Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2023-53009 In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add sync after creating vram bo There will be data corruption on vram allocated by svm if the initialization is not co... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49747 In the Linux kernel, the following vulnerability has been resolved: erofs/zmap.c: Fix incorrect offset calculation Effective offset to add to length was being incorrectly calculated, which resulted ... | 5.5 | MEDIUM | — | 0 |
| CVE-2022-49760 In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlb_change_protection() Patch series "mm/hugetlb: uffd-wp fixes for hugetlb_change_prot... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52928 In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrack_insn The verifier skips invalid kfunc call in check_kfunc_call(), which would be capture... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52929 In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix cleanup after dev_set_name() If dev_set_name() fails, we leak nvmem->wp_gpio as the cleanup does not put this. Wh... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-10087 Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS (Cross-site Scripting) attacks. An attacker might craft a link containing a malicious script, which then gets di... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-52933 In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattr_ids count A Sysbot [1] corrupted filesystem exposes two flaws in the handling ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52934 In the Linux kernel, the following vulnerability has been resolved: mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups In commit 34488399fa08 ("mm/madvise: add file and shmem support to MADV_COLLA... | 4.7 | MEDIUM | — | 0 |
| CVE-2023-52940 In the Linux kernel, the following vulnerability has been resolved: mm: multi-gen LRU: fix crash during cgroup migration lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. This isn... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52941 In the Linux kernel, the following vulnerability has been resolved: can: isotp: split tx timer into transmission and timeout The timer for the transmission of isotp PDUs formerly had two functions: ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53031 In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNING with CONFIG_DEBUG_ATOMIC_SLEEP ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52942 In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask() It was found that the check to see if a partition could use up ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52980 In the Linux kernel, the following vulnerability has been resolved: block: ublk: extending queue_size to fix overflow When validating drafted SPDK ublk target, in a case that assigning large queue d... | 7.8 | HIGH | — | 0 |
| CVE-2023-52981 In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52982 In the Linux kernel, the following vulnerability has been resolved: fscache: Use wait_on_bit() to wait for the freeing of relinquished volume The freeing of relinquished volume will wake up the pend... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52985 In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fec driver t... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52987 In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write() The "id" comes from the user. Change the type to ... | 7.8 | HIGH | — | 0 |
| CVE-2023-52992 In the Linux kernel, the following vulnerability has been resolved: bpf: Skip task with pid=1 in send_signal_common() The following kernel panic can be triggered when a task with pid=1 attaches a pr... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52995 In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: Fix instruction simulation of JALR Set kprobe at 'jalr 1140(ra)' of vfs_write results in the following crash: [ 3... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52996 In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in fib_metrics_match() if (!type) continue; if (type > RTAX_MAX) ret... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-52997 In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() if (!type) continue; if (type > RTAX_MAX) return -EINVAL; ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53000 In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from __nla_validate_parse() or vali... | 7.8 | HIGH | — | 0 |
| CVE-2023-53004 In the Linux kernel, the following vulnerability has been resolved: ovl: fix tmpfile leak Missed an error cleanup. | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53006 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server->smbd_conn in reconnect In smbd_destroy(), clear the server->smbd_conn pointer after freein... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53007 In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure trace_printk() can output as soon as it can be used Currently trace_printk() can be used as soon as early_trace... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-31162 Floating point exception in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via get_slope function. | 6.6 | MEDIUM | — | 0 |
| CVE-2023-53010 In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53012 In the Linux kernel, the following vulnerability has been resolved: thermal: core: call put_device() only after device_register() fails put_device() shouldn't be called before a prior call to device... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53019 In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bounds... | 7.8 | HIGH | — | 0 |
| CVE-2023-53029 In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt The commit 4af1b64f80fb ("octeontx2-pf: Fix lmtst ID used in aura ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53030 In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Avoid use of GFP_KERNEL in atomic context Using GFP_KERNEL in preemption disable context, causing below warning when... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-31163 Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via put_patternarc function. | 6.6 | MEDIUM | — | 0 |
| CVE-2023-53032 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. When first_ip is 0, last_ip is 0xFFFFFFFF, and net... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-53033 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-12905 An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a malici... | 7.5 | HIGH | — | 0 |
| CVE-2025-30211 Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. I... | 7.5 | HIGH | — | 0 |
| CVE-2025-2915 A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_s... | 3.3 | LOW | — | 0 |
| CVE-2025-1217 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are p... | 3.1 | LOW | — | 0 |
| CVE-2025-1219 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when requesting a HTTP resource using the DOM or SimpleXML extensions, the wrong content-t... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-1734 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server, the headers missing a colon (:) are treated as va... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-1736 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line charac... | 7.3 | HIGH | — | 0 |
| CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-2975 A vulnerability was found in GFI KerioConnect 10.0.6 and classified as problematic. This issue affects some unknown processing of the file Settings/Email/Signature/EditHtmlSource of the component Sign... | 3.5 | LOW | — | 0 |
| CVE-2025-2976 A vulnerability was found in GFI KerioConnect 10.0.6. It has been classified as problematic. Affected is an unknown function of the component File Upload. The manipulation leads to cross site scriptin... | 3.5 | LOW | — | 0 |
| CVE-2025-2977 A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulatio... | 3.5 | LOW | — | 0 |
| CVE-2025-27095 JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes sessio... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-2794 An unsafe reflection vulnerability in Kentico Xperience allows an unauthenticated attacker to kill the current process, leading to a Denial-of-Service condition. This issue affects Xperience: thro... | N/A | NONE | — | 0 |
| CVE-2009-1276 XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windo... | N/A | NONE | — | 0 |
| CVE-2009-1277 SQL injection vulnerability in index.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to execute arbitrary SQL commands via the member_id parameter in a viewprofile action. NOTE: the boa... | N/A | NONE | — | 0 |
| CVE-2009-1278 Static code injection vulnerability in forms/ajax/configure.php in Gravity Board X (GBX) 2.0 BETA allows remote attackers to inject arbitrary PHP code into config.php via the configure action to index... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.