5.5
CVE-2022-50261 - drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
In the Linux kernel, the following vulnerability has been resolved: drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to makβ¦
5.5
CVE-2022-50316 - orangefs: Fix kmemleak in orangefs_sysfs_init()
In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefs_sysfs_init() When insert and remove the orangefs module, there are kobjects memory leaked as below: unreferenced object 0xffff88810f95af00 (size 64): comm "insmod", pid 783, jiffies 429481343β¦
5.5
CVE-2022-50334 - hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000β¦
5.5
CVE-2022-50253 - bpf: make sure skb->len != 0 when redirecting to a tunneling device
In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb->len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb->len == 0 when we enter __dev_queue_xmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbuff.h:2576 skb_asserβ¦
5.4
CVE-2025-57104 -
Teampel 5.1.6 is vulnerable to SQL Injection in /Common/login.aspx.
7.1
CVE-2022-50306 - ext4: fix potential out of bound read in ext4_fc_replay_scan()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential out of bound read in ext4_fc_replay_scan() For scan loop must ensure that at least EXT4_FC_TAG_BASE_LEN space. If remain space less than EXT4_FC_TAG_BASE_LEN which will lead to out of bound read when mounting β¦
5.5
CVE-2022-50262 - fs/ntfs3: Validate BOOT record_size
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate BOOT record_size When the NTFS BOOT record_size field < 0, it represents a shift value. However, there is no sanity check on the shift result and the sbi->record_bits calculation through blksize_bits() assumes β¦
7.8
CVE-2023-53257 - wifi: mac80211: check S1G action frame size
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action code, check that it even exists in the frame.
7.1
CVE-2023-53222 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting
In the Linux kernel, the following vulnerability has been resolved: jfs: jfs_dmap: Validate db_l2nbperpage while mounting In jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree(). db_l2nbperpage, which is the log2 number of blocks per page, is passed as an argumeβ¦
5.5
CVE-2023-53226 - wifi: mwifiex: Fix OOB and integer underflow when rx packets
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiex_process_mgmt_packet, mwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet, mwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet not β¦