Latest CVE Feed
-
0.0
NACVE-2023-54262
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5e_clone_flow_attr_for_post_act(). Creating another copy in mlx5e_tc_... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54239
In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARN_ONs, particularly from pin_user_pages weirdly returning 0 due... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Denial of Service
-
0.0
NACVE-2023-54236
In the Linux kernel, the following vulnerability has been resolved: net/net_failover: fix txq exceeding warning The failover txq is inited as 16 queues. when a packet is transmitted from the failover device firstly, the failover device will select the q... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Misconfiguration
-
7.5
HIGHCVE-2022-50800
H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the login_submit.cgi endpoint and analyze response messages to dis... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Authentication
-
0.0
NACVE-2023-54241
In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 ("MIPS: Remove KVM_TE support") we get a NULL pointer dereference when creating a KVM guest: [ 146.243409... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54229
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only phy for which the BDF does not allow the 7115Mhz channel w... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2023-54305
In the Linux kernel, the following vulnerability has been resolved: ext4: refuse to create ea block when umounted The ea block expansion need to access s_root while it is already set as NULL when umount is triggered. Refuse this request to avoid panic.... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54282
In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUG_ON with a regular error BUG_ON is unnecessary here, and in addition it confuses smatch. Replacing this with an error return help resolve this smatch w... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54261
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqd_stride function was introduced in commit 2f77b9a242a2 ("drm/amdkfd: Update MQD management on multi XCC setup") but not assigned f... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
-
0.0
NACVE-2023-54280
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCP_Server_Info::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an u... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-54264
In the Linux kernel, the following vulnerability has been resolved: fs/sysv: Null check to prevent null-ptr-deref bug sb_getblk(inode->i_sb, parent) return a null ptr and taking lock on that leads to the null-ptr-deref bug.... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
5.1
MEDIUMCVE-2022-50801
JM-DATA ONU JF511-TV version 1.0.67 is vulnerable to authenticated stored cross-site scripting (XSS) attacks, allowing attackers with authenticated access to inject malicious scripts that will be executed in other users' browsers when they view the affect... Read more
Affected Products :- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2023-54326
In the Linux kernel, the following vulnerability has been resolved: misc: pci_endpoint_test: Free IRQs before removing the device In pci_endpoint_test_remove(), freeing the IRQs after removing the device creates a small race window for IRQs to be receiv... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-54323
In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxl_pci; modprobe -r cxl_pci; done ...fails with the following crash signature: BUG: kerne... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Race Condition
-
0.0
NACVE-2023-54321
In the Linux kernel, the following vulnerability has been resolved: driver core: fix potential null-ptr-deref in device_add() I got the following null-ptr-deref report while doing fault injection test: BUG: kernel NULL pointer dereference, address: 000... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54295
In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type spi_nor_set_erase_type() was used either to set or to mask out an erase type. When we used it to mask out an erase type a... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54267
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT lppaca_shared_proc() takes a pointer to the lppaca which is typically accessed through get_lppaca(). With DEBUG_PREE... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2023-54266
In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small ... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54249
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. ... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption
-
0.0
NACVE-2023-54253
In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after read_folio in relocate_one_page One of the CI runs triggered the following panic assertion failed: PagePrivate(page) && page->private, in fs/btrfs... Read more
Affected Products : linux_kernel- Published: Dec. 30, 2025
- Modified: Dec. 31, 2025
- Vuln Type: Memory Corruption