CVEs from 2025
Total
8,956
critical
critical 1,368
high
high 2,067
medium
medium 2,068
low
low 204
% Critical
15.3%
% with KEV
2.0%
% with exploit
2.8%
Top vendors
- qualcomm 1,123
- fabian 285
- campcodes 232
- phpgurukul 189
- code-projects 121
- redhat 110
- microsoft 107
- portabilis 94
Top products
- i-educar 80
- office_long_term_servicing_channel 35
- office 34
- best_salon_management_system 33
- apartment_management_system 30
- gcp 29
- inventory_management_system 28
- online_learning_management_system 21
Top packages
- Go/github.com/mattermost/mattermost/server/v8 258
- Go/github.com/mattermost/mattermost-server 249
- Packagist/magento/community-edition 231
- Packagist/moodle/moodle 162
- Go/github.com/mattermost/mattermost-server/v5 99
- Go/github.com/mattermost/mattermost-server/v6 99
- Maven/com.liferay.portal:release.dxp.bom 61
- Maven/org.apache.tomcat.embed:tomcat-embed-core 53
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-4085 | unknown | — | — | — | An attacker with control over a content process could potentially leverage the privileged UITour actor to leak sensitive information or escalate privileges. This vulnerability was fixed in Firefox 13… | |||
| CVE-2025-4086 | unknown | — | — | — | A specially crafted filename containing a large number of encoded newline characters could obscure the file's extension when displayed in the download dialog. *This bug only affects Thunderbird for A… | |||
| CVE-2025-40145 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Fix double cleanup on devm_add_action_or_reset() failure When devm_add_action_or_reset() fails, it calls the passed … | |||
| CVE-2025-22083 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint If vhost_scsi_set_endpoint is called multiple times without… | |||
| CVE-2025-4088 | unknown | — | — | — | A security vulnerability in Thunderbird allowed malicious sites to use redirects to send credentialed requests to arbitrary endpoints on any site that had invoked the Storage Access API. This enabled… | |||
| CVE-2025-6428 | unknown | — | — | — | When a URL was provided in a link querystring parameter, Firefox for Android would follow that URL instead of the correct URL, potentially leading to phishing attacks. *This bug only affects Firefox … | |||
| CVE-2025-37781 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: i2c: cros-ec-tunnel: defer probe if parent EC is not present When i2c-cros-ec-tunnel and the EC driver are built-in, the EC paren… | |||
| CVE-2025-38272 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: dsa: b53: do not enable EEE on bcm63xx BCM63xx internal switches do not support EEE, but provide multiple RGMII ports where … | |||
| CVE-2025-6431 | unknown | — | — | — | When a link can be opened in an external application, Firefox for Android will, by default, prompt the user before doing so. An attacker could have bypassed this prompt, potentially exposing the user… | |||
| CVE-2025-6433 | unknown | — | — | — | If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in vi… | |||
| CVE-2025-6434 | unknown | — | — | — | The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker to trick a user into granting an except… | |||
| CVE-2025-6435 | unknown | — | — | — | If a user saved a response from the Network tab in Devtools using the Save As context menu option, that file may not have been saved with the `.download` file extension. This could have led to the us… | |||
| CVE-2025-6436 | unknown | — | — | — | Memory safety bugs present in Firefox 139 and Thunderbird 139. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t… | |||
| CVE-2025-40208 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec:… | |||
| CVE-2025-40210 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or… | |||
| CVE-2025-40212 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsd_set_fh_dentry() nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the variou… | |||
| CVE-2025-40213 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete There is a BUG: KASAN: stack-out-of-bounds in set_mesh_sync due… | |||
| CVE-2025-38266 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Commit 3ef9f710efcb ("pinctrl: mediatek: Add EINT suppo… | |||
| CVE-2025-40224 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() The driver allocates memory for sensor data using devm_kzalloc(),… | |||
| CVE-2025-40227 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: dealloc commit test ctx always The damon_ctx for testing online DAMON parameters commit inputs is deallocated onl… | |||
| CVE-2025-40241 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: erofs: fix crafted invalid cases for encoded extents Robert recently reported two corrupted images that can cause system crashes,… | |||
