Information Disclosure
Monthly
A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via deserialization of untrusted input in the. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
The Comment Edit Core - Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.0 via the 'ajax_get_comment' function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.1 via the '_srfm_email_notification' post meta registration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Frappe Learning is a learning system that helps users structure their content. Rated low severity (CVSS 1.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
DuckDB is a SQL database management system. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Wasmtime is a runtime for WebAssembly. Rated low severity (CVSS 1.8). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec:. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time.
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call path_put() under namespace semaphore Massage listmount() and make sure we don't call path_put() under the. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths The usage of task_lock(tsk->group_leader).
In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfs_read_inode() Syskaller reports a "WARNING in ovl_copy_up_file" in overlayfs.
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Unlike other strings in the ext4 superblock, we rely on.
In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be cleared after the device is released. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: fs: quota: create dedicated workqueue for quota_release_work There is a kernel panic due to WARN_ONCE when panic_on_warn is set.
In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mnt_ns_release() When calling in listmount() mnt_ns_release() may be passed a NULL pointer. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4_xattr_inode_update_ref() reads an. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read_raw_eeprom Syzbot reported read of uninitialized. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: pwm: berlin: Fix wrong register in suspend/resume The 'enable' register should be BERLIN_PWM_EN rather than BERLIN_PWM_ENABLE,.
In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and.
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIG_NVHE_EL2_DEBUG. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} Cilium has a BPF egress gateway feature which forces outgoing K8s Pod.
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ext4: verify orphan file size is not too big In principle orphan file can be arbitrarily large.
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Evervault is a payment security solution. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
sudo-rs is a memory safe implementation of sudo and su written in Rust. Rated low severity (CVSS 3.8). No vendor patch available.
IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used by the user interface of OpenPages. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required. No vendor patch available.
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format. Rated low severity (CVSS 3.7). Public exploit code available.
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
N-central < 2025.4 can generate sessionIDs for unauthenticated users4. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 83.2% and no vendor patch available.
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryption_helper.dart file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
N-able N-central remote monitoring and management platform versions before 2025.4 contain multiple XML External Entity injection vulnerabilities. Attackers can exploit these to read sensitive files from the RMM server, including configuration files containing credentials for all managed endpoints.
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary number of authentication attempts with different c
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tls_strp_msg_hold fails Async decryption calls tls_strp_msg_hold to create a clone of.
In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix SMP ordering in switch_mm_irqs_off() Stephen noted that it is possible to not have an smp_mb() between the loaded_mm. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: net/ip6_tunnel: Prevent perpetual tunnel growth Similarly to ipv4 tunnel, ipv6 version updates dev->needed_headroom, too.
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Currently, if find_and_map_user_pages() takes a DMA xfer.
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: move lsop put work to nvmet_fc_ls_req_op It’s possible for more than one async command to be in flight from.
In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the check_alu_op() function validates instructions with ALU.
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BUG_ON in ext4_es_cache_extent() when opening a.
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check GuC running state before deregistering exec queue In normal operation, a registered exec queue is disabled and.
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: m2m: Fix streaming cleanup on release If streamon/streamoff calls are imbalanced, such as when exiting an.
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smp_processor_id() in preemptible code warnings Syzbot reported the following warning: BUG: using. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop dl_server before CPU goes offline IBM CI tool reported kernel warning[1] when running a CPU removal operation. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: xen/events: Return -EEXIST for bound VIRQs Change find_virq() to return -EEXIST when a VIRQ is bound to a different CPU than the.
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() The drv->sram_reg pointer could be set to.
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b.
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640.
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect() to a large hugetlb memory area in our.
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix bootup splat with separate_gpu_drm modparam The drm_gem_for_each_gpuvm_bo() call from lookup_vma() accesses. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: No support of struct argument in trampoline programs The current implementation does not support struct argument. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nr_requests grown Allocate and free sched_tags while queue is freezed can deadlock[1], this is. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure When devm_add_action_or_reset() fails, it calls the passed. No vendor patch available.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpf_scc_visit on speculative path Syzbot generated a program that triggers a. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT snd_pcm_group_lock_irq() acquires a spinlock_t and. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on iso_conn_free This attempt to fix similar issue to sco_conn_free where if the conn->sk is not.
