[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 16 21:12:57 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b257dad6 by security tracker role at 2025-09-16T20:12:49+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,440 +1,864 @@
-CVE-2023-53334 [USB: chipidea: fix memory leak with using debugfs_lookup()]
+CVE-2025-8894 (A maliciously crafted PDF file, when parsed through certain Autodesk p ...)
+ TODO: check
+CVE-2025-8893 (A maliciously crafted PDF file, when parsed through certain Autodesk p ...)
+ TODO: check
+CVE-2025-8446 (The Blaze Demo Importer plugin for WordPress is vulnerable to unauthor ...)
+ TODO: check
+CVE-2025-8276 (Improper Encoding or Escaping of Output, Improper Neutralization of Sp ...)
+ TODO: check
+CVE-2025-8057 (Authorization Bypass Through User-Controlled Key, Externally Controlle ...)
+ TODO: check
+CVE-2025-7744 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-7743 (Cleartext Transmission of Sensitive Information vulnerability in Dolus ...)
+ TODO: check
+CVE-2025-7355 (Authorization Bypass Through User-Controlled Key vulnerability in Beef ...)
+ TODO: check
+CVE-2025-6575 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-5519 (Insertion of Sensitive Information Into Sent Data vulnerability in Arg ...)
+ TODO: check
+CVE-2025-59336 (Luanox is a module host for Lua packages. Prior to 0.1.1, a file trave ...)
+ TODO: check
+CVE-2025-59334 (Linkr is a lightweight file delivery system that downloads files from ...)
+ TODO: check
+CVE-2025-59333 (The mcp-database-server (MCP Server) 1.1.0 and earlier, as distributed ...)
+ TODO: check
+CVE-2025-59270 (psPAS PowerShell module does not explicitly enforce TLS 1.2 within the ...)
+ TODO: check
+CVE-2025-59161 (Element Web is a Matrix web client built using the Matrix React SDK. E ...)
+ TODO: check
+CVE-2025-59160 (Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and ...)
+ TODO: check
+CVE-2025-59050 (Greenshot is an open source Windows screenshot utility. Greenshot 1.3. ...)
+ TODO: check
+CVE-2025-58749 (WebAssembly Micro Runtime (WAMR) is a lightweight standalone WebAssemb ...)
+ TODO: check
+CVE-2025-58174 (LDAP Account Manager (LAM) is a webfrontend for managing entries store ...)
+ TODO: check
+CVE-2025-57631 (SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attack ...)
+ TODO: check
+CVE-2025-57625 (CYRISMA Sensor before 444 for Windows has an Insecure Folder and File ...)
+ TODO: check
+CVE-2025-57624 (A DLL hijacking vulnerability in CYRISMA Agent before 444 allows local ...)
+ TODO: check
+CVE-2025-57145 (A cross-site scripting (XSS) vulnerability exists in the search-autoot ...)
+ TODO: check
+CVE-2025-57119 (An issue in Online Library Management System v.3.0 allows an attacker ...)
+ TODO: check
+CVE-2025-56706 (Edimax BR-6473AX v1.0.28 was discovered to contain a remote code execu ...)
+ TODO: check
+CVE-2025-56697 (A Stored Cross-Site Scripting (XSS) vulnerability was discovered in th ...)
+ TODO: check
+CVE-2025-56562 (An incorrect API discovered in Signify Wiz Connected 1.9.1 allows atta ...)
+ TODO: check
+CVE-2025-56557 (An issue discovered in the Tuya Smart Life App 5.6.1 allows attackers ...)
+ TODO: check
+CVE-2025-56295 (code-projects Computer Laboratory System 1.0 has a file upload vulnera ...)
+ TODO: check
+CVE-2025-56293 (code-projects Human Resource Integrated System 1.0 is vulnerable to Cr ...)
+ TODO: check
+CVE-2025-56289 (code-projects Document Management System 1.0 has a Cross Site Scriptin ...)
+ TODO: check
+CVE-2025-56280 (code-projects Food Ordering Review System 1.0 is vulnerable to Cross S ...)
+ TODO: check
+CVE-2025-56276 (code-projects Food Ordering Review System 1.0 is vulnerable to Cross S ...)
+ TODO: check
+CVE-2025-56264 (The /api/comment endpoint in zhangyd-c OneBlog 2.3.9 contains a denial ...)
+ TODO: check
+CVE-2025-56263 (by-night sms V1.0 has an Arbitrary File Upload vulnerability. The /api ...)
+ TODO: check
+CVE-2025-55834 (A Cross Site Scripting vulnerability in JeeWMS v.3.7 and before allows ...)
+ TODO: check
+CVE-2025-55118 (Memory corruptions can be remotely triggered in the Control-M/Agent wh ...)