| CVE-2025-37903 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix slab-use-after-free in hdcp The HDCP code in amdgpu_dm_hdcp.c copies pointers to amdgpu_dm_connector objects… | |||
| CVE-2025-40249 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: make sure the cdev fd is still active before emitting events With the final call to fput() on a file descriptor, the … | |||
| CVE-2025-38241 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix softlockup with mTHP swapin Following softlockup can be easily reproduced on my test machine with: echo alwa… | |||
| CVE-2025-38344 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ACPICA: fix acpi parse and parseext cache leaks ACPICA commit 8829e70e1360c81e7a5a901b5d4f48330e021ea5 I'm Seunghun Han, and I w… | |||
| CVE-2025-38233 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: powerpc64/ftrace: fix clobbered r15 during livepatching While r15 is clobbered always with PPC_FTRACE_OUT_OF_LINE, it is not rest… | |||
| CVE-2025-38199 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix memory leak due to multiple rx_stats allocation rx_stats for each arsta is allocated when adding a station. ars… | |||
| CVE-2025-38195 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix panic caused by NULL-PMD in huge_pte_offset() ERROR INFO: CPU 25 Unable to handle kernel paging request at virtua… | |||
| CVE-2025-38553 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: Restrict conditions for adding duplicating netems to qdisc tree netem_enqueue's duplication prevention logic breaks wh… | |||
| CVE-2025-61909 | unknown | — | — | — | Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script (also used during systemctl reload icinga2) and logrotate configuration shipped… | |||
| CVE-2025-38194 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jffs2: check that raw node were preallocated before writing summary Syzkaller detected a kernel bug in jffs2_link_node_ref, cause… | |||
| CVE-2025-38193 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net_sched: sch_sfq: reject invalid perturb period Gerrard Tai reported that SFQ perturb_period has no range check yet, and this c… | |||
| CVE-2025-38163 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sbi->total_valid_block_count syzbot reported a f2fs bug as below: ------------[ cut here ]------… | |||
| CVE-2025-59799 | unknown | — | — | — | Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmark_coerce_dest in devices/vector/gdevpdfm.c via a large size value. | |||
| CVE-2025-61908 | unknown | — | — | — | Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, when creating an invalid reference, such as a reference to null, dereferencing results in a segmentati… | |||
| CVE-2025-61907 | unknown | — | — | — | Icinga 2 is an open source monitoring system. In Icinga 2 versions 2.4 through 2.15.0, filter expressions provided to the various /v1/objects endpoints could access variables or objects that would ot… | |||
| CVE-2025-48057 | unknown | — | — | — | Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.… | |||
| CVE-2025-38162 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the followi… | |||
| CVE-2025-46646 | unknown | — | — | — | In Artifex Ghostscript before 10.05.0, decode_utf8 in base/gp_utf8.c mishandles overlong UTF-8 encoding. NOTE: this issue exists because of an incomplete fix for CVE-2024-46954. | |||
| CVE-2025-68175 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: nxp: imx8-isi: Fix streaming cleanup on release The current implementation unconditionally calls mxc_isi_video_cleanup_str… | |||
| CVE-2025-27834 | unknown | — | — | — | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c. | |||
| CVE-2025-38158 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hisi_acc_vfio_pci: fix XQE dma address error The dma addresses of EQE and AEQE are wrong after migration and results in guest ker… | |||
| CVE-2025-27833 | unknown | — | — | — | An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c. | |||
| CVE-2025-56225 | unknown | — | — | — | fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluid_synth_monopoly.c, that can be triggered when loading an invalid midi file. | |||
| CVE-2025-39984 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi->skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skb_reset_mac_h… | |||
| CVE-2025-38157 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k_htc: Abort software beacon handling if disabled A malicious USB device can send a WMI_SWBA_EVENTID event from an ath9… | |||
| CVE-2025-2857 | unknown | — | — | — | Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to retu… | |||
| CVE-2025-8364 | unknown | — | — | — | A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack. *Note: This issue only affected Android operating systems. Other operating sys… | |||
| CVE-2025-38156 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7996_mmio_wed… | |||
