| CVE-2025-11442 |
JhumanJ OpnForm API Endpoint cross-site request forgery |
08.10.2025 |
|
| CVE-2025-11443 |
JhumanJ OpnForm Forgotten Password email information exposure |
08.10.2025 |
|
| CVE-2025-11440 |
JhumanJ OpnForm edit access control |
08.10.2025 |
|
| CVE-2025-11441 |
JhumanJ OpnForm HTTP Header excessive authentication |
08.10.2025 |
|
| CVE-2025-48464 |
Exposure of Sensitive Information |
08.10.2025 |
4.7 |
| CVE-2025-11438 |
JhumanJ OpnForm API Endpoint custom-domains authorization |
08.10.2025 |
|
| CVE-2025-11439 |
JhumanJ OpnForm integrations authorization |
08.10.2025 |
|
| CVE-2025-10635 |
Find Me On <= 2.0.9.1 - Subscriber+ SQL Injection |
08.10.2025 |
|
| CVE-2025-11437 |
JhumanJ OpnForm Form Editor forms cross site scripting |
08.10.2025 |
|
| CVE-2025-11435 |
JhumanJ OpnForm submissions cross site scripting |
08.10.2025 |
|
| CVE-2025-11436 |
JhumanJ OpnForm answer unrestricted upload |
08.10.2025 |
|
| CVE-2025-11171 |
Chartify – WordPress Chart Plugin <= 3.5.9 - Missing Authentication for Administrative Function |
08.10.2025 |
5.3 |
| CVE-2025-11433 |
itsourcecode Leave Management System Query Parameter controller.php redirect cross site scripting |
08.10.2025 |
|
| CVE-2025-11434 |
itsourcecode Student Transcript Processing System login.php sql injection |
08.10.2025 |
|
| CVE-2025-11432 |
itsourcecode Leave Management System reset.php sql injection |
08.10.2025 |
|
| CVE-2025-11204 |
RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.6.2 - Authenticated (Administrator+) SQL Injection |
08.10.2025 |
7.2 |
| CVE-2025-11431 |
code-projects Web-Based Inventory and POS System transaction.php sql injection |
08.10.2025 |
|
| CVE-2025-10494 |
Motors – Car Dealership & Classified Listings Plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion |
08.10.2025 |
8.1 |
| CVE-2025-10587 |
Community Events <= 1.5.1 - Unauthenticated SQL Injection |
08.10.2025 |
9.8 |
| CVE-2025-11430 |
SourceCodester Simple E-Commerce Bookstore cart.php sql injection |
08.10.2025 |
|
| CVE-2025-11426 |
projectworlds Advanced Library Management System edit_book.php unrestricted upload |
08.10.2025 |
|
| CVE-2025-11425 |
projectworlds Advanced Library Management System edit_admin.php cross site scripting |
08.10.2025 |
|
| CVE-2025-11423 |
Tenda CH22 SafeEmailFilter formSafeEmailFilter memory corruption |
08.10.2025 |
|
| CVE-2025-11424 |
code-projects Web-Based Inventory and POS System login.php sql injection |
08.10.2025 |
|
| CVE-2025-11421 |
code-projects Voting System candidates_edit.php cross site scripting |
08.10.2025 |
|
| CVE-2025-11422 |
Campcodes Advanced Online Voting Management System login.php sql injection |
08.10.2025 |
|
| CVE-2025-61787 |
Deno is Vulnerable to Command Injection on Windows During Batch File Execution |
08.10.2025 |
8.1 |
| CVE-2025-48981 |
|
08.10.2025 |
|
| CVE-2025-61785 |
Deno's --deny-write check does not prevent permission bypass |
08.10.2025 |
|
| CVE-2025-61786 |
Deno's --deny-read check does not prevent permission bypass |
08.10.2025 |
3.3 |
| CVE-2025-11418 |