+ TODO: check
+CVE-2025-55117 (A stack-based buffer overflow can be remotely triggered when formattin ...)
+ TODO: check
+CVE-2025-55116 (A buffer overflow in the Control-M/Agent can lead to a local privilege ...)
+ TODO: check
+CVE-2025-55115 (A path traversal in the Control-M/Agent can lead to a local privilege ...)
+ TODO: check
+CVE-2025-55114 (The improper order of AUTHORIZED_CTM_IP validation in the Control-M/Ag ...)
+ TODO: check
+CVE-2025-55113 (If the Access Control List is enforced by the Control-M/Agent and the ...)
+ TODO: check
+CVE-2025-55112 (Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentia ...)
+ TODO: check
+CVE-2025-55111 (Certain files with overly permissive permissions were identified in th ...)
+ TODO: check
+CVE-2025-55110 (Control-M/Agents use a kdb or PKCS#12 keystore by default, and the def ...)
+ TODO: check
+CVE-2025-55109 (An authentication bypass vulnerability exists in the out-of-support Co ...)
+ TODO: check
+CVE-2025-54262 (Substance3D - Stager versions 3.1.3 and earlier are affected by an out ...)
+ TODO: check
+CVE-2025-54237 (Substance3D - Stager versions 3.1.3 and earlier are affected by an out ...)
+ TODO: check
+CVE-2025-52044 (In Frappe ERPNext v15.57.5, the function get_stock_balance() at erpnex ...)
+ TODO: check
+CVE-2025-4953 (A flaw was found in Podman. In a Containerfile or Podman, data written ...)
+ TODO: check
+CVE-2025-4688 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-49728 (Cleartext storage of sensitive information in Microsoft PC Manager all ...)
+ TODO: check
+CVE-2025-47967 (Insufficient ui warning of dangerous operations in Microsoft Edge for ...)
+ TODO: check
+CVE-2025-44034 (SQL injection vulnerability in oa_system oasys v.1.1 allows a remote a ...)
+ TODO: check
+CVE-2025-43801 (Unchecked input for loop condition vulnerability in XML-RPC in Liferay ...)
+ TODO: check
+CVE-2025-41249 (The Spring Framework annotation detection mechanism may not correctly ...)
+ TODO: check
+CVE-2025-41248 (The Spring Security annotation detection mechanism may not correctly r ...)
+ TODO: check
+CVE-2025-41243 (Spring Cloud Gateway Server Webflux may be vulnerable to Spring Enviro ...)
+ TODO: check
+CVE-2025-39836 (In the Linux kernel, the following vulnerability has been resolved: e ...)
+ TODO: check
+CVE-2025-39835 (In the Linux kernel, the following vulnerability has been resolved: x ...)
+ TODO: check
+CVE-2025-39834 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2025-39833 (In the Linux kernel, the following vulnerability has been resolved: m ...)
+ TODO: check
+CVE-2025-39832 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2025-39831 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2025-39830 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2025-39829 (In the Linux kernel, the following vulnerability has been resolved: t ...)
+ TODO: check
+CVE-2025-39828 (In the Linux kernel, the following vulnerability has been resolved: a ...)
+ TODO: check
+CVE-2025-39827 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2025-39826 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2025-39825 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2025-39824 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2025-39823 (In the Linux kernel, the following vulnerability has been resolved: K ...)
+ TODO: check
+CVE-2025-39822 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2025-39821 (In the Linux kernel, the following vulnerability has been resolved: p ...)
+ TODO: check
+CVE-2025-39820 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2025-39819 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2025-39818 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2025-39817 (In the Linux kernel, the following vulnerability has been resolved: e ...)
+ TODO: check
+CVE-2025-39816 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2025-39815 (In the Linux kernel, the following vulnerability has been resolved: R ...)
+ TODO: check
+CVE-2025-39814 (In the Linux kernel, the following vulnerability has been resolved: i ...)
+ TODO: check
+CVE-2025-39813 (In the Linux kernel, the following vulnerability has been resolved: f ...)
+ TODO: check
+CVE-2025-39812 (In the Linux kernel, the following vulnerability has been resolved: s ...)
+ TODO: check
+CVE-2025-39811 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2025-39810 (In the Linux kernel, the following vulnerability has been resolved: b ...)
+ TODO: check
+CVE-2025-39809 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2025-39808 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2025-39807 (In the Linux kernel, the following vulnerability has been resolved: d ...)
+ TODO: check
+CVE-2025-39806 (In the Linux kernel, the following vulnerability has been resolved: H ...)
+ TODO: check
+CVE-2025-39805 (In the Linux kernel, the following vulnerability has been resolved: n ...)
+ TODO: check
+CVE-2025-36244 (IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerber ...)
