scip AG [Security - Consulting - Information - Process]

CVE-2024-13454 | OpenVPN Easy-RSA up to 3.1.7 Private CA Key inadequate encryption

20.01.2025 22:57

A vulnerability has been found in OpenVPN Easy-RSA up to 3.1.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Private CA Key Handler. The ma...

CVE-2024-10936 | String Locator Plugin up to 2.6.6 on WordPress code injection

20.01.2025 20:32

A vulnerability, which was classified as critical, was found in String Locator Plugin up to 2.6.6 on WordPress. Affected is an unknown function. The manipulation leads to code injection. This vulnera...

CVE-2024-22349 | IBM UrbanCode Velocity/DevOps Velocity web browser cache containing sensitive information

20.01.2025 20:31

A vulnerability, which was classified as problematic, has been found in IBM UrbanCode Velocity and DevOps Velocity. This issue affects some unknown processing. The manipulation leads to use of web bro...

CVE-2025-23214 | azukaar Cosmos-Server up to 0.17.6 observable response discrepancy (GHSA-5843-2p4f-57fh)

20.01.2025 20:31

A vulnerability classified as problematic was found in azukaar Cosmos-Server up to 0.17.6. This vulnerability affects unknown code. The manipulation leads to observable response discrepancy. This vul...

CVE-2025-23221 | dahlia fedify up to 1.0.13/1.1.10/1.2.10/1.3.3 infinite loop (GHSA-c59p-wq67-24wx)

20.01.2025 20:30

A vulnerability classified as problematic has been found in dahlia fedify up to 1.0.13/1.1.10/1.2.10/1.3.3. This affects an unknown part. The manipulation leads to infinite loop. This vulnerability i...

CVE-2024-22347 | IBM UrbanCode Velocity/DevOps Velocity up to 4.0.25 risky encryption

20.01.2025 20:29

A vulnerability was found in IBM UrbanCode Velocity and DevOps Velocity up to 4.0.25. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to ...

CVE-2024-22348 | IBM UrbanCode Velocity/DevOps Velocity Trusted Domain cross-domain policy

20.01.2025 20:28

A vulnerability was found in IBM UrbanCode Velocity and DevOps Velocity. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Trusted Domain...

CVE-2025-24013 | CodeIgniter up to 4.5.7 Header Validation interpretation conflict (GHSA-x5mq-jjr3-vmx6)

20.01.2025 20:28

A vulnerability was found in CodeIgniter up to 4.5.7. It has been classified as problematic. Affected is an unknown function of the component Header Validation Handler. The manipulation leads to inter...

CVE-2025-23219 | LabRedesCefetRJ WeGIA up to 3.2.9 adicionar_cor.php sql injection

20.01.2025 17:15

A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.2.9 and classified as critical. This issue affects some unknown processing of the file adicionar_cor.php. The manipulation leads to sql injec...

CVE-2025-23218 | LabRedesCefetRJ WeGIA up to 3.2.9 adicionar_especie.php sql injection

20.01.2025 17:14

A vulnerability has been found in LabRedesCefetRJ WeGIA up to 3.2.9 and classified as critical. This vulnerability affects unknown code of the file adicionar_especie.php. The manipulation leads to sql...

CVE-2025-23220 | LabRedesCefetRJ WeGIA up to 3.2.9 adicionar_raca.php sql injection

20.01.2025 17:14

A vulnerability, which was classified as critical, was found in LabRedesCefetRJ WeGIA up to 3.2.9. This affects an unknown part of the file adicionar_raca.php. The manipulation leads to sql injection....

CVE-2025-23044 | PwnDoc POST Request cross-site request forgery

20.01.2025 17:06

A vulnerability, which was classified as problematic, has been found in PwnDoc. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation leads to cr...

CVE-2025-24010 | vitejs vite up to 4.5.5/5.4.11/6.0.8 origin validation

20.01.2025 17:05

A vulnerability classified as problematic was found in vitejs vite up to 4.5.5/5.4.11/6.0.8. Affected by this vulnerability is an unknown functionality. The manipulation leads to origin validation err...

CVE-2024-51738 | LizardByte Sunshine 0.16/0.17/0.18.0/0.23.0 authentication bypass

20.01.2025 17:05

A vulnerability classified as critical has been found in LizardByte Sunshine 0.16/0.17/0.18.0/0.23.0. Affected is an unknown function. The manipulation leads to authentication bypass by primary weakne...