Tenda CH22 HTTP Request AdvSetWrlsafeset formWrlsafeset stack-based overflow |
08.10.2025 |
|
| CVE-2025-11420 |
code-projects E-Commerce Website edit_order_details.php sql injection |
08.10.2025 |
|
| CVE-2025-11417 |
Campcodes Advanced Online Voting Management System voters_add.php unrestricted upload |
07.10.2025 |
|
| CVE-2025-61996 |
OPEXUS FOIAXpress stored XSS via annual report template |
07.10.2025 |
4.3 |
| CVE-2025-61997 |
OPEXUS FOIAXpress stored XSS via banner image |
07.10.2025 |
|
| CVE-2025-61998 |
OPEXUS FOIAXpress stored XSS via Hyperlink Manager |
07.10.2025 |
|
| CVE-2025-61999 |
OPEXUS FOIAXpress stored XSS via logo image |
07.10.2025 |
4.3 |
| CVE-2025-11415 |
PHPGurukul Beauty Parlour Management System customer-list.php sql injection |
07.10.2025 |
|
| CVE-2025-11416 |
PHPGurukul Beauty Parlour Management System invoices.php sql injection |
07.10.2025 |
|
| CVE-2025-11414 |
GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds |
07.10.2025 |
|
| CVE-2025-10904 |
|
07.10.2025 |
|
| CVE-2025-43822 |
|
07.10.2025 |
|
| CVE-2025-6046 |
|
07.10.2025 |
|
| CVE-2025-11412 |
GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds |
07.10.2025 |
|
| CVE-2025-11413 |
GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds |
07.10.2025 |
|
| CVE-2025-43823 |
|
07.10.2025 |
|
| CVE-2025-11410 |
Campcodes Advanced Online Voting Management System voters_add.php sql injection |
07.10.2025 |
|
| CVE-2025-62186 |
|
07.10.2025 |
6.7 |
| CVE-2025-62187 |
|
07.10.2025 |
2.9 |
| CVE-2025-11409 |
Campcodes Advanced Online Voting Management System index.php sql injection |
07.10.2025 |
|
| CVE-2025-34252 |
NetSarang v5.0 Malicious Backdoor Supply Chain Compromise |
07.10.2025 |
|
| CVE-2025-62185 |
|
07.10.2025 |
6.7 |
| CVE-2025-11408 |
D-Link DI-7001 MINI dbsrv.asp buffer overflow |
07.10.2025 |
|
| CVE-2025-11407 |
D-Link DI-7001 MINI upgrade_filter.asp os command injection |
07.10.2025 |
|
| CVE-2025-36565 |
|
08.10.2025 |
6.7 |
| CVE-2025-11462 |
Local Privilege Escalation Vulnerability in AWS Client VPN macOS Client |
08.10.2025 |
|
| CVE-2025-36566 |
|
08.10.2025 |
6.7 |
| CVE-2025-6242 |
Vllm: server side request forgery (ssrf) in mediaconnector |
07.10.2025 |
|
| CVE-2025-36569 |
|
08.10.2025 |
6.7 |
| CVE-2025-44823 |
|
07.10.2025 |
9.9 |
| CVE-2025-44824 |
|
07.10.2025 |
8.5 |
| CVE-2025-11406 |
kaifangqian kaifangqian-base SysUserController.java getAllUsers information disclosure |
07.10.2025 |
|
| CVE-2025-36567 |
|
08.10.2025 |
6.7 |
| CVE-2025-61910 |
NASA ION-DTN BPv7 4.1.3s Uncontrolled Memory Allocation that leads to Denial-of-Service |
07.10.2025 |
7.5 |
| CVE-2025-43727 |
|
07.10.2025 |
7.5 |
| CVE-2025-43910 |
|
07.10.2025 |
2.3 |
| CVE-2025-11192 |
Fabric Engine (VOSS) AutoSense Authentication Bypass |
07.10.2025 |
|
| CVE-2025-43905 |
|
07.10.2025 |
4.3 |
| CVE-2025-43909 |
|
07.10.2025 |
3.7 |
| CVE-2025-11405 |
SourceCodester Hotel and Lodge Management System del_tax.php sql injection |
07.10.2025 |
|
| CVE-2025-45375 |
|
07.10.2025 |
4.4 |
| CVE-2025-61776 |
Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org |
07.10.2025 |
4.7 |
