Latest CVE Feed
-
0.0
NACVE-2023-53703
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds... Read more
Affected Products : linux_kernel- Published: Oct. 22, 2025
- Modified: Oct. 22, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53693
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw... Read more
Affected Products : linux_kernel- Published: Oct. 22, 2025
- Modified: Oct. 22, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40106
In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedi_buf_munge() The comedi_buf_munge() function performs a modulo operation `async->munge_chan %= async->cmd.chanlist_len` without first checking if cha... Read more
Affected Products : linux_kernel- Published: Oct. 31, 2025
- Modified: Nov. 04, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-40081
In the Linux kernel, the following vulnerability has been resolved: perf: arm_spe: Prevent overflow in PERF_IDX2OFF() Cast nr_pages to unsigned long to avoid overflow when handling large AUX buffer sizes (>= 2 GiB).... Read more
Affected Products : linux_kernel- Published: Oct. 28, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40082
In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 ... Read more
Affected Products : linux_kernel- Published: Oct. 28, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-63638
Sourcecodester AI-Powered To-Do List App v1.0 is vulnerable to Cross-Site Scripting (XSS) in the "Task Title" and "Description (Optional)" fields when creating a Task, allowing an attacker to inject arbitrary potentially malicious HTML/JavaScript code tha... Read more
Affected Products :- Published: Nov. 07, 2025
- Modified: Nov. 07, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-63639
The chat feature in the application Sourcecodester FAQ Bot with AI Assistant v1.0 is vulnerable to Cross-Site Scripting (XSS) due to improper handling of user-supplied input. An attacker can inject malicious HTML or JavaScript into chat messages, which ex... Read more
Affected Products :- Published: Nov. 07, 2025
- Modified: Nov. 07, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-40027
In the Linux kernel, the following vulnerability has been resolved: net/9p: fix double req put in p9_fd_cancelled Syzkaller reports a KASAN issue as below: general protection fault, probably for non-canonical address 0xfbd59c0000000021: 0000 [#1] PREEM... Read more
Affected Products : linux_kernel- Published: Oct. 28, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-40028
In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc->dmap. In that case, dbitmap_grow() fails and frees the old bitmap via db... Read more
Affected Products : linux_kernel- Published: Oct. 28, 2025
- Modified: Oct. 30, 2025
- Vuln Type: Memory Corruption