[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 27 20:12:48 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8e7613d9 by security tracker role at 2025-03-27T20:12:40+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,501 +1,929 @@
-CVE-2023-53033 [netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits]
+CVE-2025-31181 (A flaw was found in gnuplot. The X11_graphics() function may lead to a ...)
+ TODO: check
+CVE-2025-31180 (A flaw was found in gnuplot. The CANVAS_text() function may lead to a ...)
+ TODO: check
+CVE-2025-31179 (A flaw was found in gnuplot. The xstrftime() function may lead to a se ...)
+ TODO: check
+CVE-2025-31178 (A flaw was found in gnuplot. The GetAnnotateString() function may lead ...)
+ TODO: check
+CVE-2025-31176 (A flaw was found in gnuplot. The plot3d_points() function may lead to ...)
+ TODO: check
+CVE-2025-31141 (In JetBrains TeamCity before 2025.03 exception could lead to credentia ...)
+ TODO: check
+CVE-2025-31140 (In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud ...)
+ TODO: check
+CVE-2025-31139 (In JetBrains TeamCity before 2025.03 base64 encoded password could be ...)
+ TODO: check
+CVE-2025-30925 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30923 (Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Mes ...)
+ TODO: check
+CVE-2025-30922 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30921 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30920 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30919 (Cross-Site Request Forgery (CSRF) vulnerability in Store Locator Widge ...)
+ TODO: check
+CVE-2025-30918 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30914 (Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metfor ...)
+ TODO: check
+CVE-2025-30912 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float m ...)
+ TODO: check
+CVE-2025-30909 (Missing Authorization vulnerability in Conversios Conversios.io allows ...)
+ TODO: check
+CVE-2025-30907 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30903 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30900 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30899 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30898 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30897 (Missing Authorization vulnerability in Adnan Analytify allows Exploiti ...)
+ TODO: check
+CVE-2025-30896 (Missing Authorization vulnerability in weDevs WP ERP allows Exploiting ...)
+ TODO: check
+CVE-2025-30895 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2025-30894 (Missing Authorization vulnerability in Epsiloncool WP Fast Total Searc ...)
+ TODO: check
+CVE-2025-30893 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30891 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30890 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30888 (Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Cu ...)
+ TODO: check
+CVE-2025-30887 (Missing Authorization vulnerability in magepeopleteam WpEvently allows ...)
+ TODO: check
+CVE-2025-30885 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in B ...)
+ TODO: check
+CVE-2025-30884 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in B ...)
+ TODO: check
+CVE-2025-30883 (Missing Authorization vulnerability in richplugins Trust.Reviews allow ...)
+ TODO: check
+CVE-2025-30881 (Missing Authorization vulnerability in ThemeHunk Big Store allows Expl ...)
+ TODO: check
+CVE-2025-30879 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30877 (Missing Authorization vulnerability in fatcatapps Quiz Cat allows Expl ...)
+ TODO: check
+CVE-2025-30874 (Missing Authorization vulnerability in Jose Specific Content For Mobil ...)
+ TODO: check
+CVE-2025-30873 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30872 (Cross-Site Request Forgery (CSRF) vulnerability in Nitin Prakash Produ ...)
+ TODO: check
+CVE-2025-30871 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30868 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30867 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30866 (Missing Authorization vulnerability in Giannis Kipouros Terms & Condit ...)
+ TODO: check
+CVE-2025-30865 (Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lit ...)
+ TODO: check
+CVE-2025-30864 (Missing Authorization vulnerability in falselight Exchange Rates allow ...)
+ TODO: check
+CVE-2025-30863 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integrati ...)
+ TODO: check
+CVE-2025-30862 (Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPT ...)
+ TODO: check
+CVE-2025-30861 (Missing Authorization vulnerability in Rustaurius Five Star Restaurant ...)
+ TODO: check
+CVE-2025-30860 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30859 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in a ...)
+ TODO: check
+CVE-2025-30857 (Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Curren ...)
+ TODO: check
+CVE-2025-30856 (Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom ...)
+ TODO: check
+CVE-2025-30854 (Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes G ...)
+ TODO: check
+CVE-2025-30851 (Missing Authorization vulnerability in Tickera Tickera allows Exploiti ...)
+ TODO: check
+CVE-2025-30850 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30847 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30846 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30845 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30843 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30842 (Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas ...)
+ TODO: check
+CVE-2025-30839 (Missing Authorization vulnerability in magepeopleteam Taxi Booking Man ...)
+ TODO: check
+CVE-2025-30838 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30836 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30833 (Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge ...)
+ TODO: check
+CVE-2025-30832 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30831 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30830 (Missing Authorization vulnerability in Hossni Mubarak Cool Author Box ...)
+ TODO: check
+CVE-2025-30829 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30828 (Missing Authorization vulnerability in Arraytics Timetics allows Explo ...)
+ TODO: check
+CVE-2025-30826 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30824 (Missing Authorization vulnerability in Israpil Textmetrics allows Expl ...)
+ TODO: check
+CVE-2025-30823 (Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthol ...)
+ TODO: check
+CVE-2025-30822 (Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom ...)
+ TODO: check
+CVE-2025-30821 (Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu ...)
+ TODO: check
+CVE-2025-30820 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30819 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30818 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30817 (Missing Authorization vulnerability in wpzita Z Companion allows Explo ...)
+ TODO: check
+CVE-2025-30816 (Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post em ...)
+ TODO: check
+CVE-2025-30815 (Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou ...)
+ TODO: check
+CVE-2025-30814 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30813 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30812 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30811 (Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla Vali ...)
+ TODO: check
+CVE-2025-30810 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30809 (Missing Authorization vulnerability in Shahjada Live Forms allows Expl ...)
+ TODO: check
+CVE-2025-30806 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30805 (Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Coo ...)
+ TODO: check
+CVE-2025-30804 (Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpSho ...)
+ TODO: check
+CVE-2025-30803 (Missing Authorization vulnerability in Greg Ross Just Writing Statisti ...)