+ TODO: check
+CVE-2025-34187 (Ilevia EVE X1/X5 Server version \u2264 4.7.18.0.eden contains a miscon ...)
+ TODO: check
+CVE-2025-34186 (Ilevia EVE X1/X5 Server version \u2264 4.7.18.0.eden contains a vulner ...)
+ TODO: check
+CVE-2025-34185 (Ilevia EVE X1 Server version \u2264 4.7.18.0.eden contains a pre-authe ...)
+ TODO: check
+CVE-2025-34184 (Ilevia EVE X1 Server version \u2264 4.7.18.0.eden contains an unauthen ...)
+ TODO: check
+CVE-2025-34183 (Ilevia EVE X1 Server version \u2264 4.7.18.0.eden contains a vulnerabi ...)
+ TODO: check
+CVE-2025-30075 (In Alludo MindManager before 25.0.208 on Windows, attackers could pote ...)
+ TODO: check
+CVE-2025-2404 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-26711 (There is an unauthorized access vulnerability in ZTE T5400. Due to imp ...)
+ TODO: check
+CVE-2025-26710 (There is an an information disclosure vulnerability in ZTE T5400. Due ...)
+ TODO: check
+CVE-2025-10572
+ REJECTED
+CVE-2025-10563 (A vulnerability has been found in Campcodes Grocery Sales and Inventor ...)
+ TODO: check
+CVE-2025-10562 (A flaw has been found in Campcodes Grocery Sales and Inventory System ...)
+ TODO: check
+CVE-2025-10546 (This vulnerability exist in PPC 2K15X Router, due to improper input va ...)
+ TODO: check
+CVE-2025-10492 (A Java deserialisation vulnerability has been discovered in Jaspersoft ...)
+ TODO: check
+CVE-2025-10316 (The extension "Form to Database" is susceptible to Cross-Site Scriptin ...)
+ TODO: check
+CVE-2025-10290 (Opening links via the contextual menu in Focus iOS for certain URL sch ...)
+ TODO: check
+CVE-2025-10016 (The Sparkle framework includes a helper tool Autoupdate. Due to lack o ...)
+ TODO: check
+CVE-2025-10015 (The Sparkle frameworkincludes an XPC service Downloader.xpc, by defaul ...)
+ TODO: check
+CVE-2024-13174 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-13149 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-12913 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-12796 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2021-47687
+ REJECTED
+CVE-2021-47686
+ REJECTED
+CVE-2021-47685
+ REJECTED
+CVE-2021-47684
+ REJECTED
+CVE-2021-47683
+ REJECTED
+CVE-2021-47682
+ REJECTED
+CVE-2021-47681
+ REJECTED
+CVE-2021-47680
+ REJECTED
+CVE-2021-47679
+ REJECTED
+CVE-2021-47678
+ REJECTED
+CVE-2021-47677
+ REJECTED
+CVE-2021-47676
+ REJECTED
+CVE-2021-47675
+ REJECTED
+CVE-2021-47674
+ REJECTED
+CVE-2021-47673
+ REJECTED
+CVE-2021-47672
+ REJECTED
+CVE-2020-36824
+ REJECTED
+CVE-2020-36823
+ REJECTED
+CVE-2020-36822
+ REJECTED
+CVE-2020-36821
+ REJECTED
+CVE-2020-36820
+ REJECTED
+CVE-2020-36819
+ REJECTED
+CVE-2020-36818
+ REJECTED
+CVE-2020-36817
+ REJECTED
+CVE-2020-36816
+ REJECTED
+CVE-2020-36815
+ REJECTED
+CVE-2020-36814
+ REJECTED
+CVE-2020-36813
+ REJECTED
+CVE-2020-36812
+ REJECTED
+CVE-2020-36811
+ REJECTED
+CVE-2020-36810
+ REJECTED
+CVE-2020-36809
+ REJECTED
+CVE-2020-36808
+ REJECTED
+CVE-2020-36807
+ REJECTED
+CVE-2020-36806
+ REJECTED
+CVE-2020-36805
+ REJECTED
+CVE-2020-36804
+ REJECTED
+CVE-2020-36803
+ REJECTED
+CVE-2020-36802
+ REJECTED
+CVE-2020-36801
+ REJECTED
+CVE-2020-36800
+ REJECTED
+CVE-2020-36799
+ REJECTED
+CVE-2020-36798
+ REJECTED
+CVE-2020-36797
+ REJECTED
+CVE-2020-36796
+ REJECTED
+CVE-2020-36795
+ REJECTED
+CVE-2020-36794
+ REJECTED
+CVE-2020-36793
+ REJECTED
+CVE-2020-36792
+ REJECTED
+CVE-2019-25209
+ REJECTED
+CVE-2019-25208
+ REJECTED
+CVE-2019-25207
+ REJECTED
+CVE-2019-25206
+ REJECTED
+CVE-2019-25205
+ REJECTED
+CVE-2019-25204
+ REJECTED
+CVE-2019-25203
+ REJECTED
+CVE-2019-25202
+ REJECTED
+CVE-2019-25201
+ REJECTED
+CVE-2019-25200
+ REJECTED
+CVE-2019-25199
+ REJECTED
+CVE-2019-25198
+ REJECTED
+CVE-2019-25197
+ REJECTED
+CVE-2019-25196
+ REJECTED
+CVE-2019-25195
