Search

Search Results (364285 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-26800 1 Linux 1 Linux Kernel 2025-12-11 7.8 High
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed. If one of them fails, tls_do_decryption will return -EBADMSG and tls_decrypt_sg jumps to the error path, releasing all the pages. But the pages have been passed to the async callback, and have already been released by tls_decrypt_done. The only true async case is when crypto_aead_decrypt returns -EINPROGRESS. With -EBUSY, we already waited so we can tell tls_sw_recvmsg that the data is available for immediate copy, but we need to notify tls_decrypt_sg (via the new ->async_done flag) that the memory has already been released.
CVE-2023-5197 2 Debian, Linux 2 Debian Linux, Linux Kernel 2025-12-11 7.8 High
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Addition and removal of rules from chain bindings within the same transaction causes leads to use-after-free. We recommend upgrading past commit f15f29fd4779be8a418b66e9d52979bb6d6c2325.
CVE-2025-64086 1 Pdf-xchange 1 Pdf-xchange Editor 2025-12-11 6.5 Medium
A NULL pointer dereference vulnerability in the util.readFileIntoStream component of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-63721 1 Hummerrisk 1 Hummerrisk 2025-12-11 9.8 Critical
HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server.
CVE-2025-59390 1 Apache 1 Druid 2025-12-11 9.8 Critical
Apache Druid’s Kerberos authenticator uses a weak fallback secret when the `druid.auth.authenticator.kerberos.cookieSignatureSecret` configuration is not explicitly set. In this case, the secret is generated using `ThreadLocalRandom`, which is not a crypto-graphically secure random number generator. This may allow an attacker to predict or brute force the secret used to sign authentication cookies, potentially enabling token forgery or authentication bypass. Additionally, each process generates its own fallback secret, resulting in inconsistent secrets across nodes. This causes authentication failures in distributed or multi-broker deployments, effectively leading to a incorrectly configured clusters. Users are advised to configure a strong `druid.auth.authenticator.kerberos.cookieSignatureSecret` This issue affects Apache Druid: through 34.0.0. Users are recommended to upgrade to version 35.0.0, which fixes the issue making it mandatory to set `druid.auth.authenticator.kerberos.cookieSignatureSecret` when using the Kerberos authenticator. Services will fail to come up if the secret is not set.
CVE-2021-4156 3 Debian, Libsndfile Project, Redhat 3 Debian Linux, Libsndfile, Enterprise Linux 2025-12-11 7.1 High
An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws.
CVE-2023-7096 1 Carmelogarcia 1 Faculty Management System 2025-12-11 4.7 Medium
A flaw has been found in code-projects Faculty Management System 1.0. The affected element is an unknown function of the file /admin/php/crud.php. This manipulation of the argument fieldname/tablename causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
CVE-2025-67694 2025-12-11 N/A
Not used
CVE-2025-67693 2025-12-11 N/A
Not used
CVE-2025-67692 2025-12-11 N/A
Not used
CVE-2025-67691 2025-12-11 N/A
Not used
CVE-2025-67690 2025-12-11 N/A
Not used
CVE-2025-67689 2025-12-11 N/A
Not used
CVE-2025-67688 2025-12-11 N/A
Not used
CVE-2025-67687 2025-12-11 N/A
Not used
CVE-2025-67686 2025-12-11 N/A
Not used
CVE-2025-67514 2025-12-11 N/A
Vulnerability is dependency-based.
CVE-2025-67512 2025-12-11 N/A
The vulnerability is dependency-based.
CVE-2025-66581 1 Frappe 3 Frappe, Frappe Lms, Learning 2025-12-11 6.5 Medium
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.41.0, a flaw in the server-side authorization logic allowed authenticated users to perform actions beyond their assigned roles across multiple features. Because the affected endpoints relied on client-side or UI-level checks instead of enforcing permissions on the server, users with low-privileged roles (such as students) could perform operations intended only for instructors or administrators via directly using the API's. This vulnerability is fixed in 2.41.0.
CVE-2025-14225 2 D-link, Dlink 3 Dcs-930l, Dcs-930l, Dcs-930l Firmware 2025-12-11 6.3 Medium
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.