+ TODO: check
+CVE-2025-30801 (Cross-Site Request Forgery (CSRF) vulnerability in Abu Bakar TWB Wooco ...)
+ TODO: check
+CVE-2025-30800 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30799 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30795 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in F ...)
+ TODO: check
+CVE-2025-30792 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30791 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30790 (Missing Authorization vulnerability in alexvtn Chatbox Manager allows ...)
+ TODO: check
+CVE-2025-30789 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30788 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports ...)
+ TODO: check
+CVE-2025-30787 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports ...)
+ TODO: check
+CVE-2025-30786 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30785 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-30784 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30783 (Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33 WP Google ...)
+ TODO: check
+CVE-2025-30781 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in W ...)
+ TODO: check
+CVE-2025-30780 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30779 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30777 (Authorization Bypass Through User-Controlled Key vulnerability in Pals ...)
+ TODO: check
+CVE-2025-30776 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30775 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30773 (Deserialization of Untrusted Data vulnerability in Cozmoslabs Translat ...)
+ TODO: check
+CVE-2025-30772 (Missing Authorization vulnerability in WPClever WPC Smart Upsell Funne ...)
+ TODO: check
+CVE-2025-30771 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30770 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30769 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn WIP WooCaro ...)
+ TODO: check
+CVE-2025-30768 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30767 (Missing Authorization vulnerability in add-ons.org PDF for WPForms all ...)
+ TODO: check
+CVE-2025-30766 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30765 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-30764 (Cross-Site Request Forgery (CSRF) vulnerability in AntoineH Football P ...)
+ TODO: check
+CVE-2025-30763 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-30367 (WeGIA is a Web manager for charitable institutions. A SQL Injection vu ...)
+ TODO: check
+CVE-2025-30366 (WeGIA is a Web manager for charitable institutions. Versions prior to ...)
+ TODO: check
+CVE-2025-30365 (WeGIA is a Web manager for charitable institutions. A SQL Injection vu ...)
+ TODO: check
+CVE-2025-30364 (WeGIA is a Web manager for charitable institutions. A SQL Injection vu ...)
+ TODO: check
+CVE-2025-30363 (WeGIA is a Web manager for charitable institutions. A stored Cross-Sit ...)
+ TODO: check
+CVE-2025-30362 (WeGIA is a Web manager for charitable institutions. A stored Cross-Sit ...)
+ TODO: check
+CVE-2025-30361 (WeGIA is a Web manager for charitable institutions. A security vulnera ...)
+ TODO: check
+CVE-2025-30358 (Mesop is a Python-based UI framework that allows users to build web ap ...)
+ TODO: check
+CVE-2025-30221 (Pitchfork is a preforking HTTP server for Rack applications. Versions ...)
+ TODO: check
+CVE-2025-30093 (HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before ...)
+ TODO: check
+CVE-2025-2867 (An issue has been discovered in the GitLab Duo with Amazon Q affecting ...)
+ TODO: check
+CVE-2025-2857 (Following the recent Chrome sandbox escape (CVE-2025-2783), various Fi ...)
+ TODO: check
+CVE-2025-2855 (A vulnerability, which was classified as problematic, has been found i ...)
+ TODO: check
+CVE-2025-2854 (A vulnerability classified as critical was found in code-projects Payr ...)
+ TODO: check
+CVE-2025-2852 (A vulnerability has been found in SourceCodester Food Ordering Managem ...)
+ TODO: check
+CVE-2025-2849 (A vulnerability, which was classified as problematic, was found in UPX ...)
+ TODO: check
+CVE-2025-2847 (A vulnerability, which was classified as critical, has been found in C ...)
+ TODO: check
+CVE-2025-2846 (A vulnerability classified as critical was found in SourceCodester Onl ...)
+ TODO: check
+CVE-2025-2516 (The use of a weak cryptographic key pair in the signature verification ...)
+ TODO: check
+CVE-2025-29993 (The affected versions of PowerCMS allow HTTP header injection. This vu ...)
+ TODO: check
+CVE-2025-29497 (libming v0.4.8 was discovered to contain a memory leak via the parseSW ...)
+ TODO: check
+CVE-2025-29496 (libming v0.4.8 was discovered to contain a segmentation fault via the ...)
+ TODO: check
+CVE-2025-29494 (libming v0.4.8 was discovered to contain a segmentation fault via the ...)
+ TODO: check
+CVE-2025-29493 (libming v0.4.8 was discovered to contain a segmentation fault via the ...)
+ TODO: check
+CVE-2025-29492 (libming v0.4.8 was discovered to contain a segmentation fault via the ...)
+ TODO: check
+CVE-2025-29491 (An allocation-size-too-big error in the parseSWF_DEFINEBINARYDATA func ...)
+ TODO: check
+CVE-2025-29490 (libming v0.4.8 was discovered to contain a segmentation fault via the ...)
+ TODO: check
+CVE-2025-29489 (libming v0.4.8 was discovered to contain a memory leak via the parseSW ...)
+ TODO: check
+CVE-2025-29488 (libming v0.4.8 was discovered to contain a memory leak via the parseSW ...)
+ TODO: check
+CVE-2025-29487 (An out-of-memory error in the parseABC_STRING_INFO function of libming ...)
+ TODO: check
+CVE-2025-29486 (libming v0.4.8 was discovered to contain a memory leak via the parseSW ...)
+ TODO: check
+CVE-2025-29485 (libming v0.4.8 was discovered to contain a segmentation fault via the ...)
+ TODO: check
+CVE-2025-29484 (An out-of-memory error in the parseABC_NS_SET_INFO function of libming ...)
+ TODO: check
+CVE-2025-29483 (libming v0.4.8 was discovered to contain a memory leak via the parseSW ...)
+ TODO: check
+CVE-2025-29306 (An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitra ...)
+ TODO: check
+CVE-2025-29072 (An integer overflow in Nethermind Juno before v.12.05 within the Sierr ...)
