0.0
CVE-2023-53283 - xen/virtio: Fix NULL deref when a bridge of PCI root bus has no parent
In the Linux kernel, the following vulnerability has been resolved: xen/virtio: Fix NULL deref when a bridge of PCI root bus has no parent When attempting to run Xen on a QEMU/KVM virtual machine with virtio devices (all x86_64), function xen_dt_get_node() crashes on accessing bus->bridge->parentβ¦
6.5
CVE-2025-5519 - Information Disclosure in ArgusTech's BILGER
Insertion of Sensitive Information Into Sent Data vulnerability in ArgusTech BILGER allows Choosing Message Identifier.This issue affects BILGER: before 2.4.6.
6.5
CVE-2025-5518 - IDOR in ArgusTech's BILGER
Authorization Bypass Through User-Controlled Key vulnerability with user privileges in ArgusTech BILGER allows Exploitation of Trusted Identifiers.This issue affects BILGER: before 2.4.6.
8.6
CVE-2024-12367 - Information Disclosure in Vegagrup Software's Vega Master
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Vegagrup Software Vega Master allows Directory Indexing.This issue affects Vega Master: from v.1.12.35 through 20250916.Β NOTE: The vendor did not inform about the completion of the fixing process within thβ¦
5.3
CVE-2025-9808 - The Events Calendar <= 6.15.2 - Missing Authorization to Unauthenticated Password-Protected Informaβ¦
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.15.2 via the REST endpoint. This makes it possible for unauthenticated attackers to extract information about password-protected vendors or venues.
5.5
CVE-2025-39807 - drm/mediatek: Add error handling for old state CRTC in atomic_disable
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add error handling for old state CRTC in atomic_disable Introduce error handling to address an issue where, after a hotplug event, the cursor continues to update. This situation can lead to a kernel panic due to accβ¦
7.1
CVE-2025-39806 - HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() A malicious HID device can trigger a slab out-of-bounds during mt_report_fixup() by passing in report descriptor smaller than 607 bytes. mt_report_fixup() attempβ¦
5.5
CVE-2025-39814 - ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset
In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset Issuing a reset when the driver is loaded without RDMA support, will results in a crash as it attempts to remove RDMA's non-existent auxbus device: echo 1 > /sys/β¦
5.5
CVE-2023-53312 - net: fix net_dev_start_xmit trace event vs skb_transport_offset()
In the Linux kernel, the following vulnerability has been resolved: net: fix net_dev_start_xmit trace event vs skb_transport_offset() After blamed commit, we must be more careful about using skb_transport_offset(), as reminded us by syzbot: WARNING: CPU: 0 PID: 10 at include/linux/skbuff.h:2868 β¦
7.8
CVE-2025-39821 - perf: Avoid undefined behavior from stopping/starting inactive events
In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu->start()/stop() on perf events in PERF_EVENT_STATE_OFF can leave event->hw.idx at -1. When PMU drivers later attempt to use this negative index as β¦