Total
29483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52527 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() Including the transhdrlen in length is a problem when the packet is partially filled (e.g. something like send(MSG_MORE) happened previously) when appending to an IPv4 or IPv6 packet as we don't want to repeat the transport header or account for it twice. This can happen under some circumstances, such as splicing into an L2TP socket. The symptom observed is a warning in __ip6_append_data(): WARNING: CPU: 1 PID: 5042 at net/ipv6/ip6_output.c:1800 __ip6_append_data.isra.0+0x1be8/0x47f0 net/ipv6/ip6_output.c:1800 that occurs when MSG_SPLICE_PAGES is used to append more data to an already partially occupied skbuff. The warning occurs when 'copy' is larger than the amount of data in the message iterator. This is because the requested length includes the transport header length when it shouldn't. This can be triggered by, for example: sfd = socket(AF_INET6, SOCK_DGRAM, IPPROTO_L2TP); bind(sfd, ...); // ::1 connect(sfd, ...); // ::1 port 7 send(sfd, buffer, 4100, MSG_MORE); sendfile(sfd, dfd, NULL, 1024); Fix this by only adding transhdrlen into the length if the write queue is empty in l2tp_ip6_sendmsg(), analogously to how UDP does things. l2tp_ip_sendmsg() looks like it won't suffer from this problem as it builds the UDP packet itself. | |||||
| CVE-2021-47325 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation The reference counting issue happens in several exception handling paths of arm_smmu_iova_to_phys_hard(). When those error scenarios occur, the function forgets to decrease the refcount of "smmu" increased by arm_smmu_rpm_get(), causing a refcount leak. Fix this issue by jumping to "out" label when those error scenarios occur. | |||||
| CVE-2024-26709 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: Fix the missing iommu_group_put() during platform domain attach The function spapr_tce_platform_iommu_attach_dev() is missing to call iommu_group_put() when the domain is already set. This refcount leak shows up with BUG_ON() during DLPAR remove operation as: KernelBug: Kernel bug in state 'None': kernel BUG at arch/powerpc/platforms/pseries/iommu.c:100! Oops: Exception in kernel mode, sig: 5 [#1] LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=8192 NUMA pSeries <snip> Hardware name: IBM,9080-HEX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NH1060_016) hv:phyp pSeries NIP: c0000000000ff4d4 LR: c0000000000ff4cc CTR: 0000000000000000 REGS: c0000013aed5f840 TRAP: 0700 Tainted: G I (6.8.0-rc3-autotest-g99bd3cb0d12e) MSR: 8000000000029033 <SF,EE,ME,IR,DR,RI,LE> CR: 44002402 XER: 20040000 CFAR: c000000000a0d170 IRQMASK: 0 ... NIP iommu_reconfig_notifier+0x94/0x200 LR iommu_reconfig_notifier+0x8c/0x200 Call Trace: iommu_reconfig_notifier+0x8c/0x200 (unreliable) notifier_call_chain+0xb8/0x19c blocking_notifier_call_chain+0x64/0x98 of_reconfig_notify+0x44/0xdc of_detach_node+0x78/0xb0 ofdt_write.part.0+0x86c/0xbb8 proc_reg_write+0xf4/0x150 vfs_write+0xf8/0x488 ksys_write+0x84/0x140 system_call_exception+0x138/0x330 system_call_vectored_common+0x15c/0x2ec The patch adds the missing iommu_group_put() call. | |||||
| CVE-2022-48639 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: net: sched: fix possible refcount leak in tc_new_tfilter() tfilter_put need to be called to put the refount got by tp->ops->get to avoid possible refcount leak when chain->tmplt_ops != NULL and chain->tmplt_ops != tp->ops. | |||||
| CVE-2023-33741 | 2 Google, Macro-video | 2 Android, V380 Pro | 2025-01-13 | N/A | 7.5 HIGH |
| Macrovideo v380pro v1.4.97 shares the device id and password when sharing the device. | |||||
| CVE-2023-33740 | 2 Google, Luowice | 2 Android, Luowice | 2025-01-13 | N/A | 7.5 HIGH |
| Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message. | |||||
| CVE-2023-52500 | 1 Linux | 1 Linux Kernel | 2025-01-13 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command Tags allocated for OPC_INB_SET_CONTROLLER_CONFIG command need to be freed when we receive the response. | |||||
| CVE-2024-39727 | 1 Ibm | 1 Engineering Lifecycle Optimization - Engineering Insights | 2025-01-10 | N/A | 6.1 MEDIUM |
| IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser. | |||||
| CVE-2025-0211 | 1 Campcodes | 1 School Faculty Scheduling System | 2025-01-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Campcodes School Faculty Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-54096 | 1 Huawei | 2 Emui, Harmonyos | 2025-01-10 | N/A | 5.3 MEDIUM |
| Vulnerability of improper access control in the MTP module Impact: Successful exploitation of this vulnerability may affect integrity and accuracy. | |||||
| CVE-2024-49071 | 1 Microsoft | 1 Defender For Endpoint | 2025-01-10 | N/A | 6.5 MEDIUM |
| Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network. | |||||
| CVE-2023-23562 | 1 Stormshield | 1 Endpoint Security | 2025-01-10 | N/A | 4.3 MEDIUM |
| Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters. | |||||
| CVE-2024-1902 | 1 Lunary | 1 Lunary | 2025-01-10 | N/A | 7.5 HIGH |
| lunary-ai/lunary is vulnerable to a session reuse attack, allowing a removed user to change the organization name without proper authorization. The vulnerability stems from the lack of validation to check if a user is still part of an organization before allowing them to make changes. An attacker can exploit this by using an old authorization token to send a PATCH request, modifying the organization's name even after being removed from the organization. This issue is due to incorrect synchronization and affects the orgs.patch route. | |||||
| CVE-2024-23360 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2025-01-09 | N/A | 8.4 HIGH |
| Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers. | |||||
| CVE-2016-10408 | 1 Qualcomm | 10 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8037 and 7 more | 2025-01-09 | N/A | 8.4 HIGH |
| QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory. | |||||
| CVE-2023-28657 | 1 Contec | 1 Conprosys Hmi System | 2025-01-09 | N/A | 8.8 HIGH |
| Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As a result, information regarding the product may be obtained and/or altered by the user. | |||||
| CVE-2024-25964 | 1 Dell | 1 Powerscale Onefs | 2025-01-09 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS 9.5.0.x through 9.7.0.x contain a covert timing channel vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-25966 | 1 Dell | 1 Powerscale Onefs | 2025-01-09 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2024-25965 | 1 Dell | 1 Powerscale Onefs | 2025-01-09 | N/A | 6.1 MEDIUM |
| Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an external control of file name or path vulnerability. A local high privilege attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2023-43553 | 1 Qualcomm | 262 Ar8035, Ar8035 Firmware, Csr8811 and 259 more | 2025-01-09 | N/A | 9.8 CRITICAL |
| Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. | |||||