Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38580 | 1 Linux | 1 Linux Kernel | 2025-10-20 | N/A | 4.7 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
epoll: be better about file lifetimes
epoll can call out to vfs_poll() with a file pointer that may race with
the last 'fput()'. That would make f_count go down to zero, and while
the ep->mtx locking means that the resulting file pointer tear-down will
be blocked until the poll returns, it means that f_count is already
dead, and any use of it won't actually get a reference to the file any
more: it's dead regardless.
Make sure ...
Show More |
|||||
| CVE-2024-38564 | 1 Linux | 1 Linux Kernel | 2025-10-20 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
bpf_prog_attach uses attach_type_to_prog_type to enforce proper
attach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses
bpf_prog_get and relies on bpf_prog_attach_check_attach_type
to properly verify prog_type <> attach_type association.
Add missing attach_type enforcement for the link_create case.
Otherwise, it's currently possible to attach cgro ...
Show More |
|||||
| CVE-2025-9067 | 1 Rockwellautomation | 1 Factorytalk Linx | 2025-10-20 | N/A | 7.8 HIGH |
|
A security issue exists within the x86 Microsoft Installer File (MSI), installed with FTLinx. Authenticated attackers with valid Windows user credentials can initiate a repair and hijack the resulting console window. This allows the launching of a command prompt running with SYSTEM-level privileges, allowing full access to all files, processes, and system resources.
|
|||||
| CVE-2025-25004 | 1 Microsoft | 17 Powershell, Windows 10 1507, Windows 10 1607 and 14 more | 2025-10-20 | N/A | 7.3 HIGH |
|
Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally.
|
|||||
| CVE-2025-9842 | 1 Das | 1 Parking Management System | 2025-10-20 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was detected in Das Parking Management System 停车场管理系统 6.2.0. This impacts an unknown function of the file /Operator/Search. The manipulation results in information disclosure. The attack may be performed from remote. The exploit is now public and may be used.
|
|||||
| CVE-2025-9843 | 1 Das | 1 Parking Management System | 2025-10-20 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A flaw has been found in Das Parking Management System 停车场管理系统 6.2.0. Affected is an unknown function of the file /Operator/FindAll. This manipulation causes information disclosure. It is possible to initiate the attack remotely. The exploit has been published and may be used.
|
|||||
| CVE-2025-54914 | 1 Microsoft | 1 Azure Networking | 2025-10-20 | N/A | 10.0 CRITICAL |
|
Azure Networking Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-40594 | 1 Siemens | 6 Sinamics G220, Sinamics G220 Firmware, Sinamics S200 and 3 more | 2025-10-20 | N/A | 6.3 MEDIUM |
|
A vulnerability has been identified in SINAMICS G220 V6.4 (All versions < V6.4 HF2), SINAMICS S200 V6.4 (All versions), SINAMICS S210 V6.4 (All versions < V6.4 HF2). The affected devices allow a factory reset to be executed without the required privileges due to improper privilege management as well as manipulation of configuration data because of leaked privileges of previous sessions. This could allow an unauthorized attacker to escalate their privileges.
|
|||||
| CVE-2025-21057 | 1 Samsung | 1 Notes | 2025-10-20 | N/A | 4.0 MEDIUM |
|
Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.
|
|||||
| CVE-2022-38150 | 2 Fedoraproject, Varnish Cache Project | 2 Fedora, Varnish Cache | 2025-10-20 | N/A | 7.5 HIGH |
|
In Varnish Cache 7.0.0, 7.0.1, 7.0.2, and 7.1.0, it is possible to cause the Varnish Server to assert and automatically restart through forged HTTP/1 backend responses. An attack uses a crafted reason phrase of the backend response status line. This is fixed in 7.0.3 and 7.1.1.
|
|||||
| CVE-2022-37002 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2025-10-20 | N/A | 9.8 CRITICAL |
|
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
|
|||||
| CVE-2025-45156 | 1 Splashin | 1 Splashin | 2025-10-17 | N/A | 5.3 MEDIUM |
|
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users.
|
|||||
| CVE-2023-24676 | 1 Processwire | 1 Processwire | 2025-10-17 | N/A | 7.2 HIGH |
|
An issue found in ProcessWire 3.0.210 allows attackers to execute arbitrary code and install a reverse shell via the download_zip_url parameter when installing a new module. NOTE: this is disputed because exploitation requires that the attacker is able to enter requests as an admin; however, a ProcessWire admin is intentionally allowed to install any module that contains any arbitrary code.
