CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2024-9180 A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s privileges to Vault’s root policy. Fixed in Vault Community Edit... | 7.2 | HIGH | — | 0 |
| CVE-2016-15040 The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_geo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user supplie... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-34604 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2023-53273 In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel() assumes vmbus channel array to be allocated ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53274 In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183, ... | 7.8 | HIGH | — | 0 |
| CVE-2023-53275 In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() The variable codec->regmap is often ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53276 In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename alloca... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-48507 The security state of the calling processor into Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the a... | N/A | NONE | — | 0 |
| CVE-2025-34694 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2023-53277 In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_w... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53278 In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifs_sysfs_init() When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff88817... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53279 In the Linux kernel, the following vulnerability has been resolved: misc: vmw_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53280 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53295 In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we stil... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53281 In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix dea... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53282 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-f... | 7.8 | HIGH | — | 0 |
| CVE-2023-53284 In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() Because of the possilble failure of devm_kzalloc(), d... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53285 In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in get_max_inline_xattr_value_size() Normally the extended attributes in the inode body would have been ... | 7.8 | HIGH | — | 0 |
| CVE-2025-34695 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2025-34696 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2023-53286 In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruc... | 7.8 | HIGH | — | 0 |
| CVE-2023-53287 In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cann... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53288 In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_modeset_probe When a new mode is set to modeset->mode, the previous mode should be freed... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53289 In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for create_workqueue Add the check for the return value of the create_workqueue in order to avoid ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53290 In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's run_bpf_prog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branc... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53296 In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after wait_for_sndbuf This patch fixes a corner case where the asoc out stream count may change aft... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53297 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, i... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53298 In the Linux kernel, the following vulnerability has been resolved: nfc: fix memory leak of se_io context in nfc_genl_se_io The callback context for sending/receiving APDUs to/from the selected secu... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53299 In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and repla... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-9549 Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-53300 In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fix memleak in hi846_init_controls() hi846_init_controls doesn't clean the allocated ctrl_hdlr in case there is a fa... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53302 In the Linux kernel, the following vulnerability has been resolved: wifi: iwl4965: Add missing check for create_singlethread_workqueue() Add the check for the return value of the create_singlethread... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53303 In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule() Inject fault When select CONFIG_VCAP_KUNIT_TEST, the below ... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-39807 In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add error handling for old state CRTC in atomic_disable Introduce error handling to address an issue where, after a ... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-34697 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2025-39809 In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-quicki2c: Fix ACPI dsd ICRS/ISUB length The QuickI2C ACPI _DSD methods return ICRS and ISUB data with a ... | 7.8 | HIGH | — | 0 |
| CVE-2025-39810 In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix memory corruption when FW resources change during ifdown bnxt_set_dflt_rings() assumes that it is always called befor... | 7.8 | HIGH | — | 0 |
| CVE-2025-39811 In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: Clear the scratch_pt pointer on error Avoid triggering a dereference of an error pointer on cleanup in xe_vm_free_scrat... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-39814 In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset when the driver is loaded without RDMA support,... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-39815 In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We wa... | 5.5 | MEDIUM | — | 0 |
| CVE-2008-6943 Unrestricted file upload vulnerability in ScriptsFeed Recipes Listing Portal allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a recipe ph... | N/A | NONE | — | 0 |
| CVE-2025-10554 A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute ar... | 8.7 | HIGH | — | 0 |
| CVE-2025-39818 In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save Improper use of secondary pointer (&dev->i2c_subi... | 7.8 | HIGH | — | 0 |
| CVE-2025-39820 In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add a null ptr check for dpu_encoder_needs_modeset The drm_atomic_get_new_connector_state() can return NULL if the co... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-39821 In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu->start()/stop() on perf events in PERF_EVENT_STA... | 7.8 | HIGH | — | 0 |
| CVE-2025-34698 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2025-39822 In the Linux kernel, the following vulnerability has been resolved: io_uring/kbuf: fix signedness in this_len calculation When importing and using buffers, buf->len is considered unsigned. However, ... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-56401 ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName. | 7.6 | HIGH | — | 0 |
| CVE-2025-34699 Rejected reason: This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure. | N/A | NONE | — | 0 |
| CVE-2025-39829 In the Linux kernel, the following vulnerability has been resolved: trace/fgraph: Fix the warning caused by missing unregister notifier This warning was triggered during testing on v6.16: notifier ... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.