5.5
CVE-2025-37820 - xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() The function xdp_convert_buff_to_frame() may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal erroβ¦
7.8
CVE-2025-37817 - mcb: fix a double free bug in chameleon_parse_gdd()
In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleon_parse_gdd() In chameleon_parse_gdd(), if mcb_device_register() fails, 'mdev' would be released in mcb_device_register() via put_device(). Thus, goto 'err' label and free 'mdev' again causesβ¦
5.5
CVE-2025-37812 - usb: cdns3: Fix deadlock when using NCM gadget
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fix deadlock when using NCM gadget The cdns3 driver has the same NCM deadlock as fixed in cdnsp by commit 58f2fcb3a845 ("usb: cdnsp: Fix deadlock issue during using NCM gadget"). Under PREEMPT_RT the deadlock can be β¦
5.5
CVE-2025-37811 - usb: chipidea: ci_hdrc_imx: fix usbmisc handling
In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: fix usbmisc handling usbmisc is an optional device property so it is totally valid for the corresponding data->usbmisc_data to have a NULL value. Check that before dereferencing the pointer. Found byβ¦
5.5
CVE-2025-37809 - usb: typec: class: Fix NULL pointer access
In the Linux kernel, the following vulnerability has been resolved: usb: typec: class: Fix NULL pointer access Concurrent calls to typec_partner_unlink_device can lead to a NULL pointer dereference. This patch adds a mutex to protect USB device pointers and prevent this issue. The same mutex protβ¦
7.8
CVE-2025-37803 - udmabuf: fix a buf size overflow issue during udmabuf creation
In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.
5.5
CVE-2025-37801 - spi: spi-imx: Add check for spi_imx_setupxfer()
In the Linux kernel, the following vulnerability has been resolved: spi: spi-imx: Add check for spi_imx_setupxfer() Add check for the return value of spi_imx_setupxfer(). spi_imx->rx and spi_imx->tx function pointer can be NULL when spi_imx_setupxfer() return error, and make NULL pointer derefereβ¦
6.5
CVE-2023-51295 -
PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.
7.5
CVE-2025-26842 -
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content of S/MIME encrypted e-mail messages is visible to users with access to the CommunicationLog.
7.0
CVE-2025-37832 - kernel: cpufreq: sun50i: prevent out-of-bounds access
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.