0.0
CVE-2023-54025 - wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled
In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Do not configure WoWlan in shutdown hook if not enabled In case WoWlan was never configured during the operation of the system, the hw->wiphy->wowlan_config will be NULL. rsi_config_wowlan() checks whether wowlan_confiβ¦
5.5
CVE-2023-53993 - PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y
In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y After a pci_doe_task completes, its work_struct needs to be destroyed to avoid a memory leak with CONFIG_DEBUG_OBJECTS=y.
0.0
CVE-2022-50753 - f2fs: fix to do sanity check on summary info
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on summary info As Wenqing Liu reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216456 BUG: KASAN: use-after-free in recover_data+0x63ae/0x6ae0 [f2fs] Read of size 4 at addr ffff888β¦
5.5
CVE-2022-50750 - drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure
In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to avoid memory leak.
5.5
CVE-2025-68732 - gpu: host1x: Fix race in syncpt alloc/free
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1x_syncpt_alloc() and host1x_syncpt_put() by using kref_put_mutex() instead of kref_put() + manual mutex locking. This ensures no thread can acquire the sβ¦
6.9
CVE-2025-15049 - code-projects Online Farm System addProduct.php sql injection
A vulnerability was identified in code-projects Online Farm System 1.0. Affected is an unknown function of the file /addProduct.php. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.
7.8
CVE-2025-68696 - httparty Has Potential SSRF Vulnerability That Leads to API Key Leakage
httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd.
8.6
CVE-2025-68665 - LangChain serialization injection vulnerability enables secret extraction
LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using Jβ¦
9.7
CVE-2025-68669 - 5ire vulnerable to Remote Code Execution (RCE) via mermaid
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits tβ¦
9.3
CVE-2025-68664 - LangChain serialization injection vulnerability enables secret extraction in dumps/loads APIs
LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionariesβ¦