+ TODO: check
+CVE-2025-28138 (TOTOLINK A800R V4.1.2cu.5137_B20200730 contains a remote command execu ...)
+ TODO: check
+CVE-2025-28135 (TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer o ...)
+ TODO: check
+CVE-2025-27793 (Vega is a visualization grammar, a declarative format for creating, sa ...)
+ TODO: check
+CVE-2025-26909 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2025-26762 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26738 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26737 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26736 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26734 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26732 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26731 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-26619 (Vega is a visualization grammar, a declarative format for creating, sa ...)
+ TODO: check
+CVE-2025-26265 (A segmentation fault in openairinterface5g v2.1.0 allows attackers to ...)
+ TODO: check
+CVE-2025-25686 (semcms <=5.0 is vulnerable to SQL Injection in SEMCMS_Fuction.php.)
+ TODO: check
+CVE-2025-25100 (Cross-Site Request Forgery (CSRF) vulnerability in victoracano Cazamba ...)
+ TODO: check
+CVE-2025-25086 (Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper Secret ...)
+ TODO: check
+CVE-2025-22816 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22783 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-22770 (Missing Authorization vulnerability in EnvoThemes Envo Multipurpose al ...)
+ TODO: check
+CVE-2025-22673 (Missing Authorization vulnerability in WPFactory EAN for WooCommerce a ...)
+ TODO: check
+CVE-2025-22672 (Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video ...)
+ TODO: check
+CVE-2025-22671 (Missing Authorization vulnerability in Leap13 Disable Elementor Editor ...)
+ TODO: check
+CVE-2025-22670 (Missing Authorization vulnerability in e4jvikwp VikBooking Hotel Booki ...)
+ TODO: check
+CVE-2025-22669 (Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI Awesome ...)
+ TODO: check
+CVE-2025-22668 (Missing Authorization vulnerability in AwesomeTOGI Awesome Event Booki ...)
+ TODO: check
+CVE-2025-22667 (Missing Authorization vulnerability in Creative Werk Designs Export Or ...)
+ TODO: check
+CVE-2025-22665 (Missing Authorization vulnerability in Shakeeb Sadikeen RapidLoad allo ...)
+ TODO: check
+CVE-2025-22660 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22659 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22658 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar List ...)
+ TODO: check
+CVE-2025-22652 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-22649 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22648 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22647 (Missing Authorization vulnerability in smackcoders AIO Performance Pro ...)
+ TODO: check
+CVE-2025-22646 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22644 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22640 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22637 (Cross-Site Request Forgery (CSRF) vulnerability in verkkovaraani Print ...)
+ TODO: check
+CVE-2025-22634 (Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hoss ...)
+ TODO: check
+CVE-2025-22629 (Missing Authorization vulnerability in iNET iNET Webkit allows Accessi ...)
+ TODO: check
+CVE-2025-22628 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22497 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22496 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-22278 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-1998 (IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and ...)
+ TODO: check
+CVE-2025-1997 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through 7.1.2.21, ...)
+ TODO: check
+CVE-2024-56469 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, ...)
+ TODO: check
+CVE-2024-55073 (A Broken Object Level Authorization vulnerability in the component /ap ...)
+ TODO: check
+CVE-2024-55072 (A Broken Object Level Authorization vulnerability in the component /ap ...)
+ TODO: check
+CVE-2024-55070 (A Broken Object Level Authorization vulnerability in the component /ho ...)
+ TODO: check
+CVE-2024-12905 (An Improper Link Resolution Before File Access ("Link Following") and ...)
+ TODO: check
+CVE-2023-38272 (IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5 ...)
+ TODO: check
+CVE-2023-37405 (IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5 ...)
+ TODO: check
+CVE-2023-53033 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/696e1a48b1a1b01edad542a1ef293665864a4dd0 (6.2-rc5)
-CVE-2023-53032 [netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.]
+CVE-2023-53032 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/9ea4b476cea1b7d461d16dda25ca3c7e616e2d15 (6.2-rc5)
-CVE-2023-53031 [powerpc/imc-pmu: Fix use of mutex in IRQs disabled section]
+CVE-2023-53031 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/76d588dddc459fefa1da96e0a081a397c5c8e216 (6.2-rc4)
-CVE-2023-53030 [octeontx2-pf: Avoid use of GFP_KERNEL in atomic context]
+CVE-2023-53030 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/87b93b678e95c7d93fe6a55b0e0fbda26d8c7760 (6.2-rc5)
-CVE-2023-53029 [octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt]
+CVE-2023-53029 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/55ba18dc62deff5910c0fa64486dea1ff20832ff (6.2-rc5)
-CVE-2023-53028 [Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"]
+CVE-2023-53028 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.8-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/80f8a66dede0a4b4e9e846765a97809c6fe49ce5 (6.2-rc5)
-CVE-2023-53027 [erofs: fix kvcalloc() misuse with __GFP_NOFAIL]
+CVE-2023-53027 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12724ba38992bd045e92a9a88a868a530f89d13e (6.2-rc5)
-CVE-2023-53026 [RDMA/core: Fix ib block iterator counter overflow]
+CVE-2023-53026 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0afec5e9cea732cb47014655685a2a47fb180c31 (6.2-rc5)
-CVE-2023-53025 [NFSD: fix use-after-free in nfsd4_ssc_setup_dul()]