+ REJECTED
+CVE-2019-25194
+ REJECTED
+CVE-2019-25193
+ REJECTED
+CVE-2019-25192
+ REJECTED
+CVE-2019-25191
+ REJECTED
+CVE-2019-25190
+ REJECTED
+CVE-2019-25189
+ REJECTED
+CVE-2019-25188
+ REJECTED
+CVE-2019-25187
+ REJECTED
+CVE-2019-25186
+ REJECTED
+CVE-2019-25185
+ REJECTED
+CVE-2019-25184
+ REJECTED
+CVE-2019-25183
+ REJECTED
+CVE-2019-25182
+ REJECTED
+CVE-2019-25181
+ REJECTED
+CVE-2019-25180
+ REJECTED
+CVE-2019-25179
+ REJECTED
+CVE-2019-25178
+ REJECTED
+CVE-2019-25177
+ REJECTED
+CVE-2019-25176
+ REJECTED
+CVE-2019-25175
+ REJECTED
+CVE-2019-25174
+ REJECTED
+CVE-2019-25173
+ REJECTED
+CVE-2019-25172
+ REJECTED
+CVE-2019-25171
+ REJECTED
+CVE-2019-25170
+ REJECTED
+CVE-2019-25169
+ REJECTED
+CVE-2019-25168
+ REJECTED
+CVE-2019-25167
+ REJECTED
+CVE-2019-25166
+ REJECTED
+CVE-2019-25165
+ REJECTED
+CVE-2019-25164
+ REJECTED
+CVE-2019-25163
+ REJECTED
+CVE-2009-20007 (Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow ...)
+ TODO: check
+CVE-2009-20006 (osCommerce versions up to and including 2.2 RC2a contain a vulnerabili ...)
+ TODO: check
+CVE-2009-20005 (A stack-based buffer overflow exists in the UtilConfigHome.csp endpoin ...)
+ TODO: check
+CVE-2023-53334 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/ff35f3ea3baba5b81416ac02d005cfbf6dd182fa (6.3-rc1)
-CVE-2023-53333 [netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one]
+CVE-2023-53333 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/ff0a3a7d52ff7282dbd183e7fc29a1fe386b0c30 (6.5-rc1)
-CVE-2023-53332 [genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask()]
+CVE-2023-53332 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/feabecaff5902f896531dde90646ca5dfa9d4f7d (6.3-rc1)
-CVE-2023-53331 [pstore/ram: Check start of empty przs during init]
+CVE-2023-53331 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/fe8c3623ab06603eb760444a032d426542212021 (6.6-rc1)
-CVE-2023-53330 [caif: fix memory leak in cfctrl_linkup_request()]
+CVE-2023-53330 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/fe69230f05897b3de758427b574fc98025dfc907 (6.2-rc3)
-CVE-2023-53329 [workqueue: fix data race with the pwq->stats[] increment]
+CVE-2023-53329 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.5.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fe48ba7daefe75bbbefa2426deddc05f2d530d2d (6.6-rc1)
-CVE-2023-53328 [fs/ntfs3: Enhance sanity check while generating attr_list]
+CVE-2023-53328 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/fdec309c7672cbee4dc0229ee4cbb33c948a1bdd (6.5-rc1)
-CVE-2023-53327 [iommufd/selftest: Catch overflow of uptr and length]
+CVE-2023-53327 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fd8c1a4aee973e87d890a5861e106625a33b2c4e (6.4-rc1)
-CVE-2023-53326 [powerpc: Don't try to copy PPR for task with NULL pt_regs]
+CVE-2023-53326 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/fd7276189450110ed835eb0a334e62d2f1c4e3be (6.3-rc5)
-CVE-2023-53325 [drm/mediatek: dp: Change logging to dev for mtk_dp_aux_transfer()]
+CVE-2023-53325 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/fd70e2019bfbcb0ed90c5e23839bf510ce6acf8f (6.6-rc1)
-CVE-2023-53324 [drm/msm/mdp5: Don't leak some plane state]
+CVE-2023-53324 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/fd0ad3b2365c1c58aa5a761c18efc4817193beb6 (6.6-rc1)
-CVE-2023-53323 [ext2/dax: Fix ext2_setsize when len is page aligned]
+CVE-2023-53323 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fcced95b6ba2a507a83b8b3e0358a8ac16b13e35 (6.5-rc1)
-CVE-2023-53322 [scsi: qla2xxx: Wait for io return on terminate rport]
+CVE-2023-53322 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/fc0cba0c7be8261a1625098bd1d695077ec621c9 (6.5-rc1)
-CVE-2023-53321 [wifi: mac80211_hwsim: drop short frames]