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast syzbot reported WARNING in rtl8150_start_xmit/usb_submit_urb.
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fs_truncate() syzbot reports a bug as below: loop0: detected capacity change.
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The device interrupt vector 3 is an error interrupt for. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback In create_sdw_dailink() check that sof_end->codec_info->add_sidecar. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_latency_qos_add/remove/update_request interfaces lack. No vendor patch available.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in ks_sa_rng_init Fix division by zero in ks_sa_rng_init caused by missing clock pointer.
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC The referenced commit introduced exception handlers.
In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx In __blk_mq_update_nr_hw_queues() the return value.
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Anthony Yznaga tracked down that a BUG_ON in ext4.
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix IA32_PMC_x_CFG_B MSRs access error When running perf_fuzzer on PTL, sometimes the below "unchecked MSR access. No vendor patch available.
A vulnerability was detected in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A weakness has been identified in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in macrozheng mall-swarm and mall up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via deserialization of untrusted input in the. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
The Comment Edit Core - Simple Comment Editing plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.0 via the 'ajax_get_comment' function. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.1 via the '_srfm_email_notification' post meta registration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Frappe Learning is a learning system that helps users structure their content. Rated low severity (CVSS 1.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
DuckDB is a SQL database management system. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Wasmtime is a runtime for WebAssembly. Rated low severity (CVSS 1.8). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec:. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix MAC comparison to be constant-time To prevent timing attacks, MACs need to be compared in constant time.
In the Linux kernel, the following vulnerability has been resolved: listmount: don't call path_put() under namespace semaphore Massage listmount() and make sure we don't call path_put() under the. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths The usage of task_lock(tsk->group_leader).
In the Linux kernel, the following vulnerability has been resolved: Squashfs: reject negative file sizes in squashfs_read_inode() Syskaller reports a "WARNING in ovl_copy_up_file" in overlayfs.
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() Unlike other strings in the ext4 superblock, we rely on.
In the Linux kernel, the following vulnerability has been resolved: media: mc: Clear minor number before put device The device minor should not be cleared after the device is released. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: fs: quota: create dedicated workqueue for quota_release_work There is a kernel panic due to WARN_ONCE when panic_on_warn is set.
In the Linux kernel, the following vulnerability has been resolved: mount: handle NULL values in mnt_ns_release() When calling in listmount() mnt_ns_release() may be passed a NULL pointer. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ext4: guard against EA inode refcount underflow in xattr update syzkaller found a path where ext4_xattr_inode_update_ref() reads an. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix lost EEPROM read timeout error(-ETIMEDOUT) in lan78xx_read_raw_eeprom Syzbot reported read of uninitialized. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: pwm: berlin: Fix wrong register in suspend/resume The 'enable' register should be BERLIN_PWM_EN rather than BERLIN_PWM_ENABLE,.
In the Linux kernel, the following vulnerability has been resolved: net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() If new_asoc->peer.adaptation_ind=0 and.
In the Linux kernel, the following vulnerability has been resolved: tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIG_NVHE_EL2_DEBUG. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} Cilium has a BPF egress gateway feature which forces outgoing K8s Pod.
In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP When running as an SNP or TDX guest under KVM, force the. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ext4: verify orphan file size is not too big In principle orphan file can be arbitrarily large.
IBM QRadar SIEM 7.5 through 7.5.0 UP14 stores user credentials in configuration files in source control which can be read by an authenticated user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Evervault is a payment security solution. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
sudo-rs is a memory safe implementation of sudo and su written in Rust. Rated low severity (CVSS 3.8). No vendor patch available.
IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used by the user interface of OpenPages. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability was reported in the Lenovo Scanner pro application during an internal security assessment that, under certain circumstances, could allow an attacker on the same logical network to. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required. No vendor patch available.
CUPS is a standards-based, open-source printing system, and `libcupsfilters` contains the code of the filters of the former `cups-filters` package as library functions to be used for the data format. Rated low severity (CVSS 3.7). Public exploit code available.
Mintty is a terminal emulator for Cygwin, MSYS, and WSL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
N-central < 2025.4 can generate sessionIDs for unauthenticated users4. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 83.2% and no vendor patch available.
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryption_helper.dart file. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. No vendor patch available.