+CVE-2023-53025 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.221-1
NOTE: https://git.kernel.org/linus/e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd (6.2-rc5)
-CVE-2023-53024 [bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation]
+CVE-2023-53024 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e4f4db47794c9f474b184ee1418f42e6a07412b6 (6.2-rc5)
-CVE-2023-53023 [net: nfc: Fix use-after-free in local_cleanup()]
+CVE-2023-53023 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/4bb4db7f3187c6e3de6b229ffc87cdb30a2d22b6 (6.2-rc5)
-CVE-2023-53022 [net: enetc: avoid deadlock in enetc_tx_onestep_tstamp()]
+CVE-2023-53022 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3c463721a73bdb57a913e0d3124677a3758886fc (6.2-rc5)
-CVE-2023-53021 [net/sched: sch_taprio: fix possible use-after-free]
+CVE-2023-53021 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3a415d59c1dbec9d772dbfab2d2520d98360caae (6.2-rc5)
-CVE-2023-53020 [l2tp: close all race conditions in l2tp_tunnel_register()]
+CVE-2023-53020 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0b2c59720e65885a394a017d0cf9cab118914682 (6.2-rc5)
-CVE-2023-53019 [net: mdio: validate parameter addr in mdiobus_get_phy()]
+CVE-2023-53019 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/867dbe784c5010a466f00a7d1467c1c5ea569c75 (6.2-rc5)
-CVE-2023-53018 [Bluetooth: hci_conn: Fix memory leaks]
+CVE-2023-53018 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3aa21311f36d8a2730c7ccef37235e951f23927b (6.2-rc5)
-CVE-2023-53017 [Bluetooth: hci_sync: fix memory leak in hci_update_adv_data()]
+CVE-2023-53017 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1ed8b37cbaf14574c779064ef1372af62e8ba6aa (6.2-rc5)
-CVE-2023-53016 [Bluetooth: Fix possible deadlock in rfcomm_sk_state_change]
+CVE-2023-53016 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1d80d57ffcb55488f0ec0b77928d4f82d16b6a90 (6.2-rc5)
-CVE-2023-53015 [HID: betop: check shape of output reports]
+CVE-2023-53015 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3782c0d6edf658b71354a64d60aa7a296188fc90 (6.2-rc5)
-CVE-2023-53014 [dmaengine: tegra: Fix memory leak in terminate_all()]
+CVE-2023-53014 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a7a7ee6f5a019ad72852c001abbce50d35e992f2 (6.2-rc5)
-CVE-2023-53013 [ptdma: pt_core_execute_cmd() should use spinlock]
+CVE-2023-53013 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/95e5fda3b5f9ed8239b145da3fa01e641cf5d53c (6.2-rc5)
-CVE-2023-53012 [thermal: core: call put_device() only after device_register() fails]
+CVE-2023-53012 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6c54b7bc8a31ce0f7cc7f8deef05067df414f1d8 (6.2-rc5)
-CVE-2023-53011 [net: stmmac: enable all safety features by default]
+CVE-2023-53011 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fdfc76a116b5e9d3e98e6c96fe83b42d011d21d4 (6.2-rc5)
-CVE-2023-53010 [bnxt: Do not read past the end of test names]
+CVE-2023-53010 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/d3e599c090fc6977331150c5f0a69ab8ce87da21 (6.2-rc5)
-CVE-2023-53009 [drm/amdkfd: Add sync after creating vram bo]
+CVE-2023-53009 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/ba029e9991d9be90a28b6a0ceb25e9a6fb348829 (6.2-rc4)
-CVE-2023-53008 [cifs: fix potential memory leaks in session setup]
+CVE-2023-53008 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f (6.2-rc4)
-CVE-2023-53007 [tracing: Make sure trace_printk() can output as soon as it can be used]
+CVE-2023-53007 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253 (6.2-rc6)
-CVE-2023-53006 [cifs: Fix oops due to uncleared server->smbd_conn in reconnect]
+CVE-2023-53006 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/b7ab9161cf5ddc42a288edf9d1a61f3bdffe17c7 (6.2-rc6)
-CVE-2023-53005 [trace_events_hist: add check for return value of 'create_hist_field']
+CVE-2023-53005 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/8b152e9150d07a885f95e1fd401fc81af202d9a4 (6.2-rc6)
-CVE-2023-53004 [ovl: fix tmpfile leak]
+CVE-2023-53004 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/baabaa505563362b71f2637aedd7b807d270656c (6.2-rc6)
-CVE-2023-53003 [EDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info]
+CVE-2023-53003 (In the Linux kernel, the following vulnerability has been resolved: E ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/977c6ba624f24ae20cf0faee871257a39348d4a9 (6.2-rc6)
-CVE-2023-53002 [drm/i915: Fix a memory leak with reused mmap_offset]
+CVE-2023-53002 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/0220e4fe178c3390eb0291cdb34912d66972db8a (6.2-rc6)
-CVE-2023-53001 [drm/drm_vma_manager: Add drm_vma_node_allow_once()]
+CVE-2023-53001 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/899d3a3c19ac0e5da013ce34833dccb97d19b5e4 (6.2-rc6)
-CVE-2023-53000 [netlink: prevent potential spectre v1 gadgets]
+CVE-2023-53000 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f0950402e8c76e7dcb08563f1b4e8000fbc62455 (6.2-rc6)
-CVE-2023-52999 [net: fix UaF in netns ops registration error path]
+CVE-2023-52999 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/71ab9c3e2253619136c31c89dbb2c69305cc89b1 (6.2-rc6)
-CVE-2023-52998 [net: fec: Use page_pool_put_full_page when freeing rx buffers]
+CVE-2023-52998 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e38553bdc377e3e7a6caa9dd9770d8b644d8dac3 (6.2-rc6)
-CVE-2023-52997 [ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()]
+CVE-2023-52997 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1d1d63b612801b3f0a39b7d4467cad0abd60e5c8 (6.2-rc6)
-CVE-2023-52996 [ipv4: prevent potential spectre v1 gadget in fib_metrics_match()]
+CVE-2023-52996 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/5e9398a26a92fc402d82ce1f97cc67d832527da0 (6.2-rc6)
-CVE-2023-52995 [riscv/kprobe: Fix instruction simulation of JALR]
+CVE-2023-52995 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ca0254998be4d74cf6add70ccfab0d2dbd362a10 (6.2-rc6)
-CVE-2023-52994 [acpi: Fix suspend with Xen PV]
+CVE-2023-52994 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fe0ba8c23f9a35b0307eb662f16dd3a75fcdae41 (6.2-rc6)