CVE-2025-23184 | Apache CXF up to 3.5.9/3.6.4/4.0.5 Temporary Files denial of service

20.01.2025 17:04

A vulnerability was found in Apache CXF up to 3.5.9/3.6.4/4.0.5. It has been rated as problematic. This issue affects some unknown processing of the component Temporary Files Handler. The manipulation...

CVE-2025-22620 | GitoxideLabs gitoxide up to 0.16.x Executable File permissions

20.01.2025 16:59

A vulnerability was found in GitoxideLabs gitoxide up to 0.16.x. It has been declared as critical. This vulnerability affects unknown code of the component Executable File Handler. The manipulation le...

CVE-2025-22131 | PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5 generateNavigation cross site scripting

20.01.2025 16:50

A vulnerability was found in PHPOffice PhpSpreadsheet up to 1.29.7/2.1.6/2.3.5. It has been classified as problematic. This affects the function generateNavigation. The manipulation leads to cross sit...

CVE-2024-13536 | 1003 Mortgage Application Plugin up to 1.87 on WordPress information disclosure

20.01.2025 16:40

A vulnerability was found in 1003 Mortgage Application Plugin up to 1.87 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to inf...

CVE-2024-45647 | IBM Security Verify Access up to 10.0.8 unverified password change

20.01.2025 16:39

A vulnerability has been found in IBM Security Verify Access and Security Verify Access Docker up to 10.0.8 and classified as problematic. Affected by this vulnerability is an unknown functionality. T...

CVE-2022-4975 | Red Hat Advanced Cluster Security Portal /main/configmanagement/ cross site scripting

20.01.2025 15:24

A vulnerability, which was classified as problematic, was found in Red Hat Advanced Cluster Security. Affected is an unknown function of the file /main/configmanagement/ of the component Portal. The m...

CVE-2025-0568 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser denial of service

20.01.2025 15:21

A vulnerability, which was classified as problematic, has been found in Sante PACS Server 3.0.4/3.3.7. This issue affects some unknown processing of the component DCM File Parser. The manipulation lea...

CVE-2025-0570 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser denial of service

20.01.2025 15:20

A vulnerability classified as problematic was found in Sante PACS Server 3.0.4/3.3.7. This vulnerability affects unknown code of the component DCM File Parser. The manipulation leads to denial of serv...

CVE-2025-0571 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser denial of service

20.01.2025 15:20

A vulnerability classified as problematic has been found in Sante PACS Server 3.0.4/3.3.7. This affects an unknown part of the component DCM File Parser. The manipulation leads to denial of service. ...

CVE-2025-0569 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser denial of service

20.01.2025 15:20

A vulnerability was found in Sante PACS Server 3.0.4/3.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the component DCM File Parser. The manipulation le...

CVE-2025-0573 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser path traversal

20.01.2025 15:20

A vulnerability was found in Sante PACS Server 3.0.4/3.3.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component DCM File Parser. The manipulat...

CVE-2025-0572 | Sante PACS Server 3.0.4/3.3.7 DCM File Parser path traversal

20.01.2025 15:20

A vulnerability was found in Sante PACS Server 3.0.4/3.3.7. It has been classified as critical. Affected is an unknown function of the component DCM File Parser. The manipulation leads to path travers...

CVE-2025-0574 | Sante PACS Server 3.0.4/3.3.7 denial of service

20.01.2025 15:19

A vulnerability was found in Sante PACS Server 3.0.4/3.3.7 and classified as problematic. This issue affects some unknown processing. The manipulation leads to denial of service. The identification o...

CVE-2025-21655 | Linux Kernel up to 6.1.124/6.6.71/6.12.9 eventfd io_eventfd_signal reference count

20.01.2025 15:18

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9 and classified as critical. This vulnerability affects the function io_eventfd_signal of the component eventfd. The manipulat...

CVE-2024-13176 | OpenSSL up to 3.4.0 ECDSA Signature covert timing channel

20.01.2025 15:14

A vulnerability, which was classified as problematic, was found in OpenSSL up to 3.4.0. This affects an unknown part of the component ECDSA Signature Handler. The manipulation leads to covert timing c...

