Export limit exceeded: 365162 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365162 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-50313 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: erofs: fix order >= MAX_ORDER warning due to crafted negative i_size As syzbot reported [1], the root cause is that i_size field is a signed type, and negative i_size is also less than EROFS_BLKSIZ. As a consequence, it's handled as fast symlink unexpectedly. Let's fall back to the generic path to deal with such unusual i_size. [1] https://lore.kernel.org/r/000000000000ac8efa05e7feaa1f@google.com | ||||
| CVE-2022-50317 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911505] i2c-core: driver [stdp2690-ge-b850v3-fw] unregistered [ 31.912484] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI [ 31.913338] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] [ 31.915280] RIP: 0010:drm_bridge_remove+0x97/0x130 [ 31.921825] Call Trace: [ 31.922533] stdp4028_ge_b850v3_fw_remove+0x34/0x60 [megachips_stdpxxxx_ge_b850v3_fw] [ 31.923139] i2c_device_remove+0x181/0x1f0 The two bridges (stdp2690, stdp4028) do not probe at the same time, so the driver does not call ge_b850v3_resgiter() when probing, causing the driver to try to remove the object that has not been initialized. Fix this by checking whether both the bridges are probed. | ||||
| CVE-2022-50318 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox() pci_get_device() will increase the reference count for the returned 'dev'. We need to call pci_dev_put() to decrease the reference count. Since 'dev' is only used in pci_read_config_dword(), let's add pci_dev_put() right after it. | ||||
| CVE-2022-50319 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: remove cpuhp instance node before remove cpuhp state cpuhp_state_add_instance() and cpuhp_state_remove_instance() should be used in pairs. Or there will lead to the warn on cpuhp_remove_multi_state() since the cpuhp_step list is not empty. The following is the error log with 'rmmod coresight-trbe': Error: Removing state 215 which has instances left. Call trace: __cpuhp_remove_state_cpuslocked+0x144/0x160 __cpuhp_remove_state+0xac/0x100 arm_trbe_device_remove+0x2c/0x60 [coresight_trbe] platform_remove+0x34/0x70 device_remove+0x54/0x90 device_release_driver_internal+0x1e4/0x250 driver_detach+0x5c/0xb0 bus_remove_driver+0x64/0xc0 driver_unregister+0x3c/0x70 platform_driver_unregister+0x20/0x30 arm_trbe_exit+0x1c/0x658 [coresight_trbe] __arm64_sys_delete_module+0x1ac/0x24c invoke_syscall+0x50/0x120 el0_svc_common.constprop.0+0x58/0x1a0 do_el0_svc+0x38/0xd0 el0_svc+0x2c/0xc0 el0t_64_sync_handler+0x1ac/0x1b0 el0t_64_sync+0x19c/0x1a0 ---[ end trace 0000000000000000 ]--- | ||||
| CVE-2017-1303 | 1 Ibm | 1 Websphere Portal | 2025-12-04 | 6.1 Medium |
| IBM WebSphere Portal and Web Content Manager 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125457. | ||||
| CVE-2017-13689 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print(). | ||||
| CVE-2017-13688 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print(). | ||||
| CVE-2017-13687 | 3 Debian, Redhat, Tcpdump | 3 Debian Linux, Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print(). | ||||
| CVE-2017-13055 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv(). | ||||
| CVE-2017-13054 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_private_8023_print(). | ||||
| CVE-2017-13053 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info(). | ||||
| CVE-2017-13050 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The RPKI-Router parser in tcpdump before 4.9.2 has a buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print(). | ||||
| CVE-2017-13048 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | ||||
| CVE-2017-13047 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print(). | ||||
| CVE-2017-13045 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The VQP parser in tcpdump before 4.9.2 has a buffer over-read in print-vqp.c:vqp_print(). | ||||
| CVE-2017-13041 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print(). | ||||
| CVE-2017-13040 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions. | ||||
| CVE-2017-13038 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp(). | ||||
| CVE-2025-64511 | 2 1panel, Maxkb | 2 Maxkb, Maxkb | 2025-12-04 | 7.4 High |
| MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python code in the tool module, although the process runs in a sandbox. Version 2.3.1 fixes the issue. | ||||
| CVE-2022-50322 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. msc313_rtc_probe() was passing clk_disable_unprepare() directly, which did not have matching prototypes for devm_add_action_or_reset()'s callback argument. Refactor to use devm_clk_get_enabled() instead. This was found as a result of Clang's new -Wcast-function-type-strict flag, which is more sensitive than the simpler -Wcast-function-type, which only checks for type width mismatches. | ||||