-CVE-2023-52993 [x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL]
+CVE-2023-52993 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/5fa55950729d0762a787451dc52862c3f850f859 (6.2-rc6)
-CVE-2023-52992 [bpf: Skip task with pid=1 in send_signal_common()]
+CVE-2023-52992 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a3d81bc1eaef48e34dd0b9b48eefed9e02a06451 (6.2-rc5)
-CVE-2023-52991 [net: fix NULL pointer in skb_segment_list]
+CVE-2023-52991 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/876e8ca8366735a604bac86ff7e2732fc9d85d2d (6.2-rc7)
-CVE-2023-52990 [s390: workaround invalid gcc-11 out of bounds read warning]
+CVE-2023-52990 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/41e1992665a2701fa025a8b76970c43b4148446f (6.2-rc5)
-CVE-2023-52989 [firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region]
+CVE-2023-52989 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/531390a243ef47448f8bad01c186c2787666bf4d (6.2-rc7)
-CVE-2023-52988 [ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()]
+CVE-2023-52988 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa (6.2-rc7)
-CVE-2023-52987 [ASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write()]
+CVE-2023-52987 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ea57680af47587397f5005d7758022441ed66d54 (6.2-rc7)
-CVE-2023-52986 [bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener]
+CVE-2023-52986 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/ddce1e091757d0259107c6c0c7262df201de2b66 (6.2-rc7)
-CVE-2023-52985 [arm64: dts: imx8mm-verdin: Do not power down eth-phy]
+CVE-2023-52985 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/39c95d0c357d7ef76aea958c1bece6b24f9b2e7e (6.2-rc7)
-CVE-2023-52984 [net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices]
+CVE-2023-52984 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/422ae7d9c7221e8d4c8526d0f54106307d69d2dc (6.2-rc7)
-CVE-2023-52983 [block, bfq: fix uaf for bfqq in bic_set_bfqq()]
+CVE-2023-52983 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/b600de2d7d3a16f9007fad1bdae82a3951a26af2 (6.2-rc7)
-CVE-2023-52982 [fscache: Use wait_on_bit() to wait for the freeing of relinquished volume]
+CVE-2023-52982 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8226e37d82f43657da34dd770e2b38f20242ada7 (6.2-rc7)
-CVE-2023-52981 [drm/i915: Fix request ref counting during error capture Description: debugfs dump]
+CVE-2023-52981 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/86d8ddc74124c3fdfc139f246ba6da15e45e86e3 (6.2-rc7)
-CVE-2023-52980 [block: ublk: extending queue_size to fix overflow]
+CVE-2023-52980 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/29baef789c838bd5c02f50c88adbbc6b955aaf61 (6.2-rc7)
-CVE-2023-52979 [squashfs: harden sanity check in squashfs_read_xattr_id_table]
+CVE-2023-52979 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/72e544b1b28325fe78a4687b980871a7e4101f76 (6.2-rc7)
-CVE-2023-52978 [riscv: kprobe: Fixup kernel panic when probing an illegal position]
+CVE-2023-52978 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/87f48c7ccc73afc78630530d9af51f458f58cab8 (6.2-rc7)
-CVE-2023-52977 [net: openvswitch: fix flow memory leak in ovs_flow_cmd_new]
+CVE-2023-52977 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0c598aed445eb45b0ee7ba405f7ece99ee349c30 (6.2-rc7)
-CVE-2023-52976 [efi: fix potential NULL deref in efi_mem_reserve_persistent]
+CVE-2023-52976 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/966d47e1f27c45507c5df82b2a2157e5a4fd3909 (6.2-rc7)
-CVE-2023-52975 [scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress]
+CVE-2023-52975 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/6f1d64b13097e85abda0f91b5638000afc5f9a06 (6.2-rc6)
-CVE-2023-52974 [scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress]
+CVE-2023-52974 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3 (6.2-rc6)
-CVE-2023-52973 [vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF]
+CVE-2023-52973 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/226fae124b2dac217ea5436060d623ff3385bc34 (6.2-rc7)
-CVE-2023-52942 [cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask()]
+CVE-2023-52942 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e5ae8803847b80fe9d744a3174abe2b7bfed222a (6.2-rc7)
-CVE-2023-52941 [can: isotp: split tx timer into transmission and timeout]
+CVE-2023-52941 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4f027cba8216f42a18b544842efab134f8b1f9f4 (6.2-rc7)
-CVE-2023-52940 [mm: multi-gen LRU: fix crash during cgroup migration]
+CVE-2023-52940 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/de08eaa6156405f2e9369f06ba5afae0e4ab3b62 (6.2-rc7)
-CVE-2023-52939 [mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath()]
+CVE-2023-52939 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/ac86f547ca1002aec2ef66b9e64d03f45bbbfbb9 (6.2-rc7)
-CVE-2023-52938 [usb: typec: ucsi: Don't attempt to resume the ports before they exist]
+CVE-2023-52938 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f82060da749c611ed427523b6d1605d87338aac1 (6.2-rc7)
-CVE-2023-52937 [HV: hv_balloon: fix memory leak with using debugfs_lookup()]
+CVE-2023-52937 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6dfb0771429a63db8561d44147f2bb76f93e1c86 (6.2-rc7)
-CVE-2023-52936 [kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup()]
+CVE-2023-52936 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/d83d7ed260283560700d4034a80baad46620481b (6.2-rc7)
-CVE-2023-52935 [mm/khugepaged: fix ->anon_vma race]
+CVE-2023-52935 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/023f47a8250c6bdb4aebe744db4bf7f73414028b (6.2-rc7)
-CVE-2023-52934 [mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups]
+CVE-2023-52934 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/edb5d0cf5525357652aff6eacd9850b8ced07143 (6.2-rc7)
-CVE-2023-52933 [Squashfs: fix handling and sanity checking of xattr_ids count]
+CVE-2023-52933 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f65c4bbbd682b0877b669828b4e033b8d5d0a2dc (6.2-rc7)
-CVE-2023-52932 [mm/swapfile: add cond_resched() in get_swap_pages()]
