6.5
CVE-2024-57538 -
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.
5.5
CVE-2024-57937 - kernel: mm: reinstate ability to map write-sealed memfd mappings read-only
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
8.1
CVE-2024-57036 -
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in downloadFile.cgi main function. This vulnerability allows an attacker to execute arbitrary commands by sending HTTP request.
7.1
CVE-2025-0752 - Envoyproxy: openshift service mesh envoy http header sanitization bypass leading to dos and unauthoβ¦
A flaw was found in OpenShift Service Mesh 2.6.3 and 2.5.6. Rate-limiter avoidance, access-control bypass, CPU and memory exhaustion, and replay attacks may be possible due to improper HTTP header sanitization in Envoy.
4.2
CVE-2024-56998 -
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit-profile.php via the parameter $address.
6.5
CVE-2024-24443 -
An uninitialized pointer dereference in the ngap_handle_pdu_session_resource_setup_response routine of OpenAirInterface CN5G AMF (oai-cn5g-amf) up to v2.0.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDU Session Resource Setup Response.
5.5
CVE-2025-21664 - dm thin: make get_first_thin use rcu-safe list first function
In the Linux kernel, the following vulnerability has been resolved: dm thin: make get_first_thin use rcu-safe list first function The documentation in rculist.h explains the absence of list_empty_rcu() and cautions programmers against relying on a list_empty() -> list_first() sequence in RCU safeβ¦
5.5
CVE-2025-21662 - net/mlx5: Fix variable not being completed when function returns
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmd_alloc_index(), fails cmd_work_handler() needs to complete ent->slotted before returning early. Otherwise the task which issued the command may hang: mlβ¦
5.5
CVE-2025-21661 - gpio: virtuser: fix missing lookup table cleanups
In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix missing lookup table cleanups When a virtuser device is created via configfs and the probe fails due to an incorrect lookup table, the table is not removed. This prevents subsequent probe attempts from succeedβ¦
5.5
CVE-2025-21657 - sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()
In the Linux kernel, the following vulnerability has been resolved: sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass() scx_ops_bypass() iterates all CPUs to re-enqueue all the scx tasks. For each CPU, it acquires a lock using rq_lock() regardless of whether a CPU is offline orβ¦