Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2025-39922 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix incorrect map used in eee linkmode incorrectly used ixgbe_lp_map in loops intended to populate the supported…
CVE-2025-39921 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: stop checking viability of op->max_freq in supports_op callback In commit 13529647743d9 ("spi: microchip-core-qspi: Support per spi-mem…
CVE-2025-39920 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for add_interval() in do_validate_mem() In the do_validate_mem(), the call to add_interval() does not handle…
CVE-2025-39919 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: add missing check for rx wcid entries Non-station wcid entries must not be passed to…
CVE-2025-39918 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix linked list corruption Never leave scheduled wcid entries on the temporary on-stack list
CVE-2025-39917 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds dynptr write in bpf_crypto_crypt Stanislav reported that in bpf_crypto_crypt() the destination dynptr's size is not…
CVE-2025-39916 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() When creating a new scheme of DAMON_RECLAIM, the calculation of 'min_age_region' uses 'aggr_interval'…
CVE-2025-39915 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: phy: transfer phy_config_inband() locking responsibility to phylink Problem description =================== Lockdep reports a possible circular locking dependency…
CVE-2025-39914 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: tracing: Silence warning when chunk allocation fails in trace_pid_write Syzkaller trigger a fault injection warning: WARNING: CPU: 1…
CVE-2025-39913 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. syzbot reported the splat below. [0] The repro does…
CVE-2025-39912 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: nfs/localio: restore creds before releasing pageio data Otherwise if the nfsd filecache code releases the nfsd_file immediately, it…
CVE-2025-39911 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path If request_irq() in i40e_vsi_request_irq_msix() fails in an iteration later than…
CVE-2025-39910 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() kasan_populate_vmalloc() and its helpers ignore the caller's gfp_mask and always allocate…
CVE-2025-39909 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters application". DAMON's RECLAIM and…
CVE-2025-39908 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: dev_ioctl: take ops lock in hwtstamp lower paths ndo hwtstamp callbacks are expected to run under the…
CVE-2025-39907 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Avoid below overlapping mappings by using a contiguous non-cacheable…
CVE-2025-39906 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: remove oem i2c adapter on finish Fixes a bug where unbinding of the GPU would leave the…
CVE-2025-39905 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: phylink: add lock for serializing concurrent pl->phydev writes with resolver Currently phylink_resolve() protects itself against concurrent phylink_bringup_phy()…
CVE-2025-39904 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: arm64: kexec: initialize kexec_buf struct in load_other_segments() Patch series "kexec: Fix invalid field access". The kexec_buf structure was…
CVE-2025-39903 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: of_numa: fix uninitialized memory nodes causing kernel panic When there are memory-only nodes (nodes without CPUs), these nodes…
CVE-2025-39902 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in object_err() object_err() reports details of an object for further…
CVE-2025-39901 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files The 'command' and 'netdev_ops' debugfs files are a legacy debugging interface…
CVE-2025-39900 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y syzbot reported a WARNING in est_timer() [1] Problem here is that with…
CVE-2025-39899 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE With CONFIG_HIGHPTE on 32-bit ARM, move_pages_pte() maps PTE pages using kmap_local_page(),…
CVE-2025-39898 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: e1000e: fix heap overflow in e1000_set_eeprom Fix a possible heap overflow in e1000_set_eeprom function by adding input validation…
CVE-2025-39897 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Add error handling for RX metadata pointer retrieval Add proper error checking for dmaengine_desc_get_metadata_ptr() which…
CVE-2025-39896 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery work from being queued during device removal Use disable_work_sync() instead of cancel_work_sync() in ivpu_dev_fini() to…
CVE-2025-39895 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: sched: Fix sched_numa_find_nth_cpu() if mask offline sched_numa_find_nth_cpu() uses a bsearch to look for the 'closest' CPU in sched_domains_numa_masks…
CVE-2025-39894 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm When send a broadcast packet to a…
CVE-2025-39893 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: unregister ECC engine on probe error and device remove The on-host hardware ECC engine remains registered…
CVE-2025-39892 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: care NULL dirver name on snd_soc_lookup_component_nolocked() soc-generic-dmaengine-pcm.c uses same dev for both CPU and Platform. In…
CVE-2025-39891 2025-10-01 N/A 0.0 In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chan_stats array to zero The adapter->chan_stats[] array is initialized in mwifiex_init_channel_scan_gap() with vmalloc(), which…
CVE-2025-11226 2025-10-01 N/A 0.0 ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising…
CVE-2020-36852 2025-10-01 CRITICAL 9.1 The Custom Searchable Data Entry System plugin for WordPress is vulnerable to unauthenticated database wiping in versions up to, and including 1.7.1, due to a missing capability check…
CVE-2025-7493 2025-09-30 CRITICAL 9.1 A privilege escalation flaw from host to domain administrator was found in FreeIPA. This vulnerability is similar to CVE-2025-4404, where it fails to validate the uniqueness of the…
CVE-2025-9075 2025-10-01 MEDIUM 6.4 The ZoloBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple Gutenberg blocks in versions up to, and including, 2.3.10. This is due to insufficient input…
CVE-2025-10744 2025-10-01 MEDIUM 5.3 The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.1 through publicly…
CVE-2025-10735 2025-10-01 MEDIUM 4.0 The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via…
CVE-2025-10538 2025-10-01 N/A 0.0 An authentication bypass vulnerability exists in LG Innotek camera models LND7210 and LNV7210R. The vulnerability allows a malicious actor to gain access to camera information including user account…
CVE-2025-61722 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61721 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61720 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61719 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61718 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61717 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61716 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61715 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61714 2025-10-01 N/A 0.0 Rejected reason: Not used
CVE-2025-61792 2025-09-30 MEDIUM 6.4 Quadient DS-700 iQ devices through 2025-09-30 might have a race condition during the quick clicking of (in order) the Question Mark button, the Help Button, the About button,…
CVE-2025-55191 2025-09-30 MEDIUM 6.5 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions between 2.1.0 and 2.14.19, 3.2.0-rc1, 3.1.0-rc1 through 3.1.7, and 3.0.0-rc1 through 3.0.18 contain a race condition…
« Anterior Página 413 de 3934 Siguiente »