Latest CVE Feed
-
5.3
MEDIUMCVE-2025-40678
Unrestricted upload vulnerability for dangerous file types on Summar Software´s Portal del Empleado. This vulnerability allows an attacker to upload a dangerous file type by sending a POST request using the parameter “cctl00$ContentPlaceHolder1$fuAdjunto”... Read more
Affected Products :- Published: Sep. 18, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50353
In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, the memory that allocated in mmc_alloc_host() will be leaked and... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50357
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3_get_properties() function calls: dwc->usb_psy = power_supply_get_by_name(usb_psy_name); so there is some additional clean up require... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50358
In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid max_flowrings from dongle When firmware hit trap at initialization, host will read abnormal max_flowrings number from dongle, and it will cau... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50360
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be relea... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50366
In the Linux kernel, the following vulnerability has been resolved: powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue When value < time_unit, the parameter of ilog2() will be zero and the return value is -1. u64(-1) is too large for shift expone... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50371
In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpg_brighness_set() function can sleep, while led's brightness_set() callback must be non-blocking. Change LPG driver to use brightness_set_blockin... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2022-50372
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 (size 448): comm "mount.cifs", pid 51... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50373
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queue_work() in _dlm_lowcomms_commit_msg() and srcu_read_unlock(). The queue_work() can take the final reference of a dlm_m... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2022-50374
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure syzbot is reporting NULL pointer dereference at hci_uart_tty_close() [1], for rcu_sync_enter() is called without rcu_syn... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53337
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nilfs_segctor_do_construct() outputs a warning with some pa... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2023-53338
In the Linux kernel, the following vulnerability has been resolved: lwt: Fix return values of BPF xmit ops BPF encap ops can return different types of positive values, such like NET_RX_DROP, NET_XMIT_CN, NETDEV_TX_BUSY, and so on, from function skb_do_r... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53343
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev(). With some IPv6 Ext Hdr (RPL, SRv6, etc.), we can send a packet that has the link-local address as src and dst IP a... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Information Disclosure
-
0.0
NACVE-2023-53349
In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740_init_controls() There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 (size 16): c... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53352
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: check null pointer before accessing when swapping Add a check to avoid null pointer dereference as below: [ 90.002283] general protection fault, probably for non-canonical a... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53356
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Add null pointer check in gserial_suspend Consider a case where gserial_disconnect has already cleared gser->ioport. And if gserial_suspend gets called afterwards... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53360
In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: Rework scratch handling for READ_PLUS (again) I found that the read code might send multiple requests using the same nfs_pgio_header, but nfs4_proc_read_setup() is only called ... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53363
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pci_bus_release_domain_nr() Commit c14f7ccc9f5d ("PCI: Assign PCI domain IDs by ida_alloc()") introduced a use-after-free bug in the bus removal cleanup. The ... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53365
In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4 head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6... Read more
Affected Products : linux_kernel- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Memory Corruption
-
7.3
HIGHCVE-2024-48842
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3.5 and newer versions... Read more
Affected Products :- Published: Sep. 17, 2025
- Modified: Sep. 18, 2025
- Vuln Type: Authentication