Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50191 | 1 Linux | 1 Linux Kernel | 2026-01-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ext4: don't set SB_RDONLY after filesystem errors
When the filesystem is mounted with errors=remount-ro, we were setting
SB_RDONLY flag to stop all filesystem modifications. We knew this misses
proper locking (sb->s_umount) and does not go through proper filesystem
remount procedure but it has been the way this worked since early ext2
days and it was good enough for catastrophic situation damage
mitigation. Recently, syzbot ha ...
Show More |
|||||
| CVE-2024-46823 | 1 Linux | 1 Linux Kernel | 2026-01-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
kunit/overflow: Fix UB in overflow_allocation_test
The 'device_name' array doesn't exist out of the
'overflow_allocation_test' function scope. However, it is being used as
a driver name when calling 'kunit_driver_create' from
'kunit_device_register'. It produces the kernel panic with KASAN
enabled.
Since this variable is used in one place only, remove it and pass the
device name into kunit_device_register directly as an ascii ...
Show More |
|||||
| CVE-2024-41068 | 1 Linux | 1 Linux Kernel | 2026-01-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
s390/sclp: Fix sclp_init() cleanup on failure
If sclp_init() fails it only partially cleans up: if there are multiple
failing calls to sclp_init() sclp_state_change_event will be added several
times to sclp_reg_list, which results in the following warning:
------------[ cut here ]------------
list_add double add: new=000003ffe1598c10, prev=000003ffe1598bf0, next=000003ffe1598c10.
WARNING: CPU: 0 PID: 1 at lib/list_debug.c:35 ...
Show More |
|||||
| CVE-2024-26938 | 1 Linux | 1 Linux Kernel | 2026-01-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()
If we have no VBT, or the VBT didn't declare the encoder
in question, we won't have the 'devdata' for the encoder.
Instead of oopsing just bail early.
We won't be able to tell whether the port is DP++ or not,
but so be it.
(cherry picked from commit 26410896206342c8a80d2b027923e9ee7d33b733)
|
|||||
| CVE-2024-26845 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2026-01-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: target: core: Add TMF to tmr_list handling
An abort that is responded to by iSCSI itself is added to tmr_list but does
not go to target core. A LUN_RESET that goes through tmr_list takes a
refcounter on the abort and waits for completion. However, the abort will
be never complete because it was not started in target core.
Unable to locate ITT: 0x05000000 on CID: 0
Unable to locate RefTaskTag: 0x05000000 on CID: 0.
wa ...
Show More |
|||||
| CVE-2023-52476 | 1 Linux | 1 Linux Kernel | 2026-01-05 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/lbr: Filter vsyscall addresses
We found that a panic can occur when a vsyscall is made while LBR sampling
is active. If the vsyscall is interrupted (NMI) for perf sampling, this
call sequence can occur (most recent at top):
__insn_get_emulate_prefix()
insn_get_emulate_prefix()
insn_get_prefixes()
insn_get_opcode()
decode_branch_type()
get_branch_type()
intel_pmu_lbr_filter()
intel_pmu_ ...
Show More |
|||||
| CVE-2025-64666 | 1 Microsoft | 1 Exchange Server | 2026-01-02 | N/A | 7.5 HIGH |
|
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.
|
|||||
| CVE-2025-39753 | 1 Linux | 1 Linux Kernel | 2026-01-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops
Clears up the warning added in 7ee3647243e5 ("migrate: Remove call to
->writepage") that occurs in various xfstests, causing "something found
in dmesg" failures.
[ 341.136573] gfs2_meta_aops does not implement migrate_folio
[ 341.136953] WARNING: CPU: 1 PID: 36 at mm/migrate.c:944 move_to_new_folio+0x2f8/0x300
|
|||||
| CVE-2025-22008 | 1 Linux | 1 Linux Kernel | 2026-01-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
regulator: check that dummy regulator has been probed before using it
Due to asynchronous driver probing there is a chance that the dummy
regulator hasn't already been probed when first accessing it.
|
|||||
| CVE-2025-21992 | 1 Linux | 1 Linux Kernel | 2026-01-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
HID: ignore non-functional sensor in HP 5MP Camera
The HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that
is not actually implemented. Attempting to access this non-functional
sensor via iio_info causes system hangs as runtime PM tries to wake up
an unresponsive sensor.
