Latest CVE Feed
-
0.0
NACVE-2022-50670
In the Linux kernel, the following vulnerability has been resolved: mmc: omap_hsmmc: fix return value check of mmc_add_host() mmc_add_host() may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmc_al... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53843
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) refactored the handling of pre-assigned ifindexes and let ... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2022-50679
In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reproduction: while : do for ((i=0; i<=8160; i=i+32)) do ethtoo... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53836
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the sk_psock_backlog can be referenced after userspace side has already skb_consumed() the sk_bu... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2022-50643
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_copy_file_range() If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked.... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
-
0.0
NACVE-2022-50642
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: zero out stale pointers `cros_typec_get_switch_handles` allocates four pointers when obtaining type-c switch handles. These pointers are all freed if fai... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2022-50641
In the Linux kernel, the following vulnerability has been resolved: HSI: omap_ssi: Fix refcount leak in ssi_probe When returning or breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
-
0.0
NACVE-2023-53814
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix dropping valid root bus resources with .end = zero On r8a7791/koelsch: kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak) # cat /sys/kernel/debug/kmem... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-53809
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register() When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-53807
In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clk_wzrd_register_divider() Smatch detected this potential error pointer dereference clk_wzrd_register_divider(). If devm_clk_hw_register() fails then... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
10.0
CRITICALCVE-2025-14308
An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length of data being written, allowing attackers to cause an overflow, potentially leading to buffer ov... Read more
Affected Products : robocode- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-40337
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Correctly handle Rx checksum offload errors The stmmac_rx function would previously set skb->ip_summed to CHECKSUM_UNNECESSARY if hardware checksum offload (CoE) was enable... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-40330
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Shutdown FW DMA in bnxt_shutdown() The netif_close() call in bnxt_shutdown() only stops packet DMA. There may be FW DMA for trace logging (recently added) that will continue. ... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Memory Corruption
-
4.4
MEDIUMCVE-2025-63058
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Hiroaki Miyashita Custom Field Template custom-field-template allows Retrieve Embedded Sensitive Data.This issue affects Custom Field Template: from n/a through <=... Read more
Affected Products : custom_field_template- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Information Disclosure
-
6.5
MEDIUMCVE-2025-63066
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto Theme - Functionality porto-functionality allows Stored XSS.This issue affects Porto Theme - Functionality: from n/a through <= 3.6.2.... Read more
Affected Products :- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2025-40331
In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctp_diag_dump() -> sctp_for_each_endpoint() -> sctp_ep_dump() make sure not to exceed bou... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2025-40333
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix infinite loop in __insert_extent_tree() When we get wrong extent info data, and look up extent_node in rb tree, it will cause infinite loop (CONFIG_F2FS_CHECK_FS=n). Avoiding ... Read more
Affected Products : linux_kernel- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Denial of Service
-
5.3
MEDIUMCVE-2025-63071
Insertion of Sensitive Information Into Sent Data vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Retrieve Embedded Sensitive Data.This issue affects Shortcodes and extra features for Phlox theme: from n/a throu... Read more
Affected Products : shortcodes_and_extra_features_for_phlox_theme- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-66533
Improper Control of Generation of Code ('Code Injection') vulnerability in StellarWP GiveWP give allows Code Injection.This issue affects GiveWP: from n/a through <= 4.13.1.... Read more
Affected Products : givewp- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Injection
-
7.1
HIGHCVE-2025-42876
Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all c... Read more
Affected Products :- Published: Dec. 09, 2025
- Modified: Dec. 09, 2025
- Vuln Type: Authorization