Latest CVE Feed
-
3.9
LOWCVE-2023-31365
An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-0009
A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Memory Corruption
-
3.3
LOWCVE-2025-0011
Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality.... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Information Disclosure
-
6.1
MEDIUMCVE-2025-0010
An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability.... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39734
In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inode_trylock with inode_lock" This reverts commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, conditional lock acquisition was removed to fix an xfs... Read more
Affected Products : linux_kernel- Published: Sep. 07, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-39681
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper Since 923f3a2b48bd ("x86/resctrl: Query LLC monitoring properties once during boot") resctrl_cpu_detect() has been... Read more
Affected Products : linux_kernel- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39697
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write After nfs_lock_and_join_requests() tests for whether the request is still attached to the mapping, nothing prevents a call to nfs_inode_r... Read more
Affected Products : linux_kernel- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-39718
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skb_put() When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtio_vsock_skb_rx_put(... Read more
Affected Products : linux_kernel- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39719
In the Linux kernel, the following vulnerability has been resolved: iio: imu: bno055: fix OOB access of hw_xlate array Fix a potential out-of-bounds array access of the hw_xlate array in bno055.c. In bno055_get_regmask(), hw_xlate was iterated over the... Read more
Affected Products : linux_kernel- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Memory Corruption
-
6.4
MEDIUMCVE-2025-6067
The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption` and `data-linktext` parameters in all versions up to, and including, 6.6.7 due to insufficient inp... Read more
Affected Products : easy_social_feed- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-39729
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 __sev_platform_init_locked() error: we previously assumed 'error... Read more
Affected Products : linux_kernel- Published: Sep. 07, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Cryptography
-
0.0
NACVE-2025-39733
In the Linux kernel, the following vulnerability has been resolved: team: replace team lock with rtnl lock syszbot reports various ordering issues for lower instance locks and team lock. Switch to using rtnl lock for protecting team device, similar to b... Read more
Affected Products : linux_kernel- Published: Sep. 07, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Misconfiguration
-
3.1
LOWCVE-2025-10080
A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to us... Read more
Affected Products :- Published: Sep. 08, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Cryptography
-
9.4
CRITICALCVE-2025-58366
Onyxia is a data science environment for kubernetes. In versions 4.6.0 through 4.8.0, Onyxia-API leaked the credentials of private helm repositories in the public (unauthenticated) /public/catalogs endpoint.vOnly instances using private helm repositories ... Read more
Affected Products :- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Information Disclosure
-
7.2
HIGHCVE-2023-31325
Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Misconfiguration
-
7.2
HIGHCVE-2025-0032
Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution.... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39700
In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore migration request to invalid nodes damon_migrate_pages() tries migration even if the target node is invalid. If users mistakenly make such invalid requests ... Read more
Affected Products : linux_kernel- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39705
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a Null pointer dereference vulnerability [Why] A null pointer dereference vulnerability exists in the AMD display driver's (DC module) cleanup function dc_destruct(... Read more
Affected Products : linux_kernel- Published: Sep. 05, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-10086
A weakness has been identified in fuyang_lipengjun platform 1.0.0. This issue affects the function queryAll of the file /adposition/queryAll of the component AdPositionController. This manipulation causes improper authorization. The attack can be initiate... Read more
Affected Products :- Published: Sep. 08, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Authorization
-
8.1
HIGHCVE-2025-58437
Coder allows organizations to provision remote development environments via Terraform. In versions 2.22.0 through 2.24.3, 2.25.0 and 2.25.1, Coder can be compromised through insecure session handling in prebuilt workspaces. Coder automatically generates ... Read more
Affected Products :- Published: Sep. 06, 2025
- Modified: Sep. 08, 2025
- Vuln Type: Authentication