[453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff
[453] hid-sensor-hub 0003:0408:5473.0003: common ...
Show More |
|||||
| CVE-2025-21699 | 1 Linux | 1 Linux Kernel | 2026-01-02 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
Truncate an inode's address space when flipping the GFS2_DIF_JDATA flag:
depending on that flag, the pages in the address space will either use
buffer heads or iomap_folio_state structs, and we cannot mix the two.
|
|||||
| CVE-2024-29883 | 1 Miraheze | 1 Createwiki | 2026-01-02 | N/A | 4.9 MEDIUM |
|
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Suppression of wiki requests does not work as intended, and always restricts visibility to those with the `(createwiki)` user right regardless of the settings one sets on a given wiki request. This may expose information to users who are not supposed to be able to access it.
|
|||||
| CVE-2023-50257 | 1 Eprosima | 1 Fast Dds | 2026-01-02 | N/A | 9.6 CRITICAL |
|
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (`p[UD]`) and `guid` values used to disconnect between nodes are not encrypted, a vulnerability has been discovered where a malicious attacker can forcibly disconnect a Subscriber and can deny a Subscriber attempting to connect. Afterwards, if the attacker sends the packet for disconnecting, wh ...
Show More |
|||||
| CVE-2025-68697 | 1 N8n | 1 N8n | 2025-12-31 | N/A | 7.1 HIGH |
|
n8n is an open source workflow automation platform. Prior to version 2.0.0, in self-hosted n8n instances where the Code node runs in legacy (non-task-runner) JavaScript execution mode, authenticated users with workflow editing access can invoke internal helper functions from within the Code node. This allows a workflow editor to perform actions on the n8n host with the same privileges as the n8n process, including: reading files from the host filesystem (subject to any file-access restrictions c ...
Show More |
|||||
| CVE-2024-47866 | 1 Redhat | 1 Ceph | 2025-12-31 | N/A | 7.5 HIGH |
|
Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument `x-amz-copy-source` to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no known patched versions exist.
|
|||||
| CVE-2025-46331 | 1 Openfga | 2 Helm Charts, Openfga | 2025-12-31 | N/A | 9.8 CRITICAL |
|
OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.10 to v1.3.6 (Helm chart <= openfga-0.2.28, docker <= v.1.8.10) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. This issue has been patched in version 1.8.11.
|
|||||
| CVE-2025-59500 | 1 Microsoft | 1 Azure Notification Service | 2025-12-31 | N/A | 7.7 HIGH |
|
Improper access control in Azure Notification Service allows an authorized attacker to elevate privileges over a network.
|
|||||
| CVE-2024-30146 | 1 Hcltech | 1 Domino Leap | 2025-12-31 | N/A | 4.1 MEDIUM |
|
Improper access control of endpoint in HCL Domino Leap
allows certain admin users to import applications from the
server's filesystem.
|
|||||
| CVE-2024-33065 | 1 Qualcomm | 86 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 83 more | 2025-12-31 | N/A | 8.4 HIGH |
|
Memory corruption while taking snapshot when an offset variable is set by camera driver.
|
|||||
| CVE-2024-39580 | 1 Dell | 1 Insightiq | 2025-12-31 | N/A | 6.7 MEDIUM |
|
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains an Improper Access Control vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
|
|||||
| CVE-2023-52623 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-31 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: Fix a suspicious RCU usage warning
I received the following warning while running cthon against an ontap
server running pNFS:
[ 57.202521] =============================
[ 57.202522] WARNING: suspicious RCU usage
[ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted
[ 57.202525] -----------------------------
[ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!!
[ 57.202527 ...
Show More |
|||||
| CVE-2024-23128 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-12-31 | N/A | 7.8 HIGH |
|
A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
|
|||||
| CVE-2024-23133 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-12-31 | N/A | 7.8 HIGH |
|
A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2024-23131 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-12-31 | N/A | 7.8 HIGH |
|
A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
|
|||||
| CVE-2024-23130 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-12-31 | N/A | 7.8 HIGH |
|
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
|
|||||
| CVE-2024-23129 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-12-31 | N/A | 7.8 HIGH |
|
A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
|
|||||
| CVE-2025-14909 | 1 Jeecg | 1 Jeecg Boot | 2025-12-30 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A weakness has been identified in JeecgBoot up to 3.9.0. The impacted element is the function SysUserOnlineController of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserOnlineController.java. Executing manipulation can lead to manage user sessions. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This patch is called b686f9fbd1917edffe5922c6362c817a9361cfbd. Applying a ...