+CVE-2023-53321 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6 (6.6-rc1)
-CVE-2023-53320 [scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()]
+CVE-2023-53320 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fb428a2005fc1260d18b989cc5199f281617f44d (6.3-rc1)
-CVE-2023-53319 [KVM: arm64: Handle kvm_arm_init failure correctly in finalize_pkvm]
+CVE-2023-53319 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fa729bc7c9c8c17a2481358c841ef8ca920485d3 (6.5-rc3)
-CVE-2023-53318 [recordmcount: Fix memory leaks in the uwrite function]
+CVE-2023-53318 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/fa359d068574d29e7d2f0fdd0ebe4c6a12b5cfb9 (6.4-rc1)
-CVE-2023-53317 [ext4: fix WARNING in mb_find_extent]
+CVE-2023-53317 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/fa08a7b61dff8a4df11ff1e84abfc214b487caf7 (6.4-rc2)
-CVE-2023-53316 [drm/msm/dp: Free resources after unregistering them]
+CVE-2023-53316 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/fa0048a4b1fa7a50c8b0e514f5b428abdf69a6f8 (6.5-rc1)
-CVE-2023-53315 [wifi: ath11k: Fix SKB corruption in REO destination ring]
+CVE-2023-53315 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f9fff67d2d7ca6fa8066132003a3deef654c55b1 (6.4-rc1)
-CVE-2023-53314 [fbdev/ep93xx-fb: Do not assign to struct fb_info.dev]
+CVE-2023-53314 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f90a0e5265b60cdd3c77990e8105f79aa2fac994 (6.6-rc1)
-CVE-2023-53313 [md/raid10: fix wrong setting of max_corr_read_errors]
+CVE-2023-53313 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f8b20a405428803bd9881881d8242c9d72c6b2b2 (6.5-rc1)
-CVE-2023-53312 [net: fix net_dev_start_xmit trace event vs skb_transport_offset()]
+CVE-2023-53312 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f88fcb1d7d961b4b402d675109726f94db87571c (6.5-rc1)
-CVE-2023-53311 [nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput]
+CVE-2023-53311 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f8654743a0e6909dc634cbfad6db6816f10f3399 (6.5-rc6)
-CVE-2023-53310 [power: supply: axp288_fuel_gauge: Fix external_power_changed race]
+CVE-2023-53310 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f8319774d6f1567d6e7d03653174ab0c82c5c66d (6.4-rc4)
-CVE-2023-53309 [drm/radeon: Fix integer overflow in radeon_cs_parser_init]
+CVE-2023-53309 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f828b681d0cd566f86351c0b913e6cb6ed8c7b9c (6.5-rc1)
-CVE-2023-53308 [net: fec: Better handle pm_runtime_get() failing in .remove()]
+CVE-2023-53308 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f816b9829b19394d318e01953aa3b2721bca040d (6.4-rc3)
-CVE-2023-53307 [rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails]
+CVE-2023-53307 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f7c4d9b133c7a04ca619355574e96b6abf209fba (6.3-rc1)
-CVE-2023-53306 [fsdax: force clear dirty mark if CoW]
+CVE-2023-53306 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f76b3a32879de215ced3f8c754c4077b0c2f79e3 (6.3-rc6)
-CVE-2023-53305 [Bluetooth: L2CAP: Fix use-after-free]
+CVE-2023-53305 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/f752a0b334bb95fe9b42ecb511e0864e2768046f (6.5-rc1)
-CVE-2023-53304 [netfilter: nft_set_rbtree: fix overlap expiration walk]
+CVE-2023-53304 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/f718863aca469a109895cb855e6b81fff4827d71 (6.5-rc4)
-CVE-2022-50352 [net: hns: fix possible memory leak in hnae_ae_register()]
+CVE-2022-50352 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ff2f5ec5d009844ec28f171123f9e58750cef4bf (6.1-rc2)
-CVE-2022-50351 [cifs: Fix xid leak in cifs_create()]
+CVE-2022-50351 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fee0fb1f15054bb6a0ede452acb42da5bef4d587 (6.1-rc2)
-CVE-2022-50350 [scsi: target: iscsi: Fix a race condition between login_work and the login thread]
