Latest CVE Feed
-
0.0
NACVE-2025-40217
In the Linux kernel, the following vulnerability has been resolved: pidfs: validate extensible ioctls Validate extensible ioctls stricter than we do now.... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
-
0.0
NACVE-2025-40221
In the Linux kernel, the following vulnerability has been resolved: media: pci: mg4b: fix uninitialized iio scan data Fix potential leak of uninitialized stack data to userspace by ensuring that the `scan` structure is zeroed before use.... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40220
In the Linux kernel, the following vulnerability has been resolved: fuse: fix livelock in synchronous file put from fuseblk workers I observed a hang when running generic/323 against a fuseblk server. This test opens a file, initiates a lot of AIO write... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-40214
In the Linux kernel, the following vulnerability has been resolved: af_unix: Initialise scc_index in unix_add_edge(). Quang Le reported that the AF_UNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 06, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-40242
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix unlikely race in gdlm_put_lock In gdlm_put_lock(), there is a small window of time in which the DFL_UNMOUNT flag has been set but the lockspace hasn't been released, yet. In ... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-40228
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: catch commit test ctx alloc failure Patch series "mm/damon/sysfs: fix commit test damon_ctx [de]allocation". DAMON sysfs interface dynamically allocates and uses a damo... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 04, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-68229
In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show() If the allocation of tl_hba->sh fails in tcm_loop_driver_probe() and we attempt to dereference it in tcm_loop_tpg_add... Read more
Affected Products : linux_kernel- Published: Dec. 16, 2025
- Modified: Dec. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40237
In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfs_encode_fid with s_umount Calling intotify_show_fdinfo() on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NUL... Read more
Affected Products : linux_kernel- Published: Dec. 04, 2025
- Modified: Dec. 23, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-40282
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has header_ops, so it must set link-local header for RX skb, otherwise things crash, eg. with AF... Read more
Affected Products : linux_kernel- Published: Dec. 06, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53744
In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xx_pm_probe wkup_m3_ipc_get() takes refcount, which should be freed by wkup_m3_ipc_put(). Add missing refcount release in the error paths.... Read more
Affected Products : linux_kernel- Published: Dec. 08, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53752
In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve() Blamed commit changed: ptr = kmalloc(size); if (ptr) size = ksize(ptr); size = kmalloc_size_roundup(size); p... Read more
Affected Products : linux_kernel- Published: Dec. 08, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53753
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address [Why] There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. [H... Read more
Affected Products : linux_kernel- Published: Dec. 08, 2025
- Modified: Dec. 08, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-66723
inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-66824
A Stored Cross-Site Scripting (XSS) vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meeting_room parameter and executed when users visit... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-66834
A CSV Formula Injection vulnerability in TrueConf Server v5.5.2.10813 allows a normal user to inject malicious spreadsheet formulas into exported chat logs via crafted Display Name.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-65411
A NULL pointer dereference in the src/path.c component of GNU Unrtf v0.21.10 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the search_path parameter.... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-56332
Authentication Bypass in fosrl/pangolin v1.6.2 and before allows attackers to access Pangolin resource via Insecure Default Configuration... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Authentication
-
0.0
NACVE-2022-50867
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix kvzalloc vs state_kcalloc usage adreno_show_object() is a trap! It will re-allocate the pointer it is passed on first call, when the data is ascii85 encoded, using kv... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54326
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be receiv... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-54303
In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_perf_event_output The nesting protection in bpf_perf_event_output relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 30, 2025
- Vuln Type: Race Condition