| CVE-2025-61784 |
LLaMA Factory's Chat API has Critical SSRF and LFI Vulnerabilities |
07.10.2025 |
7.6 |
| CVE-2025-43913 |
|
07.10.2025 |
5.3 |
| CVE-2025-43891 |
|
07.10.2025 |
5.3 |
| CVE-2025-43912 |
|
07.10.2025 |
5.3 |
| CVE-2025-61670 |
Wasmtime has memory leak in C API with `externref` and `anyref` types |
07.10.2025 |
|
| CVE-2025-11404 |
SourceCodester Hotel and Lodge Management System save_tax.php sql injection |
07.10.2025 |
|
| CVE-2025-43889 |
|
07.10.2025 |
5.3 |
| CVE-2025-43934 |
|
07.10.2025 |
6 |
| CVE-2025-3448 |
Reflected cross-site scripting vulnerabilities exist in System Diagnostics Manager |
07.10.2025 |
|
| CVE-2025-3449 |
Weak Session Token used in Automation Runtime SDM |
07.10.2025 |
|
| CVE-2025-43907 |
|
07.10.2025 |
6.5 |
| CVE-2025-43908 |
|
08.10.2025 |
6.4 |
| CVE-2025-11403 |
SourceCodester Hotel and Lodge Management System del_booking.php sql injection |
07.10.2025 |
|
| CVE-2025-3450 |
DoS Vulnerability in System Diagnostics Manager |
07.10.2025 |
|
| CVE-2025-43906 |
|
08.10.2025 |
6.7 |
| CVE-2025-43911 |
|
08.10.2025 |
6.7 |
| CVE-2025-8291 |
ZIP64 End of Central Directory (EOCD) Locator record offset not checked |
07.10.2025 |
4.3 |
| CVE-2025-1826 |
IBM Jazz Foundation cross-site scripting |
07.10.2025 |
5.4 |
| CVE-2025-43890 |
|
08.10.2025 |
6.7 |
| CVE-2025-43914 |
|
08.10.2025 |
7.5 |
| CVE-2025-36156 |
IBM InfoSphere Data Replication VSAM for z/OS Remote Source code execution |
08.10.2025 |
7.4 |
| CVE-2025-11402 |
SourceCodester Hotel and Lodge Management System del_curr.php sql injection |
07.10.2025 |
|
| CVE-2025-11401 |
SourceCodester Hotel and Lodge Management System save_curr.php sql injection |
07.10.2025 |
|
| CVE-2025-52021 |
|
07.10.2025 |
|
| CVE-2025-56243 |
|
07.10.2025 |
|
| CVE-2025-11400 |
SourceCodester Hotel and Lodge Management System del_room.php sql injection |
07.10.2025 |
|
| CVE-2025-60312 |
|
07.10.2025 |
|
| CVE-2025-11399 |
SourceCodester Hotel and Lodge Management System save_room.php sql injection |
07.10.2025 |
|
| CVE-2022-50509 |
media: coda: Add check for kmalloc |
07.10.2025 |
|
| CVE-2022-50510 |
perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() |
07.10.2025 |
|
| CVE-2022-50511 |
lib/fonts: fix undefined behavior in bit shift for get_default_font |
07.10.2025 |
|
| CVE-2022-50512 |
ext4: fix potential memory leak in ext4_fc_record_regions() |
07.10.2025 |
|
| CVE-2022-50513 |
staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv() |
07.10.2025 |
|
| CVE-2022-50514 |
usb: gadget: f_hid: fix refcount leak on error path |
07.10.2025 |
|
| CVE-2022-50515 |
drm/amdgpu: Fix memory leak in hpd_rx_irq_create_workqueue() |
07.10.2025 |
|
| CVE-2022-50516 |
fs: dlm: fix invalid derefence of sb_lvbptr |
07.10.2025 |
|
| CVE-2022-50517 |
mm/huge_memory: do not clobber swp_entry_t during THP split |
07.10.2025 |
|
| CVE-2022-50518 |
parisc: Fix locking in pdc_iodc_print() firmware call |
07.10.2025 |
|
| CVE-2022-50519 |
nilfs2: replace WARN_ONs by nilfs_error for checkpoint acquisition failure |
07.10.2025 |
|
| CVE-2022-50520 |
drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() |
07.10.2025 |
|
| CVE-2022-50521 |
platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]() |
07.10.2025 |
|
| CVE-2022-50522 |
mcb: mcb-parse: fix error handing in chameleon_parse_gdd() |
07.10.2025 |
|
| CVE-2022-50523 |
clk: rockchip: Fix memory leak in rockchip_clk_register_pll() |
07.10.2025 |
|
| CVE-2022-50524 |
iommu/mediatek: Check return value after calling platform_get_resource() |
07.10.2025 |
|
| CVE-2022-50525 |
iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() |
07.10.2025 |
|
| CVE-2022-50526 |
drm/msm/dp: fix memory corruption with too many bridges |
07.10.2025 |
|
| CVE-2022-50527 |
drm/amdgpu: Fix size validation for non-exclusive domains (v4) |
07.10.2025 |
|
| CVE-2022-50528 |
drm/amdkfd: Fix memory leakage |
07.10.2025 |
|
| CVE-2022-50529 |
test_firmware: fix memory leak in test_firmware_init() |
07.10.2025 |
|
| CVE-2022-50530 |
blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping() |
07.10.2025 |
|
| CVE-2022-50531 |
tipc: fix an information leak in tipc_topsrv_kern_subscr |
07.10.2025 |
|
| CVE-2022-50532 |
scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() |
07.10.2025 |
|
| CVE-2022-50533 |
wifi: mac80211: mlme: fix null-ptr deref on failed assoc |
07.10.2025 |
|
| CVE-2022-50534 |
dm thin: Use last transaction's pmd->root when commit failed |
07.10.2025 |
|
| CVE-2022-50535 |
drm/amd/display: Fix potential null-deref in dm_resume |
07.10.2025 |
|
| CVE-2022-50536 |
bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data |
07.10.2025 |
|
| CVE-2022-50537 |
firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() |
07.10.2025 |
|
| CVE-2022-50538 |
vme: Fix error not catched in fake_init() |
07.10.2025 |
|
| CVE-2022-50539 |
ARM: OMAP2+: omap4-common: Fix refcount leak bug |
07.10.2025 |
|
| CVE-2022-50540 |
dmaengine: qcom-adm: fix wrong sizeof config in slave_config |
07.10.2025 |
|
| CVE-2022-50541 |
dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to prevent overflow |
07.10.2025 |
|
| CVE-2022-50542 |
media: si470x: Fix use-after-free in si470x_int_in_callback() |
07.10.2025 |
|
| CVE-2022-50543 |
RDMA/rxe: Fix mr->map double free |
07.10.2025 |
|
| CVE-2022-50544 |
usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() |
07.10.2025 |
|
| CVE-2022-50545 |
r6040: Fix kmemleak in probe and remove |
07.10.2025 |
|
| CVE-2022-50546 |
ext4: fix uninititialized value in 'ext4_evict_inode' |
07.10.2025 |
|
| CVE-2022-50547 |
media: solo6x10: fix possible memory leak in solo_sysfs_init() |
07.10.2025 |
|
| CVE-2022-50548 |
media: i2c: hi846: Fix memory leak in hi846_parse_dt() |
07.10.2025 |
|
| CVE-2022-50549 |
dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata |
07.10.2025 |
|
| CVE-2022-50550 |
blk-iolatency: Fix memory leak on add_disk() failures |
07.10.2025 |
|
| CVE-2022-50551 |
wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() |
07.10.2025 |
|
| CVE-2022-50552 |
blk-mq: use quiesced elevator switch when reinitializing queues |
07.10.2025 |
|
| CVE-2022-50553 |
tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx' |
