Total
66 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-69415 | 1 Plex | 1 Media Server | 2026-02-27 | N/A | 7.1 HIGH |
|
In Plex Media Server (PMS) through 1.42.2.10156, ability to access /myplex/account with a device token is not properly aligned with whether the device is currently associated with an account.
|
|||||
| CVE-2026-1237 | 2026-01-29 | N/A | N/A | ||
|
Vulnerable cross-model authorization in juju. If a charm's cross-model permissions are revoked or expire, a malicious user who is able to update database records can mint an invalid macaroon that is incorrectly validated by the juju controller, enabling a charm to maintain otherwise revoked or expired permissions. This allows a charm to continue relating to another charm in a cross-model relation, and use their workload without their permission. No fix is available as of the time of writing.
|
|||||
| CVE-2025-58149 | 1 Xen | 1 Xen | 2026-01-14 | N/A | 7.5 HIGH |
|
When passing through PCI devices, the detach logic in libxl won't remove
access permissions to any 64bit memory BARs the device might have. As a
result a domain can still have access any 64bit memory BAR when such
device is no longer assigned to the domain.
For PV domains the permission leak allows the domain itself to map the memory
in the page-tables. For HVM it would require a compromised device model or
stubdomain to map the leaked memory into the HVM domain p2m.
|
|||||
| CVE-2024-27308 | 2 Mio Project, Tokio | 2 Mio, Tokio | 2025-12-04 | N/A | 7.5 HIGH |
|
Mio is a Metal I/O library for Rust. When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some applications, invalid tokens may be ignored or cause a warning or a crash. On the other hand, for applications that store pointers in the tokens, this vulnerability may result in a use-after-free. For users of To ...
Show More |
|||||
| CVE-2025-39698 | 1 Linux | 1 Linux Kernel | 2025-11-25 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/futex: ensure io_futex_wait() cleans up properly on failure
The io_futex_data is allocated upfront and assigned to the io_kiocb
async_data field, but the request isn't marked with REQ_F_ASYNC_DATA
at that point. Those two should always go together, as the flag tells
io_uring whether the field is valid or not.
Additionally, on failure cleanup, the futex handler frees the data but
does not clear ->async_data. Clear the ...
Show More |
|||||
| CVE-2025-38290 | 1 Linux | 1 Linux Kernel | 2025-11-19 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: fix node corruption in ar->arvifs list
In current WLAN recovery code flow, ath12k_core_halt() only reinitializes
the "arvifs" list head. This will cause the list node immediately following
the list head to become an invalid list node. Because the prev of that node
still points to the list head "arvifs", but the next of the list head
"arvifs" no longer points to that list node.
When a WLAN recovery occurs during ...
Show More |
|||||
| CVE-2023-34326 | 1 Xen | 1 Xen | 2025-11-04 | N/A | 7.8 HIGH |
|
The caching invalidation guidelines from the AMD-Vi specification (48882—Rev
3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction
(see stale DMA mappings) if some fields of the DTE are updated but the IOMMU
TLB is not flushed.
Such stale DMA mappings can point to memory ranges not owned by the guest, thus
allowing access to unindented memory regions.
|
|||||
| CVE-2024-49955 | 1 Linux | 1 Linux Kernel | 2025-11-03 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ACPI: battery: Fix possible crash when unregistering a battery hook
When a battery hook returns an error when adding a new battery, then
the battery hook is automatically unregistered.
However the battery hook provider cannot know that, so it will later
call battery_hook_unregister() on the already unregistered battery
hook, resulting in a crash.
Fix this by using the list head to mark already unregistered battery
hooks as al ...
Show More |
|||||
| CVE-2021-42778 | 3 Fedoraproject, Opensc Project, Redhat | 3 Fedora, Opensc, Enterprise Linux | 2025-11-03 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
|
|||||
| CVE-2024-57929 | 1 Linux | 1 Linux Kernel | 2025-11-03 | N/A | 7.1 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
dm array: fix releasing a faulty array block twice in dm_array_cursor_end
When dm_bm_read_lock() fails due to locking or checksum errors, it
releases the faulty block implicitly while leaving an invalid output
pointer behind. The caller of dm_bm_read_lock() should not operate on
this invalid dm_block pointer, or it will lead to undefined result.
For example, the dm_array_cursor incorrectly caches the invalid pointer
on reading ...
Show More |
|||||
| CVE-2025-31253 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-03 | N/A | 7.1 HIGH |
|
This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced.
|
|||||
| CVE-2025-55669 | 1 F5 | 1 Big-ip Application Security Manager | 2025-10-22 | N/A | 7.5 HIGH |
|
When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
|
|||||
| CVE-2025-6031 | 2025-10-14 | N/A | 7.5 HIGH | ||
|
Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported.
When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status. The device defaults to a pairing status in which an arbitrary user can bypass SSL pinning to associate the device to an arbitrary network, allowing for network traffic interception and modification.
...