Show More |
|||||
| CVE-2025-43530 | 1 Apple | 1 Macos | 2025-12-30 | N/A | 5.5 MEDIUM |
|
This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2, macOS Sonoma 14.8.3, macOS Sequoia 15.7.3, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access sensitive user data.
|
|||||
| CVE-2025-43402 | 1 Apple | 1 Macos | 2025-12-30 | N/A | 7.8 HIGH |
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.
|
|||||
| CVE-2025-64507 | 1 Linuxcontainers | 1 Incus | 2025-12-29 | N/A | 7.8 HIGH |
|
Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an unprivileged user may have root access to a container with an attached custom storage volume that has the `security.shifted` property set to `true` as well as access to the host as an unprivileged user. The most common case for this would be systems using `incus-user` with the less privileged `incus` group to provide unprivileged users with an ...
Show More |
|||||
| CVE-2025-1945 | 1 Mmaitre314 | 1 Picklescan | 2025-12-29 | N/A | 9.8 CRITICAL |
|
picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model.
|
|||||
| CVE-2025-1944 | 1 Mmaitre314 | 1 Picklescan | 2025-12-29 | N/A | 6.5 MEDIUM |
|
picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection.
|
|||||
| CVE-2025-1889 | 1 Mmaitre314 | 1 Picklescan | 2025-12-29 | N/A | 9.8 CRITICAL |
|
picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic.
|
|||||
| CVE-2025-46291 | 1 Apple | 1 Macos | 2025-12-26 | N/A | 7.8 HIGH |
|
A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.
|
|||||
| CVE-2025-38406 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-23 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath6kl: remove WARN on bad firmware input
If the firmware gives bad input, that's nothing to do with
the driver's stack at this point etc., so the WARN_ON()
doesn't add any value. Additionally, this is one of the
top syzbot reports now. Just print a message, and as an
added bonus, print the sizes too.
|
|||||
| CVE-2025-38403 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-23 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
vsock/vmci: Clear the vmci transport packet properly when initializing it
In vmci_transport_packet_init memset the vmci_transport_packet before
populating the fields to avoid any uninitialised data being left in the
structure.
|
|||||
| CVE-2025-38396 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-23 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass
Export anon_inode_make_secure_inode() to allow KVM guest_memfd to create
anonymous inodes with proper security context. This replaces the current
pattern of calling alloc_anon_inode() followed by
inode_init_security_anon() for creating security context manually.
This change also fixes a security regression in secretmem where the
S_PRIVATE flag was not clea ...
Show More |
|||||
| CVE-2025-38400 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-23 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.
syzbot reported a warning below [1] following a fault injection in
nfs_fs_proc_net_init(). [0]
When nfs_fs_proc_net_init() fails, /proc/net/rpc/nfs is not removed.
Later, rpc_proc_exit() tries to remove /proc/net/rpc, and the warning
is logged as the directory is not empty.
Let's handle the error of nfs_fs_proc_net_init() properly.
[0]:
FAULT_INJECTION: for ...
Show More |
|||||
| CVE-2024-26922 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2025-12-23 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: validate the parameters of bo mapping operations more clearly
Verify the parameters of
amdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.
|
|||||
| CVE-2024-26877 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-23 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: xilinx - call finalize with bh disabled
When calling crypto_finalize_request, BH should be disabled to avoid
triggering the following calltrace:
------------[ cut here ]------------
WARNING: CPU: 2 PID: 74 at crypto/crypto_engine.c:58 crypto_finalize_request+0xa0/0x118
Modules linked in: cryptodev(O)
CPU: 2 PID: 74 Comm: firmware:zynqmp Tainted: G O 6.8.0-rc1-yocto-standard #323
Har ...
Show More |
|||||