07.10.2025 |
|
| CVE-2022-50554 |
blk-mq: avoid double ->queue_rq() because of early timeout |
07.10.2025 |
|
| CVE-2022-50555 |
tipc: fix a null-ptr-deref in tipc_topsrv_accept |
07.10.2025 |
|
| CVE-2023-53617 |
soc: aspeed: socinfo: Add kfree for kstrdup |
07.10.2025 |
|
| CVE-2023-53618 |
btrfs: reject invalid reloc tree root keys with stack dump |
07.10.2025 |
|
| CVE-2023-53619 |
netfilter: conntrack: Avoid nf_ct_helper_hash uses after free |
07.10.2025 |
|
| CVE-2023-53620 |
md: fix soft lockup in status_resync |
07.10.2025 |
|
| CVE-2023-53621 |
memcontrol: ensure memcg acquired by id is properly set up |
07.10.2025 |
|
| CVE-2023-53622 |
gfs2: Fix possible data races in gfs2_show_options() |
07.10.2025 |
|
| CVE-2023-53623 |
mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() |
07.10.2025 |
|
| CVE-2023-53624 |
net/sched: sch_fq: fix integer overflow of "credit" |
07.10.2025 |
|
| CVE-2023-53625 |
drm/i915/gvt: fix vgpu debugfs clean in remove |
07.10.2025 |
|
| CVE-2023-53626 |
ext4: fix possible double unlock when moving a directory |
07.10.2025 |
|
| CVE-2023-53627 |
scsi: hisi_sas: Grab sas_dev lock when traversing the members of sas_dev.list |
07.10.2025 |
|
| CVE-2023-53628 |
drm/amdgpu: drop gfx_v11_0_cp_ecc_error_irq_funcs |
07.10.2025 |
|
| CVE-2023-53629 |
fs: dlm: fix use after free in midcomms commit |
07.10.2025 |
|
| CVE-2023-53630 |
iommufd: Fix unpinning of pages when an access is present |
07.10.2025 |
|
| CVE-2023-53631 |
platform/x86: dell-sysman: Fix reference leak |
07.10.2025 |
|
| CVE-2023-53632 |
net/mlx5e: Take RTNL lock when needed before calling xdp_set_features() |
07.10.2025 |
|
| CVE-2023-53633 |
accel/qaic: Fix a leak in map_user_pages() |
07.10.2025 |
|
| CVE-2023-53634 |
bpf, arm64: Fixed a BTI error on returning to patched function |
07.10.2025 |
|
| CVE-2023-53635 |
netfilter: conntrack: fix wrong ct->timeout value |
07.10.2025 |
|
| CVE-2023-53636 |
clk: microchip: fix potential UAF in auxdev release callback |
07.10.2025 |
|
| CVE-2023-53637 |
media: i2c: ov772x: Fix memleak in ov772x_probe() |
07.10.2025 |
|
| CVE-2023-53638 |
octeon_ep: cancel queued works in probe error path |
07.10.2025 |
|
| CVE-2023-53639 |
wifi: ath6kl: reduce WARN to dev_dbg() in callback |
07.10.2025 |
|
| CVE-2023-53640 |
ASoC: lpass: Fix for KASAN use_after_free out of bounds |
07.10.2025 |
|
| CVE-2023-53641 |
wifi: ath9k: hif_usb: fix memory leak of remain_skbs |
07.10.2025 |
|
| CVE-2023-53642 |
x86: fix clear_user_rep_good() exception handling annotation |
07.10.2025 |
|
| CVE-2023-53643 |
nvme-tcp: don't access released socket during error recovery |
07.10.2025 |
|
| CVE-2023-53644 |
media: radio-shark: Add endpoint checks |
07.10.2025 |
|
| CVE-2023-53645 |
bpf: Make bpf_refcount_acquire fallible for non-owning refs |
07.10.2025 |
|
| CVE-2023-53646 |
drm/i915/perf: add sentinel to xehp_oa_b_counters |
07.10.2025 |
|
| CVE-2023-53647 |
Drivers: hv: vmbus: Don't dereference ACPI root object handle |
07.10.2025 |
|
| CVE-2023-53648 |
ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer |
07.10.2025 |
|
| CVE-2023-53649 |
perf trace: Really free the evsel->priv area |
07.10.2025 |
|
| CVE-2023-53650 |
fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() |
07.10.2025 |
|
| CVE-2023-53651 |
Input: exc3000 - properly stop timer on shutdown |
07.10.2025 |
|
| CVE-2023-53652 |
vdpa: Add features attr to vdpa_nl_policy for nlattr length check |
07.10.2025 |
|
| CVE-2023-53653 |
media: amphion: fix REVERSE_INULL issues reported by coverity |
07.10.2025 |
|
| CVE-2023-53654 |
octeontx2-af: Add validation before accessing cgx and lmac |
07.10.2025 |
|
| CVE-2023-53655 |
rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-ed |
07.10.2025 |
|
| CVE-2023-53656 |
drivers/perf: hisi: Don't migrate perf to the CPU going to teardown |
07.10.2025 |
|
| CVE-2023-53657 |
ice: Don't tx before switchdev is fully configured |
07.10.2025 |
|
| CVE-2023-53658 |
spi: bcm-qspi: return error if neither hif_mspi nor mspi is available |
07.10.2025 |
|
| CVE-2023-53659 |
iavf: Fix out-of-bounds when setting channels on remove |
07.10.2025 |
|
| CVE-2023-53660 |
bpf, cpumap: Handle skb as well when clean up ptr_ring |
07.10.2025 |
|
| CVE-2023-53661 |
bnxt: avoid overflow in bnxt_get_nvram_directory() |
07.10.2025 |
|
| CVE-2023-53662 |
ext4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup} |
07.10.2025 |
|
| CVE-2023-53663 |
KVM: nSVM: Check instead of asserting on nested TSC scaling support |
07.10.2025 |
|
| CVE-2023-53664 |
OPP: Fix potential null ptr dereference in dev_pm_opp_get_required_pstate() |
07.10.2025 |
|
| CVE-2023-53665 |
md: don't dereference mddev after export_rdev() |
07.10.2025 |
|
| CVE-2023-53666 |
ASoC: codecs: wcd938x: fix missing mbhc init error handling |
07.10.2025 |
|
| CVE-2023-53667 |
net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize |
07.10.2025 |
|
| CVE-2023-53668 |
ring-buffer: Fix deadloop issue on reading trace_pipe |
07.10.2025 |
|
| CVE-2023-53669 |
tcp: fix skb_copy_ubufs() vs BIG TCP |
07.10.2025 |
|
| CVE-2023-53670 |
nvme-core: fix dev_pm_qos memleak |
07.10.2025 |
|
| CVE-2023-53671 |
srcu: Delegate work to the boot cpu if using SRCU_SIZE_SMALL |
07.10.2025 |
|
| CVE-2023-53672 |
btrfs: output extra debug info if we failed to find an inline backref |
07.10.2025 |
|
| CVE-2023-53673 |
Bluetooth: hci_event: call disconnect callback before deleting conn |
07.10.2025 |
|
| CVE-2023-53674 |
clk: Fix memory leak in devm_clk_notifier_register() |
07.10.2025 |
|
| CVE-2023-53675 |
scsi: ses: Fix possible desc_ptr out-of-bounds accesses |
07.10.2025 |
|
| CVE-2023-53676 |
scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() |
07.10.2025 |
|
| CVE-2023-53677 |
drm/i915: Fix memory leaks in i915 selftests |
07.10.2025 |
|
| CVE-2023-53678 |
drm/i915: Fix system suspend without fbdev being initialized |
07.10.2025 |
|
| CVE-2023-53679 |
wifi: mt7601u: fix an integer underflow |
07.10.2025 |
|
| CVE-2023-53680 |
NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL |
07.10.2025 |
|
| CVE-2023-53681 |
bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent |
07.10.2025 |
|
| CVE-2023-53682 |
