7.8
CVE-2022-49730 - scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.1
CVE-2025-25825 -
A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Titile in the article category section.
5.5
CVE-2022-49120 - scsi: pm8001: Fix task leak in pm8001_send_abort_all()
In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix task leak in pm8001_send_abort_all() In pm8001_send_abort_all(), make sure to free the allocated sas task if pm8001_tag_alloc() or pm8001_mpi_build_cmd() fail.
5.5
CVE-2022-49081 - highmem: fix checks in __kmap_local_sched_{in,out}
In the Linux kernel, the following vulnerability has been resolved: highmem: fix checks in __kmap_local_sched_{in,out} When CONFIG_DEBUG_KMAP_LOCAL is enabled __kmap_local_sched_{in,out} check that even slots in the tsk->kmap_ctrl.pteval are unmapped. The slots are initialized with 0 value, but β¦
5.5
CVE-2022-49074 - irqchip/gic-v3: Fix GICR_CTLR.RWP polling
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix GICR_CTLR.RWP polling It turns out that our polling of RWP is totally wrong when checking for it in the redistributors, as we test the *distributor* bit index, whereas it is a different bit number in the RDs..β¦
5.5
CVE-2022-49065 - SUNRPC: Fix the svc_deferred_event trace class
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svc_deferred_event trace class Fix a NULL deref crash that occurs when an svc_rqst is deferred while the sunrpc tracing subsystem is enabled. svc_revisit() sets dr->xprt to NULL, so it can't be relied upon in the β¦
7.8
CVE-2022-49186 - clk: visconti: prevent array overflow in visconti_clk_register_gates()
In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconti_clk_register_gates() This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if (clks[i].rs_id >= 0) condition was alwaβ¦
5.5
CVE-2021-47643 - media: ir_toy: free before error exiting
In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: free before error exiting Fix leak in error path.
8.1
CVE-2024-53427 - jq: stack-buffer-overflow in the decNumberCopy function in decNumber.c
decNumberCopy in decNumber.c in jq through 1.7.1 does not properly consider that NaN is interpreted as numeric, which has a resultant stack-based buffer overflow and out-of-bounds write, as demonstrated by use of --slurp with subtraction, such as a filter of .-. when the input has a certain form ofβ¦
5.5
CVE-2022-49536 - scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock During stress I/O tests with 500+ vports, hard LOCKUP call traces are observed. CPU A: native_queued_spin_lock_slowpath+0x192 _raw_spin_lock_irqsave+0x32 lpfc_hanβ¦