Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2025-21668 In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: add missing loop break condition Currently imx8mp_blk_ctrl_remove() will continue the for loop until an... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21669 In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we mus... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21671 In the Linux kernel, the following vulnerability has been resolved: zram: fix potential UAF of zram table If zram_meta_alloc failed early, it frees allocated zram->table without setting it NULL. Wh... | 7.8 | HIGH | — | 0 |
| CVE-2025-21675 In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Clear port select structure when fail to create Clear the port select structure on error so no stale values left after d... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21678 In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtp_newlink() links the device to a list in dev_net(dev) instead of s... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21680 In the Linux kernel, the following vulnerability has been resolved: pktgen: Avoid out-of-bounds access in get_imix_entries Passing a sufficient amount of imix entries leads to invalid access to the ... | 7.8 | HIGH | — | 0 |
| CVE-2025-21681 In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to unregistering netdev with carrier Commit in a fixes tag attempted to fix the issue in the followi... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21683 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpf_sk_select_reuseport() memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLIS... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-0938 The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant... | N/A | NONE | — | 0 |
| CVE-2025-0967 A vulnerability was found in code-projects Chat System 1.0 and classified as critical. This issue affects some unknown processing of the file /user/add_chatroom.php. The manipulation of the argument c... | 6.3 | MEDIUM | — | 0 |
| CVE-2022-49545 In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At closing a USB MIDI output substream, there might be still a pe... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49546 In the Linux kernel, the following vulnerability has been resolved: x86/kexec: fix memory leak of elf header buffer This is reported by kmemleak detector: unreferenced object 0xffffc900002a9000 (si... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49552 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix combination of jit blinding and pointers to bpf subprogs. The combination of jit blinding and pointers to bpf subprogs ca... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49553 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectors_per_clusters When the NTFS BOOT sectors_per_clusters field is > 0x80, it represents a shift value.... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49554 In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage... | 4.7 | MEDIUM | — | 0 |
| CVE-2022-49555 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, which usu... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49557 In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave) Set the starting uABI size of KVM's guest FPU to 'struc... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49558 In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: double hook unregistration in netns path __nft_release_hooks() is called from pre_netns exit path which unre... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49559 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Drop WARNs that assert a triple fault never "escapes" from L2 Remove WARNs that sanity check that KVM never lets a tripl... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49561 In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: re-fetch conntrack after insertion In case the conntrack is clashing, insertion can free skb->_nfct and set ... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49605 In the Linux kernel, the following vulnerability has been resolved: igc: Reinstate IGC_REMOVED logic and implement it properly The initially merged version of the igc driver code (via commit 146740f... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49562 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits Use the recently introduced __try_cmpxchg_user() to update guest P... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49565 In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. [ 7763.384369] unchecked MSR acces... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49581 In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in be_get_module_eeprom be_cmd_read_port_transceiver_data assumes that it is given a buffer that is at... | 7.8 | HIGH | — | 0 |
| CVE-2022-49584 In the Linux kernel, the following vulnerability has been resolved: ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero It is possible to disable VFs while the PF driver is process... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49592 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is > 4, left shift overflows due to 32 bits integer variabl... | 7.8 | HIGH | — | 0 |
| CVE-2026-22390 Improper Control of Generation of Code ('Code Injection') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Code Injection.This issue affects Builderall Bui... | 9.9 | CRITICAL | — | 0 |
| CVE-2022-49606 In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix sleep from invalid context BUG Taking the qos_mutex to process RoCEv2 QP's on netdev events causes a kernel splat.... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49610 In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPEC_CTRL valu... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49611 In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of commen... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49612 In the Linux kernel, the following vulnerability has been resolved: power: supply: core: Fix boundary conditions in interpolation The functions power_supply_temp2resist_simple and power_supply_ocv2c... | 7.8 | HIGH | — | 0 |
| CVE-2025-68841 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themepul TopperPack – Complete Elementor Addons, Theme & CPT Builder topper... | 7.5 | HIGH | — | 0 |
| CVE-2022-49616 In the Linux kernel, the following vulnerability has been resolved: ASoC: rt7*-sdw: harden jack_detect_handler Realtek headset codec drivers typically check if the card is instantiated before procee... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49617 In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof_sdw: handle errors on card registration If the card registration fails, typically because of deferred probes, the... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49624 In the Linux kernel, the following vulnerability has been resolved: net: atlantic: remove aq_nic_deinit() when resume aq_nic_deinit() has been called while suspending, so we don't have to call it ag... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49625 In the Linux kernel, the following vulnerability has been resolved: sfc: fix kernel panic when creating VF When creating VFs a kernel panic can happen when calling to efx_ef10_try_update_nic_stats_v... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49628 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix leaks in probe These two error paths should clean up before returning. | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49635 In the Linux kernel, the following vulnerability has been resolved: drm/i915/selftests: fix subtraction overflow bug On some machines hole_end can be small enough to cause subtraction overflow. On t... | 7.8 | HIGH | — | 0 |
| CVE-2022-49642 In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for T... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49645 In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix shrinker list corruption by madvise IOCTL Calling madvise IOCTL twice on BO causes memory shrinker list corrupti... | 7.8 | HIGH | — | 0 |
| CVE-2022-49646 In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-57976 In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when cow_file_range() failed [BUG] When testing with COW fixup marked as BUG_ON() (this is involved... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49650 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: fix runtime PM underflow Commit dbad41e7bb5f ("dmaengine: qcom: bam_dma: check if the runtime pm enabled... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49654 In the Linux kernel, the following vulnerability has been resolved: net: dsa: qca8k: reset cpu port on MTU change It was discovered that the Documentation lacks of a fundamental detail on how to cor... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49655 In the Linux kernel, the following vulnerability has been resolved: fscache: Fix invalidation/lookup race If an NFS file is opened for writing and closed, fscache_invalidate() will be asked to inval... | 4.7 | MEDIUM | — | 0 |
| CVE-2022-49658 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals Kuee reported a corner case where the tnum becomes consta... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-57977 In the Linux kernel, the following vulnerability has been resolved: memcg: fix soft lockup in the OOM process A soft lockup issue was found in the product with about 56,000 tasks were in the OOM cgr... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49659 In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits In commit 1be37d3b0414 ("can: m_can: fix periph RX ... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49661 In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_open/close(): fix memory leak The gs_usb driver appears to suffer from a malady common to many USB CAN adapter... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49662 In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6_dump_addrs() As reported by syzbot, we should not use rcu_dereference() when rcu_read_lock() is not... | 5.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.