5.5
CVE-2025-37811 - usb: chipidea: ci_hdrc_imx: fix usbmisc handling
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the pointer. Found byβ¦
5.5
CVE-2025-37809 - usb: typec: class: Fix NULL pointer access
In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protβ¦
7.8
CVE-2025-37803 - udmabuf: fix a buf size overflow issue during udmabuf creation
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
5.5
CVE-2025-37801 - spi: spi-imx: Add check for spi_imx_setupxfer()
In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spi_imx_setupxfer() Add check for the return value of spi_imx_setupxfer(). spi_imx->rx and spi_imx->tx function pointer can be NULL when spi_imx_setupxfer() return error, and make NULL pointer derefereβ¦
6.5
CVE-2023-51295 -
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
7.5
CVE-2025-26842 -
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog.
7.0
CVE-2025-37832 - kernel: cpufreq: sun50i: prevent out-of-bounds access
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2025-37804 - kernel: io_uring: always do atomic put from iowq
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.5
CVE-2025-45787 -
TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules.
5.5
CVE-2025-37833 - net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads
In the Linux kernel, the following vulnerability has been resolved: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Fix niu_try_msix() to not cause a fatal trap on sparc systems. Set PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to work around a bug in theβ¦