Show More |
|||||
| CVE-2020-24030 | 1 Forlogic | 1 Qualiex | 2025-10-14 | 7.5 HIGH | 9.8 CRITICAL |
|
ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens are properly expired, invalidated, and bound to session context. Attempts to alter the token payload to extend its validity do not affect server-side validation."
|
|||||
| CVE-2024-56674 | 1 Linux | 1 Linux Kernel | 2025-10-01 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
virtio_net: correct netdev_tx_reset_queue() invocation point
When virtnet_close is followed by virtnet_open, some TX completions can
possibly remain unconsumed, until they are finally processed during the
first NAPI poll after the netdev_tx_reset_queue(), resulting in a crash
[1]. Commit b96ed2c97c79 ("virtio_net: move netdev_tx_reset_queue() call
before RX napi enable") was not sufficient to eliminate all BQL crash
cases for ...
Show More |
|||||
| CVE-2025-10060 | 1 Mongodb | 1 Mongodb | 2025-09-18 | N/A | 6.5 MEDIUM |
|
MongoDB Server may allow upsert operations retried within a transaction to violate unique index constraints, potentially causing an invariant failure and server crash during commit. This issue may be triggered by improper WriteUnitOfWork state management. This issue affects MongoDB Server v6.0 versions prior to 6.0.25, MongoDB Server v7.0 versions prior to 7.0.22 and MongoDB Server v8.0 versions prior to 8.0.12
|
|||||
| CVE-2025-53901 | 1 Bytecodealliance | 1 Wasmtime | 2025-09-04 | N/A | 3.5 LOW |
|
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host (embedder). The specific bug is triggered by calling `path_open` after calling `fd_renumber` with either two equal argument values or a second argument being equal to a previously-closed file descriptor number value. The corrupt state introduced in `fd_renumber` will lead to the s ...
Show More |
|||||
| CVE-2025-30351 | 1 Monospace | 1 Directus | 2025-08-26 | N/A | 3.5 LOW |
|
Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.10.0 and prior to version 11.5.0, a suspended user can use the token generated in session auth mode to access the API despite their status. This happens because there is a check missing in `verifySessionJWT` to verify that a user is actually still active and allowed to access the API. One can extract the session token obtained by, e.g. login in to the app while still active and then, after the ...
Show More |
|||||
| CVE-2021-47294 | 1 Linux | 1 Linux Kernel | 2025-06-23 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
netrom: Decrease sock refcount when sock timers expire
Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to use
sock timer API. It replaces mod_timer() by sk_reset_timer(), and
del_timer() by sk_stop_timer().
Function sk_reset_timer() will increase the refcount of sock if it is
called on an inactive timer, hence, in case the timer expires, we need to
decrease the refcount ourselves in the handler, otherwise, t ...
Show More |
|||||
| CVE-2025-22149 | 2025-05-23 | N/A | N/A | ||
|
JWK Set (JSON Web Key Set) is a JWK and JWK Set Go implementation. Prior to 0.6.0, the project's provided HTTP client's local JWK Set cache should do a full replacement when the goroutine refreshes the remote JWK Set. The current behavior is to overwrite or append. This is a security issue for use cases that utilize the provided auto-caching HTTP client and where key removal from a JWK Set is equivalent to revocation. The affected auto-caching HTTP client was added in version v0.5.0 and fixed in ...
Show More |
|||||
| CVE-2022-30256 | 1 Maradns | 1 Maradns | 2025-04-29 | N/A | 7.5 HIGH |
|
An issue was discovered in MaraDNS Deadwood through 3.5.0021 that allows variant V1 of unintended domain name resolution. A revoked domain name can still be resolvable for a long time, including expired domains and taken-down malicious domains. The effects of an exploit would be widespread and highly impactful, because the exploitation conforms to de facto DNS specifications and operational practices, and overcomes current mitigation patches for "Ghost" domain names.
|
|||||
| CVE-2022-45292 | 1 Funkwhale | 1 Funkwhale | 2025-04-23 | N/A | 5.3 MEDIUM |
|
User invites for Funkwhale v1.2.8 do not permanently expire after being used for signup and can be used again after an account has been deleted.
|
|||||
| CVE-2025-2517 | 2025-04-23 | N/A | N/A | ||
|
Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager.
|
|||||
| CVE-2017-14895 | 1 Google | 1 Android | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, after a subsystem reset, iwpriv is not giving correct information.
|
|||||
| CVE-2017-0544 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
An elevation of privilege vulnerability in CameraBase could enable a local malicious application to execute arbitrary code. This issue is rated as High because it is a local arbitrary code execution in a privileged process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31992879.
|
|||||
| CVE-2022-22755 | 1 Mozilla | 1 Firefox | 2025-04-16 | N/A | 8.8 HIGH |
|
By using XSL Transforms, a malicious webserver could have served a user an XSL document that would continue to execute JavaScript (within the bounds of the same-origin policy) even after the tab was closed. This vulnerability affects Firefox < 97.
