Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-57212 | 1 Fuyang Lipengjun | 1 Platform | 2025-12-05 | N/A | 7.5 HIGH |
|
Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request.
|
|||||
| CVE-2025-57210 | 1 Fuyang Lipengjun | 1 Platform | 2025-12-05 | N/A | 7.5 HIGH |
|
Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors.
|
|||||
| CVE-2025-63681 | 1 Openwebui | 1 Open Webui | 2025-12-05 | N/A | 4.3 MEDIUM |
|
open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers (a normal user) to stop arbitrary LLM response tasks.
|
|||||
| CVE-2025-58475 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 5.6 MEDIUM |
|
Improper input validation in libsec-ril.so prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2025-20389 | 1 Splunk | 3 Splunk, Splunk Cloud Platform, Splunk Secure Gateway | 2025-12-05 | N/A | 4.3 MEDIUM |
|
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10, 3.8.58 and 3.7.28 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the `label` column field after adding a new device in the Splunk Secure Gateway app. This could potentially lead to a client-side denial of service (DoS).
|
|||||
| CVE-2023-24108 | 1 Zetacomponents | 1 Mvctools | 2025-12-05 | N/A | 9.8 CRITICAL |
|
MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.
|
|||||
| CVE-2025-9553 | 1 Api Key Manager Project | 1 Api Key Manager | 2025-12-05 | N/A | 5.3 MEDIUM |
|
Vulnerability in Drupal API Key manager.This issue affects API Key manager: *.*.
|
|||||
| CVE-2025-9554 | 1 Owl Carousel 2 Project | 1 Owl Carousel 2 | 2025-12-05 | N/A | 5.3 MEDIUM |
|
Vulnerability in Drupal Owl Carousel 2.This issue affects Owl Carousel 2: *.*.
|
|||||
| CVE-2025-6680 | 1 Themeum | 1 Tutor Lms | 2025-12-05 | N/A | 4.3 MEDIUM |
|
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.3. This makes it possible for authenticated attackers, with tutor-level access and above, to view assignments for courses they don't teach which may contain sensitive information.
|
|||||
| CVE-2025-61688 | 1 Siderolabs | 1 Omni | 2025-12-04 | N/A | 8.6 HIGH |
|
Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API.
|
|||||
| CVE-2014-3480 | 5 Debian, File Project, Opensuse and 2 more | 5 Debian Linux, File, Opensuse and 2 more | 2025-12-04 | 4.3 MEDIUM | 6.5 MEDIUM |
|
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
|
|||||
| CVE-2025-64715 | 1 Cilium | 1 Cilium | 2025-12-04 | N/A | 4.0 MEDIUM |
|
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.16.17, 1.17.10, and 1.18.4, CiliumNetworkPolicys which use egress.toGroups.aws.securityGroupsIds to reference AWS security group IDs that do not exist or are not attached to any network interface may unintentionally allow broader outbound access than intended by the policy authors. In such cases, the toCIDRset section of the derived policy is not generated, which means outbound traffic ...
Show More |
|||||
| CVE-2025-56396 | 1 Ruoyi | 1 Ruoyi | 2025-12-04 | N/A | 8.8 HIGH |
|
An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the owning department having higher rights than the active user.
|
|||||
| CVE-2015-5224 | 1 Kernel | 1 Util-linux | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
|
The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks.
|
|||||
| CVE-2025-13631 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-12-04 | N/A | 8.8 HIGH |
|
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)
|
|||||
| CVE-2022-50285 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages
The h->*_huge_pages counters are protected by the hugetlb_lock, but
alloc_huge_page has a corner case where it can decrement the counter
outside of the lock.
This could lead to a corrupted value of h->resv_huge_pages, which we have
observed on our systems.
Take the hugetlb_lock before decrementing h->resv_huge_pages to avoid a
potential race.
|
|||||
| CVE-2022-50291 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
kcm: annotate data-races around kcm->rx_psock
kcm->rx_psock can be read locklessly in kcm_rfree().
Annotate the read and writes accordingly.
