9.8

CVSS3.1

CVE-2025-46192 -

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_payment_update.php via the order_id POST parameter.

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: May 22, 2025, 6:47 p.m.

7.8

CVSS3.1

CVE-2025-37845 - tracing: fprobe events: Fix possible UAF on modules

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 ("tracing: tprobe-events: Fix leakage of module refcount") moved try_module_get() from __find_tracepoint_module_cb() to find_tracepoint() caller, but that in…

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: Nov. 17, 2025, 12:48 p.m.

5.5

CVSS3.1

CVE-2025-37835 - kernel: smb: client: Fix netns refcount imbalance causing leaks and use-after-free

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: May 10, 2025, 2:15 p.m.

2.9

CVSS3.1

CVE-2025-47737 -

lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: Jan. 30, 2026, 9:17 p.m.

5.5

CVSS3.1

CVE-2025-37880 - um: work around sched_yield not yielding in time-travel mode

In the Linux kernel, the following vulnerability has been resolved: um: work around sched_yield not yielding in time-travel mode sched_yield by a userspace may not actually cause scheduling in time-travel mode as no time has passed. In the case seen it appears to be a badly implemented userspace …

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: Jan. 2, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-46190 -

SourceCodester Client Database Management System 1.0 is vulnerable to SQL Injection in user_delivery_update.php via the order_id POST parameter.

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: May 22, 2025, 6:51 p.m.

5.5

CVSS3.1

CVE-2025-37888 - net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table() Add NULL check for mlx5_get_flow_namespace() returns in mlx5_create_inner_ttc_table() and mlx5_create_ttc_table() to prevent NULL pointer dereference.

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: Nov. 12, 2025, 7:36 p.m.

5.5

CVSS3.1

CVE-2025-37863 - ovl: don't allow datadir only

In the Linux kernel, the following vulnerability has been resolved: ovl: don't allow datadir only In theory overlayfs could support upper layer directly referring to a data layer, but there's no current use case for this. Originally, when data-only layers were introduced, this wasn't allowed, on…

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: Nov. 12, 2025, 8:13 p.m.

9.8

CVSS3.1

CVE-2025-28200 -

Victure RX1800 EN_V1.0.0_r12_110933 was discovered to utilize a weak default password which includes the last 8 digits of the Mac address.

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: June 12, 2025, 4:35 p.m.

7.8

CVSS3.1

CVE-2025-37849 - KVM: arm64: Tear down vGIC on failed vCPU creation

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data initialised. Note only does this…

πŸ“… Published: May 9, 2025, midnight πŸ”„ Last Modified: Dec. 20, 2025, 8:51 a.m.
Total resulsts: 348134
Page 5381 of 34,814
Β« previous page Β» next page
Filters