+CVE-2022-50350 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/fec1b2fa62c162d03f5dcd7b03e3c89d3116d49f (6.2-rc1)
-CVE-2022-50349 [misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()]
+CVE-2022-50349 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/fd2c930cf6a5b9176382c15f9acb1996e76e25ad (6.2-rc1)
-CVE-2022-50348 [nfsd: Fix a memory leak in an error handling path]
+CVE-2022-50348 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/fd1ef88049de09bc70d60b549992524cfc0e66ff (6.1-rc1)
-CVE-2022-50347 [mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()]
+CVE-2022-50347 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/fc38a5a10e9e5a75eb9189854abeb8405b214cc9 (6.2-rc1)
-CVE-2022-50346 [ext4: init quota for 'old.inode' in 'ext4_rename']
+CVE-2022-50346 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/fae381a3d79bb94aa2eb752170d47458d778b797 (6.2-rc1)
-CVE-2022-50345 [NFSD: Protect against send buffer overflow in NFSv3 READ]
+CVE-2022-50345 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.221-1
NOTE: https://git.kernel.org/linus/fa6be9cc6e80ec79892ddf08a8c10cabab9baf38 (6.1-rc1)
-CVE-2022-50344 [ext4: fix null-ptr-deref in ext4_write_info]
+CVE-2022-50344 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/f9c1f248607d5546075d3f731e7607d5571f2b60 (6.1-rc1)
-CVE-2022-50343 [rapidio: fix possible name leaks when rio_add_device() fails]
+CVE-2022-50343 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f9574cd48679926e2a569e1957a5a1bcc8a719ac (6.2-rc1)
-CVE-2022-50342 [floppy: Fix memory leak in do_floppy_init()]
+CVE-2022-50342 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f8ace2e304c5dd8a7328db9cd2b8a4b1b98d83ec (6.2-rc1)
-CVE-2022-50341 [cifs: fix oops during encryption]
+CVE-2022-50341 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f7f291e14dde32a07b1f0aa06921d28f875a7b54 (6.2-rc1)
-CVE-2022-50340 [media: vimc: Fix wrong function called when vimc_init() fails]
+CVE-2022-50340 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/f74d3f326d1d5b8951ce263c59a121ecfa65e7c0 (6.2-rc1)
-CVE-2022-50339 [Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev()]
+CVE-2022-50339 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f74ca25d6d6629ffd4fd80a1a73037253b57d06b (6.1-rc1)
-CVE-2025-10537
+CVE-2025-10537 (Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2 ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10537
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10537
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10537
-CVE-2025-10536
+CVE-2025-10536 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10536
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10536
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10536
-CVE-2025-10535
+CVE-2025-10535 (This vulnerability affects Firefox < 143.)
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10535
-CVE-2025-10534
+CVE-2025-10534 (This vulnerability affects Firefox < 143 and Thunderbird < 143.)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10534
-CVE-2025-10533
+CVE-2025-10533 (This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefo ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10533
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10533
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10533
-CVE-2025-10532
+CVE-2025-10532 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10532
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10532
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10532
-CVE-2025-10531
+CVE-2025-10531 (This vulnerability affects Firefox < 143 and Thunderbird < 143.)
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10531
-CVE-2025-10530
+CVE-2025-10530 (This vulnerability affects Firefox < 143 and Thunderbird < 143.)