N-able N-central remote monitoring and management platform versions before 2025.4 contain multiple XML External Entity injection vulnerabilities. Attackers can exploit these to read sensitive files from the RMM server, including configuration files containing credentials for all managed endpoints.
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that would allow an attacker on the local network to gain access to the user account by performing an arbitrary number of authentication attempts with different c
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix bootlog initialization ordering As soon as we queue MHI buffers to receive the bootlog from the device, we could be. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tls_strp_msg_hold fails Async decryption calls tls_strp_msg_hold to create a clone of.
In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix SMP ordering in switch_mm_irqs_off() Stephen noted that it is possible to not have an smp_mb() between the loaded_mm. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: net/ip6_tunnel: Prevent perpetual tunnel growth Similarly to ipv4 tunnel, ipv6 version updates dev->needed_headroom, too.
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() Currently, if find_and_map_user_pages() takes a DMA xfer.
In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: move lsop put work to nvmet_fc_ls_req_op It’s possible for more than one async command to be in flight from.
In the Linux kernel, the following vulnerability has been resolved: net: use dst_dev_rcu() in sk_setup_caps() Use RCU to protect accesses to dst->dev from sk_setup_caps() and sk_dst_gso_max_size(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: bpf: Reject negative offsets for ALU ops When verifying BPF programs, the check_alu_op() function validates instructions with ALU.
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ext4: detect invalid INLINE_DATA + EXTENTS flag combination syzbot reported a BUG_ON in ext4_es_cache_extent() when opening a.
In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Check GuC running state before deregistering exec queue In normal operation, a registered exec queue is disabled and.
In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: m2m: Fix streaming cleanup on release If streamon/streamoff calls are imbalanced, such as when exiting an.
In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smp_processor_id() in preemptible code warnings Syzbot reported the following warning: BUG: using. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop dl_server before CPU goes offline IBM CI tool reported kernel warning[1] when running a CPU removal operation. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: xen/events: Return -EEXIST for bound VIRQs Change find_virq() to return -EEXIST when a VIRQ is bound to a different CPU than the.
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() The drv->sram_reg pointer could be set to.
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: debugfs: Fix legacy mode page table dump logic In legacy mode, SSPTPTR is ignored if TT is not 00b or 01b.
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping When an invalid value is passed via quirk option, currently bytcr_rt5640.
In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect() to a large hugetlb memory area in our.
In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix bootup splat with separate_gpu_drm modparam The drm_gem_for_each_gpuvm_bo() call from lookup_vma() accesses. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: No support of struct argument in trampoline programs The current implementation does not support struct argument. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix potential deadlock while nr_requests grown Allocate and free sched_tags while queue is freezed can deadlock[1], this is. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure When devm_add_action_or_reset() fails, it calls the passed. No vendor patch available.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: bpf: dont report verifier bug for missing bpf_scc_visit on speculative path Syzbot generated a program that triggers a. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT snd_pcm_group_lock_irq() acquires a spinlock_t and. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix possible UAF on iso_conn_free This attempt to fix similar issue to sco_conn_free where if the conn->sk is not.
In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast syzbot reported WARNING in rtl8150_start_xmit/usb_submit_urb.
In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fs_truncate() syzbot reports a bug as below: loop0: detected capacity change.
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - request reserved interrupt for virtual function The device interrupt vector 3 is an error interrupt for. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable(). No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback In create_sdw_dailink() check that sof_end->codec_info->add_sidecar. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling The cpu_latency_qos_add/remove/update_request interfaces lack. No vendor patch available.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: hwrng: ks-sa - fix division by zero in ks_sa_rng_init Fix division by zero in ks_sa_rng_init caused by missing clock pointer.
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC The referenced commit introduced exception handlers.
In the Linux kernel, the following vulnerability has been resolved: blk-mq: check kobject state_in_sysfs before deleting in blk_mq_unregister_hctx In __blk_mq_update_nr_hw_queues() the return value.
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for UltraSPARC III Anthony Yznaga tracked down that a BUG_ON in ext4.
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix IA32_PMC_x_CFG_B MSRs access error When running perf_fuzzer on PTL, sometimes the below "unchecked MSR access. No vendor patch available.