CVE-2025-24337 | WriteFreely up to 0.15.1 config.ini information disclosure

20.01.2025 15:13

A vulnerability, which was classified as problematic, has been found in WriteFreely up to 0.15.1. Affected by this issue is some unknown functionality of the file config.ini. The manipulation leads to...

CVE-2025-0479 | CP Plus CP-XR-DE21-S Router DE21_S_india_hx806_1.057.043_0023 cookie httponly flag (CIVN-2025-0005)

20.01.2025 12:57

A vulnerability classified as problematic was found in CP Plus CP-XR-DE21-S Router DE21_S_india_hx806_1.057.043_0023. Affected by this vulnerability is an unknown functionality. The manipulation leads...

CVE-2023-52923 | Linux Kernel up to 6.4.10 netfilter nf_tables use after free

20.01.2025 12:36

A vulnerability classified as critical has been found in Linux Kernel up to 6.4.10. Affected is the function nf_tables of the component netfilter. The manipulation leads to use after free. This vulne...

CVE-2025-0577 | GNU glibc up to 2.40 arc4random random values

20.01.2025 10:53

A vulnerability was found in GNU glibc up to 2.40. It has been rated as problematic. This issue affects the function arc4random. The manipulation leads to insufficiently random values. The identifica...

CVE-2025-0590 | Tecno com.transsion.carlcare 6.2.8.1 Setting permission assignment

20.01.2025 08:09

A vulnerability was found in Tecno com.transsion.carlcare 6.2.8.1. It has been declared as problematic. This vulnerability affects unknown code of the component Setting Handler. The manipulation leads...

CVE-2025-0411 | 7-zip up to 24.07 Mark-of-the-Web protection mechanism

20.01.2025 08:04

A vulnerability was found in 7-zip. It has been classified as problematic. This affects an unknown part of the component Mark-of-the-Web. The manipulation leads to protection mechanism failure. This ...

CVE-2025-0584 | aEnrich Technology a+HRD up to 7.5 server-side request forgery

20.01.2025 07:57

A vulnerability was found in aEnrich Technology a+HRD up to 7.5 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to server-side request forgery....

CVE-2025-0583 | aEnrich Technology a+HRD up to 7.5 cross site scripting

20.01.2025 07:57

A vulnerability has been found in aEnrich Technology a+HRD up to 7.5 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scr...

CVE-2025-0585 | aEnrich Technology a+HRD up to 7.5 sql injection

20.01.2025 07:57

A vulnerability, which was classified as critical, was found in aEnrich Technology a+HRD up to 7.5. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is tra...

CVE-2025-0586 | aEnrich Technology a+HRD up to 7.5 deserialization

20.01.2025 07:57

A vulnerability, which was classified as critical, has been found in aEnrich Technology a+HRD up to 7.5. This issue affects some unknown processing. The manipulation leads to deserialization. The ide...

CVE-2025-0582 | itsourcecode Farm Management System up to 1.0 /add-pig.php pigphoto unrestricted upload

19.01.2025 21:05

A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pi...

CVE-2025-0581 | CampCodes School Management Software 1.0 Chat History /chat/group/send message cross site scripting

19.01.2025 21:03

A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manip...

CVE-2025-0580 | Shiprocket Module 3 on OpenCart REST API Module rest_api&action=getOrders contentHash authorization

19.01.2025 20:59

A vulnerability was found in Shiprocket Module 3 on OpenCart. It has been rated as critical. Affected by this issue is some unknown functionality of the file /index.php?route=extension/module/rest_api...

CVE-2025-0579 | Shiprocket Module 3/4 on OpenCart REST API Module restapi x-username sql injection

19.01.2025 20:59

A vulnerability was found in Shiprocket Module 3/4 on OpenCart. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php?route=extension/ship...

CVE-2025-0578 | Facile Sistemas Cloud Apps up to 20250107 Password Reset /account/forgotpassword reterros cross site scripting

19.01.2025 20:52

A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. It has been classified as problematic. Affected is an unknown function of the file /account/forgotpassword of the component Pass...

CVE-2024-41743 | IBM TXSeries for Multiplatforms 10.1 Persistent Connection allocation of resources

19.01.2025 17:13

A vulnerability was found in IBM TXSeries for Multiplatforms 10.1 and classified as critical. This issue affects some unknown processing of the component Persistent Connection Handler. The manipulatio...