+CVE-2023-52932 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/7717fc1a12f88701573f9ed897cc4f6699c661e3 (6.2-rc7)
-CVE-2023-52931 [drm/i915: Avoid potential vm use-after-free]
+CVE-2023-52931 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/41d419382ec7e257e54b7b6ff0d3623aafb1316d (6.2-rc7)
-CVE-2023-52930 [drm/i915: Fix potential bit_17 double-free]
+CVE-2023-52930 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/7057a8f126f14f14b040faecfa220fd27c6c2f85 (6.2-rc7)
-CVE-2023-52929 [nvmem: core: fix cleanup after dev_set_name()]
+CVE-2023-52929 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/560181d3ace61825f4ca9dd3481d6c0ee6709fa8 (6.2-rc7)
-CVE-2023-52928 [bpf: Skip invalid kfunc call in backtrack_insn]
+CVE-2023-52928 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/d3178e8a434b58678d99257c0387810a24042fb6 (6.2-rc5)
-CVE-2022-49761 [btrfs: always report error in run_one_delayed_ref()]
+CVE-2022-49761 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.8-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/39f501d68ec1ed5cd5c66ac6ec2a7131c517bb92 (6.2-rc3)
-CVE-2022-49760 [mm/hugetlb: fix PTE marker handling in hugetlb_change_protection()]
+CVE-2022-49760 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0e678153f5be7e6c8d28835f5a678618da4b7a9c (6.2-rc5)
-CVE-2022-49759 [VMCI: Use threaded irqs instead of tasklets]
+CVE-2022-49759 (In the Linux kernel, the following vulnerability has been resolved: V ...)
- linux 6.1.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3daed6345d5880464f46adab871d208e1baa2f3a (6.2-rc5)
-CVE-2022-49758 [reset: uniphier-glue: Fix possible null-ptr-deref]
+CVE-2022-49758 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/3a2390c6777e3f6662980c6cfc25cafe9e4fef98 (6.2-rc5)
-CVE-2022-49757 [EDAC/highbank: Fix memory leak in highbank_mc_probe()]
+CVE-2022-49757 (In the Linux kernel, the following vulnerability has been resolved: E ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/e7a293658c20a7945014570e1921bf7d25d68a36 (6.2-rc4)
-CVE-2022-49756 [phy: usb: sunplus: Fix potential null-ptr-deref in sp_usb_phy_probe()]
+CVE-2022-49756 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/17eee264ef386ef30a69dd70e36f29893b85c170 (6.2-rc5)
-CVE-2022-49755 [usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait]
+CVE-2022-49755 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/6a19da111057f69214b97c62fb0ac59023970850 (6.2-rc5)
-CVE-2022-49754 [Bluetooth: Fix a buffer overflow in mgmt_mesh_add()]
+CVE-2022-49754 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2185e0fdbb2137f22a9dd9fcbf6481400d56299b (6.2-rc5)
-CVE-2022-49753 [dmaengine: Fix double increment of client_count in dma_chan_get()]
+CVE-2022-49753 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f3dc1b3b4750851a94212dba249703dd0e50bb20 (6.2-rc5)
-CVE-2022-49752 [device property: fix of node refcount leak in fwnode_graph_get_next_endpoint()]
+CVE-2022-49752 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/39af728649b05e88a2b40e714feeee6451c3f18e (6.2-rc5)
-CVE-2022-49751 [w1: fix WARNING after calling w1_process()]
+CVE-2022-49751 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/36225a7c72e9e3e1ce4001b6ce72849f5c9a2d3b (6.2-rc5)
-CVE-2022-49750 [cpufreq: CPPC: Add u64 casts to avoid overflowing]
+CVE-2022-49750 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/f5f94b9c8b805d87ff185caf9779c3a4d07819e3 (6.2-rc4)
-CVE-2022-49749 [i2c: designware: use casting of u64 in clock multiplication to avoid overflow]
+CVE-2022-49749 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/c8c37bc514514999e62a17e95160ed9ebf75ca8d (6.2-rc6)
-CVE-2022-49748 [perf/x86/amd: fix potential integer overflow on shift of a int]
+CVE-2022-49748 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/08245672cdc6505550d1a5020603b0a8d4a6dcc7 (6.2-rc2)
-CVE-2022-49747 [erofs/zmap.c: Fix incorrect offset calculation]
+CVE-2022-49747 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/6acd87d50998ef0afafc441613aeaf5a8f5c9eff (6.2-rc5)
-CVE-2022-49746 [dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init]
+CVE-2022-49746 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1417f59ac0b02130ee56c0c50794b9b257be3d17 (6.2-rc5)
-CVE-2022-49745 [fpga: m10bmc-sec: Fix probe rollback]
+CVE-2022-49745 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/60ce26d10e5850f33cc76fce52f5377045e75a15 (6.2-rc7)
-CVE-2022-49744 [mm/uffd: fix pte marker when fork() without fork event]
+CVE-2022-49744 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/49d6d7fb631345b0f2957a7c4be24ad63903150f (6.2-rc7)
-CVE-2022-49743 [ovl: Use "buf" flexible array for memcpy() destination]
+CVE-2022-49743 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/cf8aa9bf97cadf85745506c6a3e244b22c268d63 (6.2-rc1)
-CVE-2022-49742 [f2fs: initialize locks earlier in f2fs_fill_super()]
+CVE-2022-49742 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.11-1
NOTE: https://git.kernel.org/linus/92b4cf5b48955a4bdd15fe4e2067db8ebd87f04c (6.2-rc1)
-CVE-2022-49741 [fbdev: smscufx: fix error handling code in ufx_usb_probe]
+CVE-2022-49741 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/b76449ee75e21acfe9fa4c653d8598f191ed7d68 (6.2-rc1)
-CVE-2022-49740 [wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads]
+CVE-2022-49740 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/4920ab131b2dbae7464b72bdcac465d070254209 (6.2-rc1)
-CVE-2022-49739 [gfs2: Always check inode size of inline inodes]
+CVE-2022-49739 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/70376c7ff31221f1d21db5611d8209e677781d3a (6.2-rc1)
-CVE-2022-49738 [f2fs: fix to do sanity check on i_extra_isize in is_alive()]
+CVE-2022-49738 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/d3b7b4afd6b2c344eabf9cc26b8bfa903c164c7c (6.2-rc1)
-CVE-2021-4454 [can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate]
+CVE-2021-4454 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.11-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/d0553680f94c49bbe0e39eb50d033ba563b4212d (6.2-rc7)
-CVE-2025-21892 [RDMA/mlx5: Fix the recovery flow of the UMR QP]