hwmon: (xgene) Fix ioremap and memremap leak |
07.10.2025 |
|
| CVE-2023-53683 |
fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() |
07.10.2025 |
|
| CVE-2023-53684 |
xfrm: Zero padding when dumping algos and encap |
07.10.2025 |
|
| CVE-2023-53685 |
tun: Fix memory leak for detached NAPI queue. |
07.10.2025 |
|
| CVE-2023-53686 |
net/handshake: fix null-ptr-deref in handshake_nl_done_doit() |
07.10.2025 |
|
| CVE-2023-53687 |
tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk |
07.10.2025 |
|
| CVE-2025-61772 |
Rack's multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion) |
07.10.2025 |
7.5 |
| CVE-2025-61771 |
Rack's multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion) |
07.10.2025 |
7.5 |
| CVE-2023-6215 |
HP Sure Start IFD Protection - BIOS Security Update |
07.10.2025 |
|
| CVE-2025-11398 |
SourceCodester Hotel and Lodge Management System Profile profile.php unrestricted upload |
07.10.2025 |
|
| CVE-2025-61770 |
Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) |
07.10.2025 |
7.5 |
| CVE-2025-11397 |
SourceCodester Hotel and Lodge Management System login.php sql injection |
07.10.2025 |
|
| CVE-2025-57564 |
|
07.10.2025 |
|
| CVE-2025-59425 |
vLLM vulnerable to timing attack at bearer auth |
07.10.2025 |
7.5 |
| CVE-2025-25009 |
Kibana Cross-Site Scripting (XSS) |
07.10.2025 |
8.7 |
| CVE-2025-48826 |
|
07.10.2025 |
8.8 |
| CVE-2025-54399 |
|
07.10.2025 |
8.8 |
| CVE-2025-54400 |
|
07.10.2025 |
8.8 |
| CVE-2025-54401 |
|
07.10.2025 |
8.8 |
| CVE-2025-54402 |
|
07.10.2025 |
8.8 |
| CVE-2025-54403 |
|
07.10.2025 |
8.8 |
| CVE-2025-54404 |
|
07.10.2025 |
8.8 |
| CVE-2025-54405 |
|
07.10.2025 |
8.8 |
| CVE-2025-54406 |
|
07.10.2025 |
8.8 |
| CVE-2025-37728 |
Kibana Insufficiently Protected Credentials in the CrowdStrike Connector |
07.10.2025 |
5.4 |
| CVE-2025-50505 |
|
07.10.2025 |
|
| CVE-2025-53476 |
|
07.10.2025 |
5.3 |
| CVE-2021-22291 |
EIBPORT Reflected XSS |
07.10.2025 |
|
| CVE-2025-11396 |
code-projects Simple Food Ordering System product.php sql injection |
07.10.2025 |
|
| CVE-2025-40885 |
Authenticated SQL Injection on Smart Polling functionality in Guardian/CMC before 25.2.0 |
07.10.2025 |
|
| CVE-2025-40886 |
Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 |
07.10.2025 |
|
| CVE-2025-40887 |
Authenticated SQL Injection on Alert functionality in Guardian/CMC before 25.2.0 |
07.10.2025 |
|
| CVE-2025-40888 |
Authenticated SQL Injection on CLI functionality in Guardian/CMC before 25.3.0 |
07.10.2025 |
|
| CVE-2025-40889 |
Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0 |
07.10.2025 |
|
| CVE-2025-3718 |
Client-side path traversal in Guardian/CMC before 25.2.0 |
07.10.2025 |
|
| CVE-2025-3719 |
Incorrect authorization for CLI in Guardian/CMC before 25.2.0 |
07.10.2025 |
|
| CVE-2025-40649 |
Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC |
07.10.2025 |
|
| CVE-2025-40676 |
Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC |
07.10.2025 |
|
| CVE-2025-11390 |
PHPGurukul Cyber Cafe Management System POST Parameter search.php cross site scripting |
07.10.2025 |
|