CVE-2024-38337 | IBM Sterling Secure Proxy up to 6.2.0.0 permission assignment

19.01.2025 17:08

A vulnerability has been found in IBM Sterling Secure Proxy up to 6.2.0.0 and classified as very critical. This vulnerability affects unknown code. The manipulation leads to incorrect permission assig...

CVE-2024-41783 | IBM Sterling Secure Proxy up to 6.2.0.0 os command injection

19.01.2025 17:08

A vulnerability, which was classified as critical, was found in IBM Sterling Secure Proxy up to 6.2.0.0. This affects an unknown part. The manipulation leads to os command injection. This vulnerabili...

CVE-2024-41742 | IBM TXSeries for Multiplatforms 10.1 allocation of resources

19.01.2025 17:07

A vulnerability, which was classified as critical, has been found in IBM TXSeries for Multiplatforms 10.1. Affected by this issue is some unknown functionality. The manipulation leads to allocation of...

CVE-2024-57926 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 use after free

19.01.2025 13:26

A vulnerability classified as critical was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. Th...

CVE-2024-57925 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 smb2_send_interim_resp return value

19.01.2025 13:26

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is the function smb2_send_interim_resp. The manipulation leads to unchecked retu...

CVE-2024-57919 | Linux Kernel up to 6.12.9/6.13-rc6 AMD Display drm_calc_scale divide by zero

19.01.2025 13:26

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been rated as critical. This issue affects the function drm_calc_scale of the component AMD Display. The manipulation leads to d...

CVE-2024-57928 | Linux Kernel up to 6.12.9/6.13-rc6 netfs_read_to_pagecache buffer overflow

19.01.2025 13:26

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been declared as critical. This vulnerability affects the function netfs_read_to_pagecache. The manipulation leads to buffer ove...

CVE-2024-57927 | Linux Kernel up to 6.12.9/6.13-rc6 nfs_netfs_init_request information disclosure

19.01.2025 13:26

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been classified as problematic. This affects the function nfs_netfs_init_request. The manipulation leads to information disclosu...

CVE-2024-57924 | Linux Kernel up to 6.12.9/6.13-rc6 encode_fh encoding error

19.01.2025 13:26

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as problematic. Affected by this issue is the function encode_fh. The manipulation leads to encoding error. This vulnera...

CVE-2024-57922 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 AMD Display dcn_bw_ceil2 divide by zero

19.01.2025 13:26

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as critical. Affected by this vulnerability is the function dcn_bw_ceil2 of the component AMD Display...

CVE-2024-57917 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 lib/kasprintf.c kvasprintf return value

19.01.2025 13:25

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is the function kvasprintf in the library lib/kasprintf.c. The manipulati...

CVE-2024-57916 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 GPIO IRQ generic_handle_irq denial of service

19.01.2025 13:25

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This issue affects the function generic_handle_irq of the component GPIO IRQ Han...

CVE-2024-57921 | Linux Kernel up to 6.12.9/6.13-rc6 AMD GPU race condition

19.01.2025 13:25

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.9/6.13-rc6. This vulnerability affects unknown code of the component AMD GPU. The manipulation leads to race condition. ...

CVE-2024-57914 | Linux Kernel up to 6.12.9/6.13-rc6 tcpci_irq null pointer dereference

19.01.2025 13:25

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.9/6.13-rc6. This affects the function tcpci_irq. The manipulation leads to null pointer dereference. This vulnerabilit...

CVE-2024-57920 | Linux Kernel up to 6.12.9/6.13-rc1 amdkfd kfd_process_wq_release initialization

19.01.2025 13:25

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc1. It has been rated as problematic. Affected by this issue is the function kfd_process_wq_release of the component amdkfd. The manipulati...

CVE-2024-57929 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 /dev/sdc dm_bm_read_lock initialization

19.01.2025 13:25

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been declared as problematic. Affected by this vulnerability is the function dm_bm_read_lock of the file /dev/sdc...

CVE-2024-57915 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 u_serial null pointer dereference

19.01.2025 13:25

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been classified as problematic. Affected is an unknown function of the component u_serial. The manipulation leads...

