7.1
CVE-2024-57907 - iio: adc: rockchip_saradc: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_eacโฆ
7.1
CVE-2024-57906 - iio: adc: ti-ads8688: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_acโฆ
7.1
CVE-2024-57905 - iio: adc: ti-ads1119: fix information leak in triggered buffer
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. This hole iโฆ
7.1
CVE-2024-57928 - netfs: Fix enomem handling in buffered reads
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix enomem handling in buffered reads If netfs_read_to_pagecache() gets an error from either ->prepare_read() or from netfs_prepare_read_iterator(), it needs to decrement ->nr_outstanding, cancel the subrequest and break oโฆ
7.8
CVE-2024-57926 - drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL, otherwise KASAN complains about use-after-free. Because in mtk_drm_bind, all private's drm are set as follโฆ
5.5
CVE-2025-21653 - net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
In the Linux kernel, the following vulnerability has been resolved: net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute syzbot found that TCA_FLOW_RSHIFT attribute was not validated. Right shitfing a 32bit integer is undefined for large shift values. UBSAN: shift-out-of-bounds in net/sched/cโฆ
5.3
CVE-2025-0561 - itsourcecode Farm Management System add-pig.php sql injection
A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /add-pig.php. The manipulation of the argument pigno leads to sql injection. The attack can be initiated remotely. The exploit has been disclosedโฆ
7.5
CVE-2024-45662 - IBM Safer Payments denial of service
IBM Safer Paymentsย 6.4.0.00 through 6.4.2.07, 6.5.0.00 through 6.5.0.05, and 6.6.0.00 through 6.6.0.03 could allow a remote attacker to cause a denial of service due to improper allocation of resources.
5.3
CVE-2024-47106 - IBM Jazz for Service Management information disclosure
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system.
8.1
CVE-2024-47113 - IBM ICP - Voice Gateway XML injection
IBM ICP - Voice Gatewayย 1.0.2, 1.0.2.4, 1.0.3, 1.0.4, 1.0.5, 1.0.6. 1.0.7, 1.0.7.1, and 1.0.8 could allow remote attacker to send specially crafted XML statements, which would allow them to attacker to view or modify information in the XML document.