Latest CVE Feed
-
0.0
NACVE-2025-69026
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roxnor PopupKit popup-builder-block allows Retrieve Embedded Sensitive Data.This issue affects PopupKit: from n/a through <= 2.1.5.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Information Disclosure
-
0.0
NACVE-2025-69032
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes FiveStar fivestar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FiveStar: from n/a through <= 1.7.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Authorization
-
0.0
NACVE-2025-69033
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through <= 1.7.3.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-69034
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes Lekker lekker allows PHP Local File Inclusion.This issue affects Lekker: from n/a through <= 1.8.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Path Traversal
-
0.0
NACVE-2022-50814
In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr KASAN reported this Bug: [17619.659757] BUG: KASAN: global-out-of-bounds in param_get_int+0x34/0x60 [17619.673193] Read of ... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50785
In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use get_device and put_device in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock arou... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50811
In the Linux kernel, the following vulnerability has been resolved: erofs: fix missing unmap if z_erofs_get_extent_compressedlen() fails Otherwise, meta buffers could be leaked.... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50812
In the Linux kernel, the following vulnerability has been resolved: security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 A bad bug in clang's implementation of -fzero-call-used-regs can result in NULL pointer dereferences (see the link... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50834
In the Linux kernel, the following vulnerability has been resolved: nfc: Fix potential resource leaks nfc_get_device() take reference for the device, add missing nfc_put_device() to release it when not need anymore. Also fix the style warnning by use er... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
-
0.0
NACVE-2022-50856
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_ses_add_channel() Before return, should free the xid, otherwise, the xid will be leaked.... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Information Disclosure
-
0.0
NACVE-2023-54175
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path The xiic_xfer() function gets a runtime PM reference when the function is entered. This reference is released when the function... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54188
In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'current_tx' not getting freed In terminate_all we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'sub... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50846
In the Linux kernel, the following vulnerability has been resolved: mmc: via-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_all... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50847
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In suc... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50865
In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and in tcp_add_backlog(), the variable limit is caculated by addin... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54176
In the Linux kernel, the following vulnerability has been resolved: mptcp: stricter state check in mptcp_worker As reported by Christoph, the mptcp protocol can run the worker when the relevant msk socket is in an unexpected state: connect() // incomin... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2023-54164
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: fix iso_conn related locking and validity issues sk->sk_state indicates whether iso_pi(sk)->conn is valid. Operations that check/update sk_state and access conn should h... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-54165
In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zs_map_object() to zs_malloc() Under memory pressure, we sometimes observe the following crash: [ 5694.832838] ------------[ cut here ]------------ [ 569... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-54185
In the Linux kernel, the following vulnerability has been resolved: btrfs: remove BUG_ON()'s in add_new_free_space() At add_new_free_space() we have these BUG_ON()'s that are there to deal with any failure to add free space to the in memory free space c... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54183
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op.... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption