9.8
CVE-2024-55160 -
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list.
9.8
CVE-2024-36047 -
Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.
4.4
CVE-2025-21818 - kernel: x86/xen: fix xen_hypercall_hvm() to not clobber %rbx
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-58018 - nvkm: correctly calculate the available space of the GSP cmdq buffer
In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdq buffer when handling a large RPC request. When it sees at least one available page in the cmdqβ¦
5.5
CVE-2025-21733 - tracing/osnoise: Fix resetting of tracepoints
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fix resetting of tracepoints If a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD disabled, but then that option is enabled and timerlat is removed, the tracepoints that were enabled on timerlβ¦
9.8
CVE-2024-53944 -
An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices through M7628NNxlSPv2xUI_v1.0.1802.10.08_P4 and LT21B devices through M7628xUSAxUIv2_v1.0.1481.15.02_P0. A unauthenticated remote attacker with network access can exploit a command injection vulnerability. The /goform/formJsonAjaxReqβ¦
7.8
CVE-2024-57980 - media: uvcvideo: Fix double free in error path
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it will free the dev->status pointer but doesn't reset the pointer to NULL. This results in the kfree() call in uvc_sβ¦
7.8
CVE-2025-21797 - HID: corsair-void: Add missing delayed work cancel for headset status
In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Add missing delayed work cancel for headset status The cancel_delayed_work_sync() call was missed, causing a use-after-free in corsair_void_remove().
5.5
CVE-2025-21721 - nilfs2: handle errors that nilfs_prepare_chunk() may return
In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle errors that nilfs_prepare_chunk() may return Patch series "nilfs2: fix issues with rename operations". This series fixes BUG_ON check failures reported by syzbot around rename operations, and a minor behavioral isβ¦
5.5
CVE-2025-21716 - vxlan: Fix uninit-value in vxlan_vnifilter_dump()
In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix uninit-value in vxlan_vnifilter_dump() KMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1]. If the length of the netlink message payload is less than sizeof(struct tunnel_msg), vxlan_vnifilter_dump() aβ¦