Total
29477 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23461 | 1 Libpeconv Project | 1 Libpeconv | 2025-03-19 | N/A | 9.8 CRITICAL |
| Libpeconv – access violation, before commit b076013 (30/11/2022). | |||||
| CVE-2022-46892 | 1 Amperecomputing | 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more | 2025-03-19 | N/A | 9.8 CRITICAL |
| In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex. | |||||
| CVE-2021-3172 | 1 Php-fusion | 1 Php-fusion | 2025-03-19 | N/A | 8.1 HIGH |
| An issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature. | |||||
| CVE-2020-36780 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 4.7 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: i2c: sprd: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in sprd_i2c_master_xfer() and sprd_i2c_remove(). However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced. | |||||
| CVE-2025-26473 | 1 Outbackpower | 2 Mojave Inverter Oghi8048a, Mojave Inverter Oghi8048a Firmware | 2025-03-19 | N/A | 7.5 HIGH |
| The Mojave Inverter uses the GET method for sensitive information. | |||||
| CVE-2023-2019 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-03-18 | N/A | 4.4 MEDIUM |
| A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system. | |||||
| CVE-2023-24484 | 1 Citrix | 1 Workspace | 2025-03-18 | N/A | 5.5 MEDIUM |
| A malicious user can cause log files to be written to a directory that they do not have permission to write to. | |||||
| CVE-2022-49211 | 1 Linux | 1 Linux Kernel | 2025-03-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: mips: cdmm: Fix refcount leak in mips_cdmm_phys_base The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount. | |||||
| CVE-2022-49216 | 1 Linux | 1 Linux Kernel | 2025-03-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/tegra: Fix reference leak in tegra_dsi_ganged_probe The reference taken by 'of_find_device_by_node()' must be released when not needed anymore. Add put_device() call to fix this. | |||||
| CVE-2022-49213 | 1 Linux | 1 Linux Kernel | 2025-03-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10k_setup_msa_resources The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. | |||||
| CVE-2022-49212 | 1 Linux | 1 Linux Kernel | 2025-03-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init The reference counting issue happens in several error handling paths on a refcounted object "nc->dmac". In these paths, the function simply returns the error code, forgetting to balance the reference count of "nc->dmac", increased earlier by dma_request_channel(), which may cause refcount leaks. Fix it by decrementing the refcount of specific object in those error paths. | |||||
| CVE-2022-49239 | 1 Linux | 1 Linux Kernel | 2025-03-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This is similar to commit 64b92de9603f ("ASoC: wcd9335: fix a leaked reference by adding missing of_node_put") | |||||
| CVE-2022-49237 | 1 Linux | 1 Linux Kernel | 2025-03-18 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ath11k: add missing of_node_put() to avoid leak The node pointer is returned by of_find_node_by_type() or of_parse_phandle() with refcount incremented. Calling of_node_put() to aovid the refcount leak. | |||||
| CVE-2023-0482 | 2 Netapp, Redhat | 3 Active Iq Unified Manager, Oncommand Workflow Automation, Resteasy | 2025-03-18 | N/A | 5.5 MEDIUM |
| In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user. | |||||
| CVE-2023-24320 | 1 Axcora | 1 Axcora | 2025-03-18 | N/A | 9.8 CRITICAL |
| An access control issue in Axcora POS #0~gitf77ec09 allows unauthenticated attackers to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2022-23240 | 1 Netapp | 1 Active Iq Unified Manager | 2025-03-18 | N/A | 6.5 MEDIUM |
| Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions prior to 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors. | |||||
| CVE-2022-49240 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. | |||||
| CVE-2022-49241 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path. | |||||
| CVE-2022-49242 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers. | |||||
| CVE-2022-49310 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: char: xillybus: fix a refcount leak in cleanup_dev() usb_get_dev is called in xillyusb_probe. So it is better to call usb_put_dev before xdev is released. | |||||