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10530
-CVE-2025-10529
+CVE-2025-10529 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10529
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10529
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10529
-CVE-2025-10528
+CVE-2025-10528 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10528
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10528
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10528
-CVE-2025-10527
+CVE-2025-10527 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
- firefox <unfixed>
- firefox-esr <unfixed>
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10527
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10527
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10527
-CVE-2023-53303 [net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule()]
+CVE-2023-53303 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.5.6-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/281f65d29d6da1a9b6907fb0b145aaf34f4e4822 (6.6-rc2)
-CVE-2023-53302 [wifi: iwl4965: Add missing check for create_singlethread_workqueue()]
+CVE-2023-53302 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/26e6775f75517ad6844fe5b79bc5f3fa8c22ee61 (6.3-rc1)
-CVE-2023-53301 [f2fs: fix kernel crash due to null io->bio]
+CVE-2023-53301 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/267c159f9c7bcb7009dae16889b880c5ed8759a8 (6.3-rc1)
-CVE-2023-53300 [media: hi846: Fix memleak in hi846_init_controls()]
+CVE-2023-53300 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2649c1a20e8e399ee955d0e22192f9992662c3d2 (6.4-rc1)
-CVE-2023-53299 [md/raid10: fix leak of 'r10bio->remaining' for recovery]
+CVE-2023-53299 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/26208a7cffd0c7cbf14237ccd20c7270b3ffeb7e (6.4-rc1)
-CVE-2023-53298 [nfc: fix memory leak of se_io context in nfc_genl_se_io]
+CVE-2023-53298 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/25ff6f8a5a3b8dc48e8abda6f013e8cc4b14ffea (6.3-rc1)
-CVE-2023-53297 [Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp]
+CVE-2023-53297 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/25e97f7b1866e6b8503be349eeea44bb52d661ce (6.4-rc1)
-CVE-2023-53296 [sctp: check send stream number after wait_for_sndbuf]
+CVE-2023-53296 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2584024b23552c00d95b50255e47bd18d306d31a (6.3-rc6)
-CVE-2023-53295 [udf: Do not update file length for failed writes to inline files]
+CVE-2023-53295 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/256fe4162f8b5a1625b8603ca5f7ff79725bfb47 (6.3-rc1)
-CVE-2023-53294 [fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()]
+CVE-2023-53294 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/254e69f284d7270e0abdc023ee53b71401c3ba0c (6.4-rc1)
-CVE-2023-53293 [Bluetooth: btrtl: check for NULL in btrtl_set_quirks()]
+CVE-2023-53293 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/253cf30e8d3d001850a95c4729d668f916b037ab (6.4-rc1)
-CVE-2023-53292 [blk-mq: fix NULL dereference on q->elevator in blk_mq_elv_switch_none]
+CVE-2023-53292 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/245165658e1c9f95c0fecfe02b9b1ebd30a1198a (6.5-rc1)
-CVE-2023-53291 [rcu/rcuscale: Stop kfree_scale_thread thread(s) after unloading rcuscale]
+CVE-2023-53291 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/23fc8df26dead16687ae6eb47b0561a4a832e2f6 (6.5-rc1)
-CVE-2023-53290 [samples/bpf: Fix fout leak in hbm's run_bpf_prog]
+CVE-2023-53290 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/23acb14af1914010dd0aae1bbb7fab28bf518b8e (6.4-rc1)
-CVE-2023-53289 [media: bdisp: Add missing check for create_workqueue]
+CVE-2023-53289 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/2371adeab717d8fe32144a84f3491a03c5838cfb (6.4-rc1)
-CVE-2023-53288 [drm/client: Fix memory leak in drm_client_modeset_probe]
+CVE-2023-53288 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/2329cc7a101af1a844fbf706c0724c0baea38365 (6.5-rc3)
-CVE-2023-53287 [usb: cdns3: Put the cdns set active part outside the spin lock]
+CVE-2023-53287 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/2319b9c87fe243327285f2fefd7374ffd75a65fc (6.6-rc1)
-CVE-2023-53286 [RDMA/mlx5: Return the firmware result upon destroying QP/RQ]
+CVE-2023-53286 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/22664c06e997087fe37f9ba208008c948571214a (6.5-rc1)
-CVE-2023-53285 [ext4: add bounds checking in get_max_inline_xattr_value_size()]
+CVE-2023-53285 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/2220eaf90992c11d888fe771055d4de330385f01 (6.4-rc2)
-CVE-2023-53284 [drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init()]
+CVE-2023-53284 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/21e9a838f505178e109ccb3bf19d7808eb0326f4 (6.3-rc1)
CVE-2023-53283
REJECTED
-CVE-2023-53282 [scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write]
+CVE-2023-53282 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/21681b81b9ae548c5dae7ae00d931197a27f480c (6.3-rc1)
-CVE-2023-53281 [drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler()]
+CVE-2023-53281 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/215792eda008f6a1e7ed9d77fa20d582d22bb114 (6.4-rc1)
-CVE-2023-53280 [scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue]
+CVE-2023-53280 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/20fce500b232b970e40312a9c97e7f3b6d7a709c (6.5-rc1)
-CVE-2023-53279 [misc: vmw_balloon: fix memory leak with using debugfs_lookup()]
+CVE-2023-53279 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/209cdbd07cfaa4b7385bad4eeb47e5ec1887d33d (6.3-rc1)
-CVE-2023-53278 [ubifs: Fix memory leak in ubifs_sysfs_init()]
+CVE-2023-53278 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/203a55f04f66eea1a1ca7e5a302a7f5c99c62327 (6.3-rc1)
-CVE-2023-53277 [wifi: iwl3945: Add missing check for create_singlethread_workqueue]
+CVE-2023-53277 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1fdeb8b9f29dfd64805bb49475ac7566a3cb06cb (6.3-rc1)
-CVE-2023-53276 [ubifs: Free memory for tmpfile name]
+CVE-2023-53276 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/1fb815b38bb31d6af9bd0540b8652a0d6fe6cfd3 (6.4-rc1)
-CVE-2023-53275 [ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync()]
+CVE-2023-53275 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/1f4a08fed450db87fbb5ff5105354158bdbe1a22 (6.5-rc1)
-CVE-2023-53274 [clk: mediatek: mt8183: Add back SSPM related clocks]
+CVE-2023-53274 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1eb8d61ac5c9c7ec56bb96d433532807509b9288 (6.5-rc5)
-CVE-2023-53273 [Drivers: vmbus: Check for channel allocation before looking up relids]
+CVE-2023-53273 (In the Linux kernel, the following vulnerability has been resolved: D ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1eb65c8687316c65140b48fad27133d583178e15 (6.3-rc6)
-CVE-2023-53272 [net: ena: fix shift-out-of-bounds in exponential backoff]
+CVE-2023-53272 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/1e9cb763e9bacf0c932aa948f50dcfca6f519a26 (6.5-rc2)
-CVE-2023-53271 [ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()]
+CVE-2023-53271 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1e591ea072df7211f64542a09482b5f81cb3ad27 (6.3-rc1)
-CVE-2023-53270 [ext4: fix i_disksize exceeding i_size problem in paritally written case]
+CVE-2023-53270 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/1dedde690303c05ef732b7c5c8356fdf60a4ade3 (6.4-rc1)
-CVE-2023-53269 [block: ublk: make sure that block size is set correctly]
+CVE-2023-53269 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1d1665279a845d16c93687389e364386e3fe0f38 (6.3-rc6)
-CVE-2023-53268 [ASoC: fsl_mqs: move of_node_put() to the correct location]
+CVE-2023-53268 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/1c34890273a020d61d6127ade3f68ed1cb21c16a (6.4-rc1)
-CVE-2023-53267 [driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event()]
+CVE-2023-53267 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1bea534991b9b35c41848a397666ada436456beb (6.3-rc1)
-CVE-2023-53266 [arm64: acpi: Fix possible memory leak of ffh_ctxt]
+CVE-2023-53266 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1b561d3949f8478c5403c9752b5533211a757226 (6.3-rc1)
-CVE-2023-53265 [ubi: ensure that VID header offset + VID header size <= alloc, size]
+CVE-2023-53265 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1b42b1a36fc946f0d7088425b90d491b4257ca3e (6.3-rc1)
-CVE-2023-53264 [clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe]
+CVE-2023-53264 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1b280598ab3bd8a2dc8b96a12530d5b1ee7a8f4a (6.5-rc1)
-CVE-2023-53263 [drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create]
+CVE-2023-53263 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -2665,7 +3089,7 @@ CVE-2025-56413 (OS Command injection vulnerability in function OperateSSH in 1pa
NOT-FOR-US: 1panel
CVE-2025-56407 (A vulnerability has been found in HuangDou UTCMS V9 and classified as ...)
NOT-FOR-US: HuangDou UTCMS
-CVE-2025-56406 (An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to gain ...)
+CVE-2025-56406 (An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to obtai ...)
NOT-FOR-US: mcp-neo4j
CVE-2025-56405 (An issue was discovered in litmusautomation litmus-mcp-server thru 0.0 ...)
NOT-FOR-US: litmusautomation litmus-mcp-server
@@ -8130,7 +8554,7 @@ CVE-2025-9255 (WebITR developed by Uniong has a SQL Injection vulnerability, all
NOT-FOR-US: WebITR
CVE-2025-9254 (WebITR developed by Uniong has a Missing Authentication vulnerability, ...)
NOT-FOR-US: WebITR
-CVE-2025-6791 (On the monitoring event logs page, it is possible to alter the http re ...)
+CVE-2025-6791 (In the monitoring event logs page, it is possible to alter the http re ...)
NOT-FOR-US: Centreon
CVE-2025-57896 (Missing Authorization vulnerability in andy_moyle Church Admin allows ...)
NOT-FOR-US: WordPress plugin or theme
@@ -8841,7 +9265,7 @@ CVE-2025-XXXX [OSSN-0094]
NOTE: default policy is only possible to create the inconsistent state described in
NOTE: the OSSN-0094 if one has admin rights on the relevant OpenStack project.
CVE-2025-9288 (Improper Input Validation vulnerability in sha.js allows Input Data Ma ...)
- {DLA-4302-1}
+ {DSA-6002-1 DLA-4302-1}
- node-sha.js 2.4.12+~3.0.5-1 (bug #1111769)
NOTE: https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5
NOTE: https://github.com/browserify/sha.js/pull/78
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b257dad65e68087559632a9c6aebd8ff340f6c97
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b257dad65e68087559632a9c6aebd8ff340f6c97
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250916/992dd2f4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list