap_lock.h:47 [inline] __mmap_lock_do_trace_acquire_returned+0x138/0x1f0 mm/mmap_lock.c:35 __mmap_lock_trace_acquire_returned include/linux/mmap_lock.h:36 [inline] mmap_read_trylock include/linux/mmap_lock.h:204 [inline] stack_map_get_build_id_offset+0x535/0x6f0 kernel/bpf/stackmap.c:157 __bpf_get_stack+0x307/0xa10 kernel/bpf/stackmap.c:483 ____bpf_get_stack kernel/bpf/stackmap.c:499 [inline] bpf_get_stack+0x32/0x40 kernel/bpf/stackmap.c:496 ____bpf_get_stack_raw_tp kernel/trace/bpf_trace.c:1941 [inline] bpf_get_stack_raw_tp+0x124/0x160 kernel/trace/bpf_trace.c:1931 bpf_prog_ec3b2eefa702d8d3+0x43/0x47 Tracepoint like trace_mmap_lock_acquire_returned may cause nested call as the corner case show above, which will be resolved with more general method in the future. As a result, WARN_ON_ONCE will be triggered. As Alexei suggested, remove the WARN_ON_ONCE first.

Linux Debian Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38336 MEDIUM PATCH This Month

A remote code execution vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Ubuntu Debian Linux Kernel +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38312 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() In fb_find_mode_cvt(), iff mode->refresh somehow happens to be 0x80000000, cvt.f_refresh will become 0 when multiplying it by 2 due to overflow. It's then passed to fb_cvt_hperiod(), where it's used as a divider -- division by 0 will result in kernel oops. Add a sanity check for cvt.f_refresh to avoid such overflow... Found by Linux Verification Center (linuxtesting.org) with the Svace static analysis tool.

Linux Buffer Overflow
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38305 MEDIUM PATCH This Month

CVE-2025-38305 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Ubuntu Debian Linux Kernel +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38335 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT When enabling PREEMPT_RT, the gpio_keys_irq_timer() callback runs in hard irq context, but the input_event() takes a spin_lock, which isn't allowed there as it is converted to a rt_spin_lock(). [ 4054.289999] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 [ 4054.290028] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/0 ... [ 4054.290195] __might_resched+0x13c/0x1f4 [ 4054.290209] rt_spin_lock+0x54/0x11c [ 4054.290219] input_event+0x48/0x80 [ 4054.290230] gpio_keys_irq_timer+0x4c/0x78 [ 4054.290243] __hrtimer_run_queues+0x1a4/0x438 [ 4054.290257] hrtimer_interrupt+0xe4/0x240 [ 4054.290269] arch_timer_handler_phys+0x2c/0x44 [ 4054.290283] handle_percpu_devid_irq+0x8c/0x14c [ 4054.290297] handle_irq_desc+0x40/0x58 [ 4054.290307] generic_handle_domain_irq+0x1c/0x28 [ 4054.290316] gic_handle_irq+0x44/0xcc Considering the gpio_keys_irq_isr() can run in any context, e.g. it can be threaded, it seems there's no point in requesting the timer isr to run in hard irq context. Relax the hrtimer not to use the hard context.

Linux Information Disclosure Ubuntu Debian Debian Linux +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38278 MEDIUM PATCH This Month

CVE-2025-38278 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Ubuntu Debian Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38339 MEDIUM PATCH This Month

CVE-2025-38339 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

RCE Linux Ubuntu Debian Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38327 MEDIUM PATCH This Month

CVE-2025-38327 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Debian Authentication Bypass Ubuntu Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38316 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996_set_monitor() The function mt7996_set_monitor() dereferences phy before the NULL sanity check. Fix this to avoid NULL pointer dereference by moving the dereference after the check.

Linux Null Pointer Dereference Denial Of Service Ubuntu Debian +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38314 MEDIUM PATCH This Month

CVE-2025-38314 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Ubuntu Debian Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38309 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(), however during vm creation we can call this on the error path, before having actually initialised the svm state, leading to various splats followed by a fatal NPD. (cherry picked from commit 4f296d77cf49fcb5f90b4674123ad7f3a0676165)

Linux Information Disclosure Ubuntu Debian Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38308 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avs_dai_find_path_template() shall be verified before being used. As 'template' is already known when avs_hw_constraints_init() is fired, drop the search entirely.

Linux Null Pointer Dereference Denial Of Service Ubuntu Debian +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38296 MEDIUM PATCH This Month

CVE-2025-38296 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Ubuntu Debian Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38294 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when ath12k_mac_assign_vif_to_vdev() fails, the radio handle (ar) gets accessed from the link VIF handle (arvif) for debug logging, This is incorrect. In the fail scenario, radio handle is NULL. Fix the NULL access, avoid radio handle access by moving to the hardware debug logging helper function (ath12k_hw_warn). Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1 Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0.c5-00481-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3

Linux Null Pointer Dereference Denial Of Service Ubuntu Debian +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-38287 MEDIUM PATCH This Month

CVE-2025-38287 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Linux Information Disclosure Ubuntu Debian Linux Kernel +2
NVD
CVSS 3.1
5.5
EPSS
0.0%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy