7.1
CVE-2025-22121 - ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() There's issue as follows: BUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 β¦
5.9
CVE-2024-40068 -
Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at id_generator/admin/?page=templates/manage_template&id=1.
5.5
CVE-2025-22077 - Revert "smb: client: fix TCP timers deadlock after rmmod"
In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 ("smb: client: fix TCP timers deadlock after rmmod") is intended to fix a null-ptr-derefβ¦
4.7
CVE-2025-22029 - kernel: exec: fix the racy usage of fs_struct->in_exec
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.5
CVE-2025-28072 -
PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php.
5.5
CVE-2025-23138 - watch_queue: fix pipe accounting mismatch
In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe itself, due to the if (!pipe_has_watch_queue()) β¦
5.5
CVE-2025-22064 - netfilter: nf_tables: don't unregister hook when table is dormant
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: don't unregister hook when table is dormant When nf_tables_updchain encounters an error, hook registration needs to be rolled back. This should only be done if the hook has been registered, which won't happβ¦
5.5
CVE-2025-23137 - cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update Check if policy is NULL before dereferencing it in amd_pstate_update.
5.5
CVE-2025-22089 - RDMA/core: Don't expose hw_counters outside of init net namespace
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Don't expose hw_counters outside of init net namespace Commit 467f432a521a ("RDMA/core: Split port and device counter sysfs attributes") accidentally almost exposed hw counters to non-init net namespaces. It didn't expβ¦
5.5
CVE-2025-22024 - nfsd: fix management of listener transports
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix management of listener transports Currently, when no active threads are running, a root user using nfsdctl command can try to remove a particular listener from the list of previously added ones, then start the server byβ¦