CVE-2024-57918 | Linux Kernel up to 6.12.9/6.13-rc6 AMD Display memory corruption

19.01.2025 13:25

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as critical. This issue affects some unknown processing of the component AMD Display. The manipulation leads to memory co...

CVE-2024-57923 | Linux Kernel up to 6.12.9/6.13-rc6 zlib_compress_folios denial of service

19.01.2025 13:25

A vulnerability has been found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as critical. This vulnerability affects the function zlib_compress_folios. The manipulation leads to denial of servi...

CVE-2024-57912 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 information disclosure

19.01.2025 13:23

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This affects an unknown part. The manipulation leads to information disclosure. T...

CVE-2024-57910 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 regmap_read information disclosure

19.01.2025 13:23

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected by this issue is the function regmap_read. The manipulation leads to...

CVE-2024-57909 | Linux Kernel up to 6.12.9/6.13-rc6 iio_for_each_active_channel information disclosure

19.01.2025 13:23

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.9/6.13-rc6. Affected by this vulnerability is the function iio_for_each_active_channel. The manipulation leads to informa...

CVE-2024-57908 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 iio_for_each_active_channel information disclosure

19.01.2025 13:22

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is the function iio_for_each_active_channel. The manipulation leads to informati...

CVE-2024-57907 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 iio_for_each_active_channel information disclosure

19.01.2025 13:22

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been rated as problematic. This issue affects the function iio_for_each_active_channel. The manipulation leads to informa...

CVE-2024-57906 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 iio_for_each_active_channel information disclosure

19.01.2025 13:22

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been declared as problematic. This vulnerability affects the function iio_for_each_active_channel. The manipulati...

CVE-2024-57905 | Linux Kernel up to 6.12.9/6.13-rc6 information disclosure

19.01.2025 13:22

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been classified as problematic. This affects an unknown part. The manipulation leads to information disclosure. This vulnerabil...

CVE-2024-57911 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 iio_simply_dummy_buffer information disclosure

19.01.2025 13:22

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as problematic. Affected by this issue is the function iio_simply_dummy_buffer. The manipulation leads to ...

CVE-2024-57904 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 input_free_device allocation of resources

19.01.2025 13:22

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as problematic. Affected by this vulnerability is the function input_free_device. The manipulation le...

CVE-2025-21650 | Linux Kernel up to 6.12.9/6.13-rc6 hclge_fetch_pf_reg initialization

19.01.2025 13:22

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.9/6.13-rc6. Affected is the function hclge_fetch_pf_reg. The manipulation leads to improper initialization. ...

CVE-2025-21648 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 __kvmalloc_node_noprof Privilege Escalation

19.01.2025 13:22

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This issue affects the function __kvmalloc_node_noprof. The manipulation lead...

CVE-2025-21643 | Linux Kernel up to 6.12.9/6.13-rc6 netfs_extract_user_iter buffer overflow

19.01.2025 13:22

A vulnerability classified as critical was found in Linux Kernel up to 6.12.9/6.13-rc6. This vulnerability affects the function netfs_extract_user_iter. The manipulation leads to buffer overflow. Thi...

CVE-2025-21633 | Linux Kernel up to 6.12.9/6.13-rc6 sqpoll thread_group_cputime use after free

19.01.2025 13:22

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.9/6.13-rc6. This affects the function thread_group_cputime of the component sqpoll. The manipulation leads to use after...

CVE-2024-57913 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 usb_ffs_open_thread denial of service

19.01.2025 13:21

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been rated as critical. Affected by this issue is the function usb_ffs_open_thread. The manipulation leads to den...

CVE-2025-21632 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 fpu buffer overflow

19.01.2025 13:17

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component fpu. The manipulat...

CVE-2025-21652 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 ipvlan ipvlan_get_iflink use after free

19.01.2025 13:17

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been classified as critical. Affected is the function ipvlan_get_iflink of the component ipvlan. The manipulation leads t...

CVE-2025-21651 | Linux Kernel up to 6.12.9/6.13-rc6 hns3 Privilege Escalation

19.01.2025 13:16

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6 and classified as problematic. This issue affects some unknown processing of the component hns3. The manipulation leads to Privilege Esc...

CVE-2025-21647 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 sch_cake out-of-bounds

19.01.2025 13:16

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as problematic. This vulnerability affects unknown code of the component sch_cake. The manipulation l...

CVE-2025-21646 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 afs /proc/net/afs/ Privilege Escalation

19.01.2025 13:16

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This affects an unknown part of the file /proc/net/afs/ of the component afs. The ...

CVE-2025-21641 | Linux Kernel up to 6.12.9/6.13-rc6 sysctl null pointer dereference

19.01.2025 13:16

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.9/6.13-rc6. Affected by this issue is some unknown functionality of the component sysctl. The manipulation ...

CVE-2025-21640 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 cookie_hmac_alg null pointer dereference

19.01.2025 13:16

A vulnerability classified as critical was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected by this vulnerability is an unknown functionality of the component cookie_hmac_alg. The ...

CVE-2025-21639 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 sysctl null pointer dereference

19.01.2025 13:16

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. Affected is an unknown function of the component sysctl. The manipulation leads to null poin...

CVE-2025-21654 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 ovl encoding error

19.01.2025 13:15

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been rated as problematic. This issue affects some unknown processing of the component ovl. The manipulation leads to enc...

CVE-2025-21653 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 net_sched net/sched/cls_flow.c out-of-bounds

19.01.2025 13:15

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been declared as problematic. This vulnerability affects unknown code of the file net/sched/cls_flow.c of the com...

CVE-2025-21638 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 sysctl null pointer dereference

19.01.2025 13:04

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. It has been classified as critical. This affects an unknown part of the component sysctl. The manipulation leads to null...

CVE-2025-21637 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 sysctl null pointer dereference

19.01.2025 13:04

A vulnerability was found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as critical. Affected by this issue is some unknown functionality of the component sysctl. The manipulatio...

CVE-2025-21636 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 sctp null pointer dereference

19.01.2025 13:04

A vulnerability has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 and classified as critical. Affected by this vulnerability is an unknown functionality of the component sctp. The ma...

CVE-2025-21635 | Linux Kernel up to 6.12.9/6.13-rc6 null pointer dereference

19.01.2025 13:04

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.9/6.13-rc6. Affected is an unknown function. The manipulation leads to null pointer dereference. This vulnerabi...

CVE-2025-21631 | Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6 block bfq_split_bfqq use after free

19.01.2025 13:03

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.1.124/6.6.71/6.12.9/6.13-rc6. This issue affects the function bfq_split_bfqq of the component block. The manip...

CVE-2025-21649 | Linux Kernel up to 6.12.9/6.13-rc6 hns3 null pointer dereference

19.01.2025 13:03

A vulnerability classified as critical was found in Linux Kernel up to 6.12.9/6.13-rc6. This vulnerability affects unknown code of the component hns3. The manipulation leads to null pointer dereferenc...

CVE-2025-21645 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 pmc denial of service

19.01.2025 13:03

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. This affects an unknown part of the component pmc. The manipulation leads to denial of service. Thi...

CVE-2025-21644 | Linux Kernel up to 6.12.9/6.13-rc6 drm xe_gt_tlb_invalidation_init null pointer dereference

19.01.2025 13:02

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been rated as critical. Affected by this issue is the function xe_gt_tlb_invalidation_init of the component drm. The manipulatio...

CVE-2025-21642 | Linux Kernel up to 6.6.71/6.12.9/6.13-rc6 sysctl null pointer dereference

19.01.2025 13:02

A vulnerability was found in Linux Kernel up to 6.6.71/6.12.9/6.13-rc6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component sysctl. The manipu...

CVE-2025-21634 | Linux Kernel up to 6.12.9/6.13-rc6 cpuset get_online_cpus deadlock

19.01.2025 13:02

A vulnerability was found in Linux Kernel up to 6.12.9/6.13-rc6. It has been classified as critical. Affected is the function get_online_cpus of the component cpuset. The manipulation leads to deadloc...

CVE-2025-0576 | Mobotix M15 4.3.4.83 p_qual cross site scripting

19.01.2025 09:19

A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic. This issue affects some unknown processing of the file /control/player?center&eventlist&pda&dummy_for_reloa...

CVE-2025-0575 | Union Bank of India Vyom 8.0.34 on Android Rooting Detection protection mechanism

19.01.2025 09:13

A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting Detection. The manipulation...