|
|||||
| CVE-2025-55293 | 1 Meshtastic | 1 Meshtastic Firmware | 2025-10-17 | N/A | 9.4 CRITICAL |
|
Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if (p.public_key.size > 0) {', clearing the existing publicKey (and resetting the size to 0) for a known node. Then a new key bypasses 'if (info->user.public_key.size > 0) {', and this malicious key is stored in NodeDB. This vulnerability is fixed in 2.6.3.
|
|||||
| CVE-2024-57844 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Fix fault on fd close after unbind
If userspace holds an fd open, unbinds the device and then closes it,
the driver shouldn't try to access the hardware. Protect it by using
drm_dev_enter()/drm_dev_exit(). This fixes the following page fault:
<6> [IGT] xe_wedged: exiting, ret=98
<1> BUG: unable to handle page fault for address: ffffc901bc5e508c
<1> #PF: supervisor read access in kernel mode
<1> #PF: error_code(0x0000) ...
Show More |
|||||
| CVE-2024-57880 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: Intel: sof_sdw: Add space for a terminator into DAIs array
The code uses the initialised member of the asoc_sdw_dailink struct to
determine if a member of the array is in use. However in the case the
array is completely full this will lead to an access 1 past the end of
the array, expand the array by one entry to include a space for a
terminator.
|
|||||
| CVE-2025-55234 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-10-17 | N/A | 8.8 HIGH |
|
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks.
The SMB Server already supports mechanisms for hardening against relay attacks:
SMB Server signing
SMB Server Extended Protection for Authentication (EPA)
Microsoft is releasing this CVE to provide customers with audit capabilities to help them to assess their envir ...
Show More |
|||||
| CVE-2024-57898 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 3.3 LOW |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: cfg80211: clear link ID from bitmap during link delete after clean up
Currently, during link deletion, the link ID is first removed from the
valid_links bitmap before performing any clean-up operations. However, some
functions require the link ID to remain in the valid_links bitmap. One
such example is cfg80211_cac_event(). The flow is -
nl80211_remove_link()
cfg80211_remove_link()
ieee80211_del_intf_link()
...
Show More |
|||||
| CVE-2024-57899 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: fix mbss changed flags corruption on 32 bit systems
On 32-bit systems, the size of an unsigned long is 4 bytes,
while a u64 is 8 bytes. Therefore, when using
or_each_set_bit(bit, &bits, sizeof(changed) * BITS_PER_BYTE),
the code is incorrectly searching for a bit in a 32-bit
variable that is expected to be 64 bits in size,
leading to incorrect bit finding.
Solution: Ensure that the size of the bits variable is ...
Show More |
|||||
| CVE-2024-57875 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
block: RCU protect disk->conv_zones_bitmap
Ensure that a disk revalidation changing the conventional zones bitmap
of a disk does not cause invalid memory references when using the
disk_zone_is_conv() helper by RCU protecting the disk->conv_zones_bitmap
pointer.
disk_zone_is_conv() is modified to operate under the RCU read lock and
the function disk_set_conv_zones_bitmap() is added to update a disk
conv_zones_bitmap pointer us ...
Show More |
|||||
| CVE-2024-57809 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
PCI: imx6: Fix suspend/resume support on i.MX6QDL
The suspend/resume functionality is currently broken on the i.MX6QDL
platform, as documented in the NXP errata (ERR005723):
https://www.nxp.com/docs/en/errata/IMX6DQCE.pdf
This patch addresses the issue by sharing most of the suspend/resume
sequences used by other i.MX devices, while avoiding modifications to
critical registers that disrupt the PCIe functionality. It target ...
Show More |
|||||
| CVE-2024-57891 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
sched_ext: Fix invalid irq restore in scx_ops_bypass()
While adding outer irqsave/restore locking, 0e7ffff1b811 ("scx: Fix raciness
in scx_ops_bypass()") forgot to convert an inner rq_unlock_irqrestore() to
rq_unlock() which could re-enable IRQ prematurely leading to the following
warning:
raw_local_irq_restore() called with IRQs enabled
WARNING: CPU: 1 PID: 96 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0 ...
Show More |
|||||
| CVE-2024-57805 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP
The linkDMA should not be released on stop trigger since a stream re-start
might happen without closing of the stream. This leaves a short time for
other streams to 'steal' the linkDMA since it has been released.
This issue is not easy to reproduce under normal conditions as usually
after stop the stream is closed, or the same stream is restarted, but if
another s ...
Show More |
|||||
| CVE-2024-57804 | 1 Linux | 1 Linux Kernel | 2025-10-17 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
The driver, through the SAS transport, exposes a sysfs interface to
enable/disable PHYs in a controller/expander setup. When multiple PHYs
are disabled and enabled in rapid succession, the persistent and current
config pages related to SAS IO unit/SAS Expander pages could get
corrupted.
Use separate memory for each config request.
|
|||||
| CVE-2025-43280 | 1 Apple | 2 Ipados, Iphone Os | 2025-10-16 | N/A | 4.7 MEDIUM |
|
The issue was resolved by not loading remote images This issue is fixed in iOS 18.6 and iPadOS 18.6. Forwarding an email could display remote images in Mail in Lockdown Mode.
|
|||||
| CVE-2024-57918 | 1 Linux | 1 Linux Kernel | 2025-10-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: fix page fault due to max surface definition mismatch
DC driver is using two different values to define the maximum number of
surfaces: MAX_SURFACES and MAX_SURFACE_NUM. Consolidate MAX_SURFACES as
the unique definition for surface updates across DC.
It fixes page fault faced by Cosmic users on AMD display versions that
support two overlay planes, since the introduction of cursor overlay
mode.
[Nov26 21:33] ...
Show More |
|||||
| CVE-2025-23242 | 2 Linux, Nvidia | 2 Linux Kernel, Riva | 2025-10-16 | N/A | 7.3 HIGH |
|
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure.
|
|||||
| CVE-2025-23243 | 2 Linux, Nvidia | 2 Linux Kernel, Riva | 2025-10-16 | N/A | 6.5 MEDIUM |
|
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service.
|
|||||
| CVE-2025-21643 | 1 Linux | 1 Linux Kernel | 2025-10-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix kernel async DIO
Netfslib needs to be able to handle kernel-initiated asynchronous DIO that
is supplied with a bio_vec[] array. Currently, because of the async flag,
this gets passed to netfs_extract_user_iter() which throws a warning and
fails because it only handles IOVEC and UBUF iterators. This can be
triggered through a combination of cifs and a loopback blockdev with
something like:
mount //my/cifs/ ...
Show More |
|||||
| CVE-2024-57800 | 1 Linux | 1 Linux Kernel | 2025-10-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
ALSA: memalloc: prefer dma_mapping_error() over explicit address checking
With CONFIG_DMA_API_DEBUG enabled, the following warning is observed:
DMA-API: snd_hda_intel 0000:03:00.1: device driver failed to check map error[device address=0x00000000ffff0000] [size=20480 bytes] [mapped as single]
WARNING: CPU: 28 PID: 2255 at kernel/dma/debug.c:1036 check_unmap+0x1408/0x2430
CPU: 28 UID: 42 PID: 2255 Comm: wireplumber Tainted: G ...
Show More |
|||||
| CVE-2024-54455 | 1 Linux | 1 Linux Kernel | 2025-10-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
accel/ivpu: Fix general protection fault in ivpu_bo_list()
Check if ctx is not NULL before accessing its fields.
|
|||||
| CVE-2024-55639 | 1 Linux | 1 Linux Kernel | 2025-10-16 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
net: renesas: rswitch: avoid use-after-put for a device tree node
The device tree node saved in the rswitch_device structure is used at
several driver locations. So passing this node to of_node_put() after
the first use is wrong.
Move of_node_put() for this node to exit paths.
|
|||||
| CVE-2025-54654 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 6.2 MEDIUM |
|
Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality
|
|||||
| CVE-2025-58282 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 2.8 LOW |
|
Permission control vulnerability in the camera module. Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2025-58283 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 5.5 MEDIUM |
|
Permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2025-58284 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 5.9 MEDIUM |
|
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2025-58285 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 5.3 MEDIUM |
|
Permission control vulnerability in the media module. Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2025-58286 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 3.3 LOW |
|
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2025-58288 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 5.5 MEDIUM |
|
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.
|
|||||
| CVE-2025-58290 | 1 Huawei | 1 Harmonyos | 2025-10-16 | N/A | 3.3 LOW |
|
Denial of service (DoS) vulnerability in the office service. Successful exploitation of this vulnerability may affect availability.
|
|||||