We do the same for kcm->rx_wait in the following patch.
syzbot reported:
BUG: KCSAN: data-race in kcm_rfree / unreserve_rx_kcm
write to 0xffff888123d827b8 of 8 bytes by task 2758 on cpu 1:
unreserve_rx_kcm+0x72/0x1f0 net/kcm/kcmsock.c:313
kcm_rcv_strparser+0x2b5/0x3a0 net/kcm/kcmsock.c ...
Show More |
|||||
| CVE-2022-50292 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/msm/dp: fix bridge lifetime
Device-managed resources allocated post component bind must be tied to
the lifetime of the aggregate DRM device or they will not necessarily be
released when binding of the aggregate device is deferred.
This can lead resource leaks or failure to bind the aggregate device
when binding is later retried and a second attempt to allocate the
resources is made.
For the DP bridges, previously allocat ...
Show More |
|||||
| CVE-2025-58481 | 1 Samsung | 1 Motionphoto | 2025-12-04 | N/A | 7.3 HIGH |
|
Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
|
|||||
| CVE-2025-58482 | 1 Samsung | 1 Motionphoto | 2025-12-04 | N/A | 7.3 HIGH |
|
Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
|
|||||
| CVE-2025-37156 | 1 Hpe | 1 Arubaos-cx | 2025-12-04 | N/A | 6.8 MEDIUM |
|
A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional.
|
|||||
| CVE-2025-13640 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2025-12-04 | N/A | 3.5 LOW |
|
Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. (Chromium security severity: Low)
|
|||||
| CVE-2025-53939 | 1 Accellion | 1 Kiteworks | 2025-12-04 | N/A | 6.3 MEDIUM |
|
Kiteworks is a private data network (PDN). Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0.
|
|||||
| CVE-2016-9842 | 8 Apple, Canonical, Debian and 5 more | 19 Iphone Os, Mac Os X, Tvos and 16 more | 2025-12-04 | 6.8 MEDIUM | 8.8 HIGH |
|
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
|
|||||
| CVE-2025-12889 | 1 Wolfssl | 1 Wolfssl | 2025-12-04 | N/A | 5.4 MEDIUM |
|
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.
|
|||||
| CVE-2022-50296 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK
When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected,
cpu_max_bits_warn() generates a runtime warning similar as below while
we show /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit)
instead of NR_CPUS to iterate CPUs.
[ 3.052463] ------------[ cut here ]------------
[ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 sh ...
Show More |
|||||
| CVE-2022-50297 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: ath9k: verify the expected usb_endpoints are present
The bug arises when a USB device claims to be an ATH9K but doesn't
have the expected endpoints. (In this case there was an interrupt
endpoint where the driver expected a bulk endpoint.) The kernel
needs to be able to handle such devices without getting an internal error.
usb 1-1: BOGUS urb xfer, pipe 3 != type 1
WARNING: CPU: 3 PID: 500 at drivers/usb/core/urb.c:493 u ...
Show More |
|||||
| CVE-2022-50298 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
slimbus: qcom-ngd: cleanup in probe error path
Add proper error path in probe() to cleanup resources previously
acquired/allocated to fix warnings visible during probe deferral:
notifier callback qcom_slim_ngd_ssr_notify already registered
WARNING: CPU: 6 PID: 70 at kernel/notifier.c:28 notifier_chain_register+0x5c/0x90
Modules linked in:
CPU: 6 PID: 70 Comm: kworker/u16:1 Not tainted 6.0.0-rc3-next-20220830 #380
Ca ...
Show More |
|||||
| CVE-2022-50299 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
md: Replace snprintf with scnprintf
Current code produces a warning as shown below when total characters
in the constituent block device names plus the slashes exceeds 200.
snprintf() returns the number of characters generated from the given
input, which could cause the expression “200 – len” to wrap around
to a large positive number. Fix this by using scnprintf() instead,
which returns the actual number of characters written ...
Show More |
|||||
| CVE-2022-50302 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
lockd: set other missing fields when unlocking files
vfs_lock_file() expects the struct file_lock to be fully initialised by
the caller. Re-exported NFSv3 has been seen to Oops if the fl_file field
is NULL.
|
|||||
| CVE-2022-50313 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
erofs: fix order >= MAX_ORDER warning due to crafted negative i_size
As syzbot reported [1], the root cause is that i_size field is a
signed type, and negative i_size is also less than EROFS_BLKSIZ.