|
|||||
| CVE-2009-3547 | 8 Canonical, Fedoraproject, Linux and 5 more | 14 Ubuntu Linux, Fedora, Linux Kernel and 11 more | 2025-04-09 | 6.9 MEDIUM | 7.0 HIGH |
|
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
|
|||||
| CVE-2025-21117 | 1 Dell | 1 Avamar Server | 2025-03-28 | N/A | 6.6 MEDIUM |
|
Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low privileged local attacker could potentially exploit this vulnerability, leading to fully impersonating the user.
|
|||||
| CVE-2024-47571 | 1 Fortinet | 1 Fortimanager | 2025-03-19 | N/A | 8.1 HIGH |
|
An operation on a resource after expiration or release in Fortinet FortiManager 6.4.12 through 7.4.0 allows an attacker to gain improper access to FortiGate via valid credentials.
|
|||||
| CVE-2022-27499 | 1 Intel | 1 Sgx Sdk | 2025-02-05 | N/A | 2.5 LOW |
|
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
|
|||||
| CVE-2021-47069 | 1 Linux | 1 Linux Kernel | 2025-01-09 | N/A | 7.0 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
do_mq_timedreceive calls wq_sleep with a stack local address. The
sender (do_mq_timedsend) uses this address to later call pipelined_send.
This leads to a very hard to trigger race where a do_mq_timedreceive
call might return and leave do_mq_timedsend to rely on an invalid
address, causing the following crash:
RIP: 0010:wake_q_add_safe+0x13/0x60
Ca ...
Show More |
|||||
| CVE-2024-31895 | 1 Ibm | 1 App Connect Enterprise | 2025-01-08 | N/A | 4.3 MEDIUM |
|
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.
|
|||||
| CVE-2024-31894 | 1 Ibm | 1 App Connect Enterprise | 2025-01-08 | N/A | 4.3 MEDIUM |
|
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175.
|
|||||
| CVE-2024-31893 | 1 Ibm | 1 App Connect Enterprise | 2025-01-07 | N/A | 4.3 MEDIUM |
|
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174.
|
|||||
| CVE-2024-25619 | 1 Joinmastodon | 1 Mastodon | 2024-12-18 | N/A | 3.1 LOW |
|
Mastodon is a free, open-source social network server based on ActivityPub. When an OAuth Application is destroyed, the streaming server wasn't being informed that the Access Tokens had also been destroyed, this could have posed security risks to users by allowing an application to continue listening to streaming after the application had been destroyed. Essentially this comes down to the fact that when Doorkeeper sets up the relationship between Applications and Access Tokens, it uses a `depend ...
Show More |
|||||
| CVE-2023-48220 | 2 Decidim, Scambra | 2 Decidim, Devise Invitable | 2024-12-16 | N/A | 5.7 MEDIUM |
|
Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the `devise_invitable` gem, the invites feature allows users to accept the invitation for an unlimited amount of time through the password reset functionality. This issue creates vulnerable dependencies starting in version 0.0.1.alpha3 and prior to versions 0.26.9, 0.27.5, and 0.28.0 of the `decidim,` `decidim-admin`, and `decidim-system` gems. When using the password reset functionality, th ...
Show More |
|||||
| CVE-2024-4693 | 2024-11-21 | N/A | 5.5 MEDIUM | ||
|
A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhost_net_stop(). This flaw allows a malicious guest to crash the QEMU process on the host.
|
|||||
| CVE-2024-23638 | 1 Squid-cache | 1 Squid | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Squid is a caching proxy for the Web. Due to an expired pointer reference bug, Squid prior to version 6.6 is vulnerable to a Denial of Service attack against Cache Manager error responses. This problem allows a trusted client to perform Denial of Service when generating error pages for Client Manager reports. Squid older than 5.0.5 have not been tested and should be assumed to be vulnerable. All Squid-5.x up to and including 5.9 are vulnerable. All Squid-6.x up to and including 6.5 are vulnerabl ...
Show More |
|||||
| CVE-2024-23332 | 1 Notaryproject | 1 Notation-go | 2024-11-21 | N/A | 4.0 MEDIUM |
|
The Notary Project is a set of specifications and tools intended to provide a cross-industry standard for securing software supply chains by using authentic container images and other OCI artifacts. An external actor with control of a compromised container registry can provide outdated versions of OCI artifacts, such as Images. This could lead artifact consumers with relaxed trust policies (such as `permissive` instead of `strict`) to potentially use artifacts with signatures that are no longer ...
Show More |
|||||
| CVE-2023-42446 | 1 Powauth | 1 Pow | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Pow is a authentication and user management solution for Phoenix and Plug-based apps. Starting in version 1.0.14 and prior to version 1.0.34, use of `Pow.Store.Backend.MnesiaCache` is susceptible to session hijacking as expired keys are not being invalidated correctly on startup. A session may expire when all `Pow.Store.Backend.MnesiaCache` instances have been shut down for a period that is longer than a session's remaining TTL. Version 1.0.34 contains a patch for this issue. As a workaround, ex ...
Show More |
|||||