+CVE-2025-21892 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.19-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d97505baea64d93538b16baf14ce7b8c1fbad746 (6.14-rc5)
-CVE-2025-21891 [ipvlan: ensure network headers are in skb linear part]
+CVE-2025-21891 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/27843ce6ba3d3122b65066550fe33fb8839f8aef (6.14-rc5)
-CVE-2025-21890 [idpf: fix checksums set in idpf_rx_rsc()]
+CVE-2025-21890 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/674fcb4f4a7e3e277417a01788cc6daae47c3804 (6.14-rc5)
-CVE-2025-21889 [perf/core: Add RCU read lock protection to perf_iterate_ctx()]
+CVE-2025-21889 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0fe8813baf4b2e865d3b2c735ce1a15b86002c74 (6.14-rc5)
-CVE-2025-21888 [RDMA/mlx5: Fix a WARN during dereg_mr for DM type]
+CVE-2025-21888 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.19-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/abc7b3f1f056d69a8f11d6dceecc0c9549ace770 (6.14-rc5)
-CVE-2025-21887 [ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up]
+CVE-2025-21887 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/c84e125fff2615b4d9c259e762596134eddd2f27 (6.14-rc5)
-CVE-2025-21886 [RDMA/mlx5: Fix implicit ODP hang on parent deregistration]
+CVE-2025-21886 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3d8c6f26893d55fab218ad086719de1fc9bb86ba (6.14-rc5)
-CVE-2025-21885 [RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers]
+CVE-2025-21885 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/b66535356a4834a234f99e16a97eb51f2c6c5a7d (6.14-rc5)
-CVE-2025-21884 [net: better track kernel sockets lifetime]
+CVE-2025-21884 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5c70eb5c593d64d93b178905da215a9fd288a4b5 (6.14-rc5)
-CVE-2025-21883 [ice: Fix deinitializing VF in error path]
+CVE-2025-21883 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/79990cf5e7aded76d0c092c9f5ed31eb1c75e02c (6.14-rc5)
-CVE-2025-21882 [net/mlx5: Fix vport QoS cleanup on error]
+CVE-2025-21882 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7f3528f7d2f98b70e19a6bb7b130fc82c079ac54 (6.14-rc5)
-CVE-2025-21881 [uprobes: Reject the shared zeropage in uprobe_write_opcode()]
+CVE-2025-21881 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/bddf10d26e6e5114e7415a0e442ec6f51a559468 (6.14-rc5)
-CVE-2025-21880 [drm/xe/userptr: fix EFAULT handling]
+CVE-2025-21880 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a9f4fa3a7efa65615ff7db13023ac84516e99e21 (6.14-rc5)
-CVE-2025-21879 [btrfs: fix use-after-free on inode when scanning root during em shrinking]
+CVE-2025-21879 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/59f37036bb7ab3d554c24abc856aabca01126414 (6.14-rc5)
-CVE-2025-21878 [i2c: npcm: disable interrupt enable bit before devm_request_irq]
+CVE-2025-21878 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/dd1998e243f5fa25d348a384ba0b6c84d980f2b2 (6.14-rc5)
-CVE-2025-21877 [usbnet: gl620a: fix endpoint checking in genelink_bind()]
+CVE-2025-21877 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/1cf9631d836b289bd5490776551961c883ae8a4f (6.14-rc5)
-CVE-2025-21876 [iommu/vt-d: Fix suspicious RCU usage]
+CVE-2025-21876 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b150654f74bf0df8e6a7936d5ec51400d9ec06d8 (6.14-rc5)
-CVE-2025-21875 [mptcp: always handle address removal under msk socket lock]
+CVE-2025-21875 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/f865c24bc55158313d5779fc81116023a6940ca3 (6.14-rc5)
-CVE-2025-21874 [dm-integrity: Avoid divide by zero in table status in Inline mode]
+CVE-2025-21874 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7fb39882b20c98a9a393c244c86b56ef6933cff8 (6.14-rc5)
-CVE-2025-21873 [scsi: ufs: core: bsg: Fix crash when arpmb command fails]
+CVE-2025-21873 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.19-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f27a95845b01e86d67c8b014b4f41bd3327daa63 (6.14-rc5)
-CVE-2025-21872 [efi: Don't map the entire mokvar table to determine its size]
+CVE-2025-21872 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/2b90e7ace79774a3540ce569e000388f8d22c9e0 (6.14-rc5)
-CVE-2024-58091 [drm/fbdev-dma: Add shadow buffering for deferred I/O]
+CVE-2024-58091 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3603996432997f7c88da37a97062a46cda01ac9d (6.14-rc5)
-CVE-2024-58090 [sched/core: Prevent rescheduling when interrupts are disabled]
+CVE-2024-58090 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.19-1
NOTE: https://git.kernel.org/linus/82c387ef7568c0d96a918a5a78d9cad6256cfa15 (6.14-rc5)
-CVE-2025-21871 [tee: optee: Fix supplicant wait loop]
+CVE-2025-21871 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.17-1
NOTE: https://git.kernel.org/linus/70b0d6b0a199c5a3ee6c72f5e61681ed6f759612 (6.14-rc4)
-CVE-2025-21870 [ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers]
+CVE-2025-21870 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.12.17-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6fd60136d256b3b948333ebdb3835f41a95ab7ef (6.14-rc4)
-CVE-2025-21869 [powerpc/code-patching: Disable KASAN report during patching via temporary mm]
+CVE-2025-21869 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.17-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc9c5166c3cb044f8a001e397195242fd6796eee (6.14-rc4)
-CVE-2025-21868 [net: allow small head cache usage with large MAX_SKB_FRAGS values]
+CVE-2025-21868 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.17-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/14ad6ed30a10afbe91b0749d6378285f4225d482 (6.14-rc4)
-CVE-2025-21867 [bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()]
+CVE-2025-21867 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.17-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6b3d638ca897e099fa99bd6d02189d3176f80a47 (6.14-rc4)
@@ -575,9 +1003,9 @@ CVE-2024-45353 (An intent redriction vulnerability exists in the Xiaomi quick Ap
NOT-FOR-US: Xiaomi
CVE-2024-45352 (An code execution vulnerability exists in the Xiaomi smarthome applica ...)