As a consequence, it's handled as fast symlink unexpectedly.
Let's fall back to the generic path to deal with such unusual i_size.
[1] https://lore.kernel.org/r/[email protected]
|
|||||
| CVE-2022-50314 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
syzbot reported hung task [1]. The following program is a simplified
version of the reproducer:
int main(void)
{
int sv[2], fd;
if (socketpair(AF_UNIX, SOCK_STREAM, 0, sv) < 0)
return 1;
if ((fd = open("/dev/nbd0", 0)) < 0)
return 1;
if (ioctl(fd, NBD_SET_SIZE_BLOCKS, 0x81) < 0)
return 1;
if (ioctl(fd, NBD_SET_SOCK, sv[0]) < 0)
return 1;
if (ioctl(f ...
Show More |
|||||
| CVE-2022-50319 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
coresight: trbe: remove cpuhp instance node before remove cpuhp state
cpuhp_state_add_instance() and cpuhp_state_remove_instance() should
be used in pairs. Or there will lead to the warn on
cpuhp_remove_multi_state() since the cpuhp_step list is not empty.
The following is the error log with 'rmmod coresight-trbe':
Error: Removing state 215 which has instances left.
Call trace:
__cpuhp_remove_state_cpuslocked+0x144/0x160
...
Show More |
|||||
| CVE-2022-50322 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe()
With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
indirect call targets are validated against the expected function
pointer prototype to make sure the call target is valid to help mitigate
ROP attacks. If they are not identical, there is a failure at run time,
which manifests as either a kernel panic or thread getting killed.
msc313_rtc_prob ...
Show More |
|||||
| CVE-2022-50323 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net: do not sense pfmemalloc status in skb_append_pagefrags()
skb_append_pagefrags() is used by af_unix and udp sendpage()
implementation so far.
In commit 326140063946 ("tcp: TX zerocopy should not sense
pfmemalloc status") we explained why we should not sense
pfmemalloc status for pages owned by user space.
We should also use skb_fill_page_desc_noacc()
in skb_append_pagefrags() to avoid following KCSAN report:
BUG: KCSAN: ...
Show More |
|||||
| CVE-2023-53201 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
RDMA/bnxt_re: wraparound mbox producer index
Driver is not handling the wraparound of the mbox producer index correctly.
Currently the wraparound happens once u32 max is reached.
Bit 31 of the producer index register is special and should be set
only once for the first command. Because the producer index overflow
setting bit31 after a long time, FW goes to initialization sequence
and this causes FW hang.
Fix is to wraparound ...
Show More |
|||||
| CVE-2025-64703 | 1 Maxkb | 1 Maxkb | 2025-12-04 | N/A | 6.3 MEDIUM |
|
MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can get sensitive informations by Python code in tool module, although the process run in sandbox. Version 2.3.1 fixes the issue.
|
|||||
| CVE-2022-50332 | 1 Linux | 1 Linux Kernel | 2025-12-04 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
video/aperture: Call sysfb_disable() before removing PCI devices
Call sysfb_disable() from aperture_remove_conflicting_pci_devices()
before removing PCI devices. Without, simpledrm can still bind to
simple-framebuffer devices after the hardware driver has taken over
the hardware. Both drivers interfere with each other and results are
undefined.
Reported modesetting errors [1] are shown below.
---- snap ----
rcu: INFO: rcu_sc ...
Show More |
|||||
| CVE-2017-9023 | 1 Strongswan | 1 Strongswan | 2025-12-03 | 4.3 MEDIUM | 7.5 HIGH |
|
The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate.
|
|||||
| CVE-2024-1648 | 1 Fraserxu | 1 Electron-pdf | 2025-12-03 | N/A | 7.5 HIGH |
|
electron-pdf version 20.0.0 allows an external attacker to remotely obtain
arbitrary local files. This is possible because the application does not
validate the HTML content entered by the user.
|
|||||