Latest CVE Feed
-
0.0
NACVE-2025-39761
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling Currently, TID is not decremented before peer cleanup, during error handling path of ath12k_dp_rx_peer_frag_setup(). Thi... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39789
In the Linux kernel, the following vulnerability has been resolved: crypto: x86/aegis - Add missing error checks The skcipher_walk functions can allocate memory and can fail, so checking for errors is necessary.... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
6.5
MEDIUMCVE-2025-10275
A weakness has been identified in YunaiV yudao-cloud up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Executing manipulation of the argument ids/newOwnerUserId can lead to improper authorization. The attack may be launched r... Read more
Affected Products :- Published: Sep. 12, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Authorization
-
5.3
MEDIUMCVE-2025-43788
The organization selector in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q1.1 through 2024.Q1.12 and 7.4 update 81 through update 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizat... Read more
- Published: Sep. 12, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Authorization
-
0.0
NACVE-2025-39744
In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcu_read_unlock() deadloop due to IRQ work During rcu_read_unlock_special(), if this happens during irq_exit(), we can lockup if an IPI is issued. This is because the IPI itsel... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-39748
In the Linux kernel, the following vulnerability has been resolved: bpf: Forget ranges when refining tnum after JSET Syzbot reported a kernel warning due to a range invariant violation on the following BPF program. 0: call bpf_get_netns_cookie 1: i... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39760
In the Linux kernel, the following vulnerability has been resolved: usb: core: config: Prevent OOB read in SS endpoint companion parsing usb_parse_ss_endpoint_companion() checks descriptor type before length, enabling a potentially odd read outside of t... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39788
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE On Google gs101, the number of UTP transfer request slots (nutrs) is 32, and in this case the driver ends up programming the UT... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39783
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix configfs group list head handling Doing a list_del() on the epf_group field of struct pci_epf_driver in pci_epf_remove_cfs() is not correct as this field is a list he... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-39780
In the Linux kernel, the following vulnerability has been resolved: sched/ext: Fix invalid task state transitions on class switch When enabling a sched_ext scheduler, we may trigger invalid task state transitions, resulting in warnings like the followin... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39773
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in br_multicast_query_expired() When set multicast_query_interval to a large value, the local variable 'time' in br_multicast_send_query() may overflow. If ... Read more
Affected Products : linux_kernel- Published: Sep. 11, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2023-53258
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix possible underflow for displays with large vblank [Why] Underflow observed when using a display with a large vblank region and low refresh rate [How] Simplify calc... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2023-53242
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm allocators") exposes a panic "BRK handler: Fatal exception" on the h... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53260
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_permission() Following process: P1 P2 path_lookupat link_path_walk inode_permission ovl_permission ... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
-
0.0
NACVE-2023-53152
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix calltrace warning in amddrm_buddy_fini The following call trace is observed when removing the amdgpu driver, which is caused by that BOs allocated for psp are not freed ... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
-
0.0
NACVE-2023-53245
In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix handling of virtual Fibre Channel timeouts Hyper-V provides the ability to connect Fibre Channel LUNs to the host system and present them in a guest VM as a SCSI devi... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2023-53244
In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer, the function call dma_alloc_coherent may fail, resulti... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53246
In the Linux kernel, the following vulnerability has been resolved: cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL When compiled with CONFIG_CIFS_DFS_UPCALL disabled, cifs_dfs_d_automount is NULL. cifs.ko logic for mapping CIFS_FATTR_DFS_RE... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50322
In the Linux kernel, the following vulnerability has been resolved: rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the e... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50316
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_sysfs_init() When insert and remove the orangefs module, there are kobjects memory leaked as below: unreferenced object 0xffff88810f95af00 (size 64):... Read more
Affected Products : linux_kernel- Published: Sep. 15, 2025
- Modified: Sep. 15, 2025
- Vuln Type: Memory Corruption