NOT-FOR-US: Xiaomi
-CVE-2024-48944
+CVE-2024-48944 (Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. Thro ...)
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
-CVE-2025-30067
+CVE-2025-30067 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
CVE-2025-30355 (Synapse is an open source Matrix homeserver implementation. A maliciou ...)
- matrix-synapse 1.121.0-6
@@ -875,17 +1303,17 @@ CVE-2024-13702 (The CRM and Lead Management by vcita plugin for WordPress is vul
NOT-FOR-US: WordPress plugin
CVE-2024-13411 (The Zapier for WordPress plugin for WordPress is vulnerable to Server- ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-9773
+CVE-2024-9773 (An issue was discovered in GitLab EE affecting all versions starting f ...)
- gitlab <not-affected> (Specific to EE)
CVE-2024-10307
- gitlab <unfixed>
CVE-2024-12619
- gitlab <unfixed>
-CVE-2025-2242
+CVE-2025-2242 (An improper access control vulnerability in GitLab CE/EE affecting all ...)
- gitlab <unfixed>
-CVE-2025-0811
+CVE-2025-0811 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
- gitlab <unfixed>
-CVE-2025-2255
+CVE-2025-2255 (An issue has been discovered in Gitlab EE/CE for AppSec affecting all ...)
- gitlab <unfixed>
CVE-2025-30232
{DSA-5887-1}
@@ -3354,7 +3782,7 @@ CVE-2025-2363 (A vulnerability classified as critical has been found in lenve VB
CVE-2025-2362 (A vulnerability was found in PHPGurukul Pre-School Enrollment System 1 ...)
NOT-FOR-US: PHPGurukul
CVE-2025-2361 (A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has ...)
- {DSA-5883-1}
+ {DSA-5883-1 DLA-4094-1}
- mercurial 6.9.4-1 (bug #1100899)
NOTE: https://lists.mercurial-scm.org/pipermail/mercurial-packaging/2025-March/000754.html
NOTE: Fixed by: https://foss.heptapod.net/mercurial/mercurial-devel/-/commit/a5c72ed2929341d97b11968211c880854803f003 (6.9.4)
@@ -7133,15 +7561,15 @@ CVE-2025-1859 (A vulnerability, which was classified as critical, has been found
NOT-FOR-US: PHPGurukul
CVE-2025-1858 (A vulnerability classified as critical was found in Codezips Online Sh ...)
NOT-FOR-US: Codezips Online Shopping Website
-CVE-2025-0289 (Paragon Partition Manager version 17, both community and Business vers ...)
+CVE-2025-0289 (Paragon Partition Manager version 17.9.1, both community and Business ...)
NOT-FOR-US: Paragon Partition Manager
-CVE-2025-0288 (Paragon Partition Manager version 7.9.1 contains an arbitrary kernel m ...)
+CVE-2025-0288 (Paragon Partition Manager version 17.9.1 contains an arbitrary kernel ...)
NOT-FOR-US: Paragon Partition Manager
-CVE-2025-0287 (Paragon Partition Manager version 7.9.1 contains a null pointer derefe ...)
+CVE-2025-0287 (Paragon Partition Manager version 17.9.1 contains a null pointer deref ...)
NOT-FOR-US: Paragon Partition Manager
-CVE-2025-0286 (Paragon Partition Manager version 7.9.1 contains an arbitrary kernel m ...)
+CVE-2025-0286 (Paragon Partition Manager version 17.9.1 contains an arbitrary kernel ...)
NOT-FOR-US: Paragon Partition Manager
-CVE-2025-0285 (Paragon Partition Manager version 7.9.1 contains an arbitrary kernel m ...)
+CVE-2025-0285 (Paragon Partition Manager version 17.9.1 contains an arbitrary kernel ...)
NOT-FOR-US: Paragon Partition Manager
CVE-2024-8262 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
NOT-FOR-US: Proliz Software OBS
@@ -37976,7 +38404,8 @@ CVE-2024-51367 (An arbitrary file upload vulnerability in the component \Users\u
NOT-FOR-US: BlackBoard
CVE-2024-51366 (An arbitrary file upload vulnerability in the component \Roaming\Omega ...)
NOT-FOR-US: OmegaT
-CVE-2024-51365 (An arbitrary file upload vulnerability in the importSettings method of ...)
+CVE-2024-51365
+ REJECTED
NOT-FOR-US: VisiCut
CVE-2024-51364 (An arbitrary file upload vulnerability in ModbusMechanic v3.0 allows a ...)
NOT-FOR-US: ModbusMechanic
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e7613d9a1fb5c164f7c8ba96f767b4db43eac47
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e7613d9a1fb5c164f7c8ba96f767b4db43eac47
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250327/6b1a2d70/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list