Total
29560 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-49668 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. This function only calls of_node_put() in normal path, missing it in error paths. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49656 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: ARM: meson: Fix refcount leak in meson_smp_prepare_cpus of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49652 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore. Add missing of_node_put() in to fix this. | |||||
| CVE-2022-49644 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector() If drm_connector_init fails, intel_connector_free will be called to take care of proper free. So it is necessary to drop the refcount of port before intel_connector_free. (cherry picked from commit cea9ed611e85d36a05db52b6457bf584b7d969e2) | |||||
| CVE-2022-49716 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. When kcalloc fails, it missing of_node_put() and results in refcount leak. Fix this by goto out_put_node label. | |||||
| CVE-2022-49715 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49714 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: irqchip/realtek-rtl: Fix refcount leak in map_interrupts of_find_node_by_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. This function doesn't call of_node_put() in error path. Call of_node_put() directly after of_property_read_u32() to cover both normal path and error path. | |||||
| CVE-2022-49712 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() will check NULL pointer. | |||||
| CVE-2022-49705 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl We need to release directory fid if we fail halfway through open This fixes fid leaking with xfstests generic 531 | |||||
| CVE-2022-49704 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: 9p: fix fid refcount leak in v9fs_vfs_get_link we check for protocol version later than required, after a fid has been obtained. Just move the version check earlier. | |||||
| CVE-2022-49693 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf of_graph_get_remote_node() returns remote device node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. Patchwork: https://patchwork.freedesktop.org/patch/488473/ | |||||
| CVE-2022-49684 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iio: adc: aspeed: Fix refcount leak in aspeed_adc_set_trim_data of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49683 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. | |||||
| CVE-2022-49682 | 1 Linux | 1 Linux Kernel | 2025-03-11 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a node pointer with refcount incremented. We should use of_node_put() when it is not used anymore. | |||||
| CVE-2023-26303 | 1 Executablebooks | 1 Markdown-it-py | 2025-03-11 | N/A | 3.3 LOW |
| Denial of service could be caused to markdown-it-py, before v2.2.0, if an attacker was allowed to force null assertions with specially crafted input. | |||||
| CVE-2023-26302 | 1 Executablebooks | 1 Markdown-it-py | 2025-03-11 | N/A | 3.3 LOW |
| Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input. | |||||
| CVE-2022-48305 | 1 Huawei | 2 Simba-al00, Simba-al00 Firmware | 2025-03-11 | N/A | 5.5 MEDIUM |
| There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail. | |||||
| CVE-2024-40706 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-03-11 | N/A | 5.3 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system. | |||||
| CVE-2023-23472 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2025-03-11 | N/A | 3.1 LOW |
| IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. | |||||
| CVE-2024-0368 | 1 Wpmudev | 1 Hustle | 2025-03-11 | N/A | 8.6 HIGH |
| The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.8.3 via hardcoded API Keys. This makes it possible for unauthenticated attackers to extract sensitive data including PII. | |||||