CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2022-50209 In the Linux kernel, the following vulnerability has been resolved: meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init of_find_matching_node() returns a node pointer with refcount incremen... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50210 In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected, c... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50211 In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in raid10_remove_disk when running the lvm test lvconvert-raid-reshape.sh. We... | 7.1 | HIGH | — | 0 |
| CVE-2022-50212 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow CHAIN_ID to refer to another table When doing lookups for chains on the same batch by using its... | 7.8 | HIGH | — | 0 |
| CVE-2022-50213 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not allow SET_ID to refer to another table When doing lookups for sets on the same batch by using its ID,... | 7.8 | HIGH | — | 0 |
| CVE-2022-50214 In the Linux kernel, the following vulnerability has been resolved: coresight: Clear the connection field properly coresight devices track their connections (output connections) and hold a reference... | 7.8 | HIGH | — | 0 |
| CVE-2022-50215 In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50217 In the Linux kernel, the following vulnerability has been resolved: fuse: write inode in fuse_release() A race between write(2) and close(2) allows pages to be dirtied after fuse_flush -> write_inod... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50218 In the Linux kernel, the following vulnerability has been resolved: iio: light: isl29028: Fix the warning in isl29028_remove() The driver use the non-managed form of the register function in isl2902... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50219 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in compute_effective_progs Syzbot found a Use After Free bug in compute_effective_progs(). The ... | 7.8 | HIGH | — | 0 |
| CVE-2022-50220 In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix linkwatch use-after-free on disconnect usbnet uses the work usbnet_deferred_kevent() to perform tasks which may sleep.... | 7.8 | HIGH | — | 0 |
| CVE-2022-50221 In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/... | 7.1 | HIGH | — | 0 |
| CVE-2022-50222 In the Linux kernel, the following vulnerability has been resolved: tty: vt: initialize unicode screen buffer syzbot reports kernel infoleak at vcs_read() [1], for buffer can be read immediately aft... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50225 In the Linux kernel, the following vulnerability has been resolved: riscv:uprobe fix SR_SPIE set/clear handling In riscv the process of uprobe going to clear spie before exec the origin insn,and set... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50226 In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passe... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50227 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvm_xen... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50228 In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt injection due to GIF being cleared, s... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50229 In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in snd_card_register() at probe time, it will free... | 7.8 | HIGH | — | 0 |
| CVE-2022-50230 In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables [ This issue was fixed upstream by accident in c3cee924bd85 ("arm64: head: cover entire ke... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-50231 In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/poly1305 - fix a read out-of-bound A kasan error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neo... | 7.1 | HIGH | — | 0 |
| CVE-2022-50232 In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables [ This issue was fixed upstream by accident in c3cee924bd85 ("arm64: head: cover entire ke... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-4820 Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenti... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-4821 Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenti... | 7.5 | HIGH | — | 0 |
| CVE-2025-69371 Deserialization of Untrusted Data vulnerability in AncoraThemes KindlyCare kindlycare allows Object Injection.This issue affects KindlyCare: from n/a through <= 1.6.1. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-20260 A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbi... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34041 An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint Detection and Response (EDR) management platform versions 3.2.16, 3.2.17, and 3.2.19. The vulnerability allows ... | N/A | NONE | — | 0 |
| CVE-2025-6264 Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dan... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-45331 brplot v420.69.1 contains a Null Pointer Dereference (NPD) vulnerability in the br_dagens_handle_once function of its data processing module, leading to unpredictable program behavior, causing segment... | 7.5 | HIGH | — | 0 |
| CVE-2025-6352 A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation ... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-34029 An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command int... | 8.8 | HIGH | — | 0 |
| CVE-2025-25034 A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php... | N/A | NONE | — | 0 |
| CVE-2025-34021 A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR camera models, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 ... | N/A | NONE | — | 0 |
| CVE-2025-34022 A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras, including iZero, Targa 512, Targa 504, Targa Semplice, Targa 704 TKM, Targa 805, Targa 710 INOX, Targa 750,... | N/A | NONE | — | 0 |
| CVE-2025-34023 A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing rem... | N/A | NONE | — | 0 |
| CVE-2025-34024 An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the... | 8.8 | HIGH | — | 0 |
| CVE-2025-2962 A denial-of-service issue in the dns implemenation could cause an infinite loop. | 7.5 | HIGH | — | 0 |
| CVE-2025-47820 Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. | 2.0 | LOW | — | 0 |
| CVE-2025-52936 Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2. | N/A | NONE | — | 0 |
| CVE-2025-69372 Deserialization of Untrusted Data vulnerability in AncoraThemes SevenHills sevenhills allows Object Injection.This issue affects SevenHills: from n/a through <= 1.6.2. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34031 A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the query parameter in jsmol.php. The script directly passes user input to the file_get_contents() functio... | 7.5 | HIGH | — | 0 |
| CVE-2025-34032 A reflected cross-site scripting (XSS) vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the data parameter in jsmol.php. The application fails to properly sanitize user inp... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-34033 An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping_addr parameter in the webctrl.cgi script. The application fails to properly... | 8.8 | HIGH | — | 0 |
| CVE-2025-34034 A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded Linux systems. The application contains multiple known default and hardcoded user accounts that are no... | 8.8 | HIGH | — | 0 |
| CVE-2025-34035 An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34036 An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface... | 9.8 | CRITICAL | — | 0 |
| CVE-2009-1316 Multiple SQL injection vulnerabilities in AbleSpace 1.0 allow remote attackers to execute arbitrary SQL commands via the (1) eid parameter to events_view.php and the (2) id parameter to events_clndr_v... | N/A | NONE | — | 0 |
| CVE-2009-1317 Multiple SQL injection vulnerabilities in Aqua CMS 1.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) userSID cookie parameter to droplets/fun... | N/A | NONE | — | 0 |
| CVE-2009-1318 Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory t... | N/A | NONE | — | 0 |
| CVE-2009-1319 Directory traversal vulnerability in includes/ini.inc.php in GuestCal 2.1 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the lang parameter to index.php. | N/A | NONE | — | 0 |
| CVE-2025-38179 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma() This fixes the following problem: [ 749.901015] [ T8673] run... | 7.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.