| CVE-2025-40348 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts If two competing threads enter alloc_slab_obj_exts() and one of them fa… | |||
| CVE-2025-27836 | unknown | — | — | — | An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. | |||
| CVE-2025-1020 | unknown | — | — | — | Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t… | |||
| CVE-2025-38135 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: serial: Fix potential null-ptr-deref in mlb_usio_probe() devm_ioremap() can return NULL on error. Currently, mlb_usio_probe() doe… | |||
| CVE-2025-40362 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ceph: fix multifs mds auth caps issue The mds auth caps check should also validate the fsname along with the associated caps. Not… | |||
| CVE-2025-14860 | unknown | — | — | — | Use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 146.0.1. | |||
| CVE-2025-30211 | unknown | — | — | — | Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. … | |||
| CVE-2025-38134 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink() As demonstrated by the fix for update_port_device_stat… | |||
| CVE-2025-68181 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Remove calls to drm_put_dev() Since the allocation of the drivers main structure was changed to devm_drm_dev_alloc() … | |||
| CVE-2025-14744 | unknown | — | — | — | Unicode RTLO characters could allow malicious websites to spoof filenames in the downloads UI for Firefox for iOS, potentially tricking users into saving files of an unexpected file type. This vulner… | |||
| CVE-2025-68188 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() Use RCU to avoid a pair of atomic operations and a potential UA… | |||
| CVE-2025-1943 | unknown | — | — | — | Memory safety bugs present in Firefox 135 and Thunderbird 135. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t… | |||
| CVE-2025-9184 | unknown | — | — | — | Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort… | |||
| CVE-2025-8037 | unknown | — | — | — | Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was set over HTTP and the shadowed cookie included the `Secure` attribute. This vulnerab… | |||
| CVE-2025-26618 | unknown | — | — | — | Erlang is a programming language and runtime system for building massively scalable soft real-time systems with requirements on high availability. OTP is a set of Erlang libraries, which consists of … | |||
| CVE-2025-68205 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/hdmi: Fix breakage at probing nvhdmi-mcp driver After restructuring and splitting the HDMI codec driver code, each HDMI… | |||
| CVE-2025-8038 | unknown | — | — | — | Thunderbird ignored paths when checking the validity of navigations in a frame. This vulnerability was fixed in Firefox 141, Firefox ESR 140.1, Thunderbird 141, and Thunderbird 140.1. | |||
| CVE-2025-38132 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: coresight: holding cscfg_csdev_lock while removing cscfg from csdev There'll be possible race scenario for coresight config: CPU… | |||
| CVE-2025-68225 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: lib/test_kho: check if KHO is enabled We must check whether KHO is enabled prior to issuing KHO commands, otherwise KHO internal … | |||
| CVE-2025-38131 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: coresight: prevent deactivate active config while enabling the config While enable active config via cscfg_csdev_enable_active_co… | |||
| CVE-2025-68228 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/plane: Fix create_in_format_blob() return value create_in_format_blob() is either supposed to return a valid pointer or an er… | |||
| CVE-2025-68230 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gpu page fault after hibernation on PF passthrough On PF passthrough environment, after hibernate and then resume… | |||
| CVE-2025-68234 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/cmd_net: fix wrong argument types for skb_queue_splice() If timestamp retriving needs to be retried and the local list o… | |||
| CVE-2025-21824 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix a use of uninitialized mutex commit c8347f915e67 ("gpu: host1x: Fix boot regression for Tegra") caused a use of … | |||
| CVE-2025-37971 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2_dev Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state to vchiq_st… | |||
| CVE-2025-27831 | unknown | — | — | — | An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c. | |||
| CVE-2025-63745 | unknown | — | — | — | A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info() function of bin_ne.c. A crafted binary input can trigger a segmentation fault, leading to a deni… | |||
| CVE-2025-38275 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-usb: Fix an NULL vs IS_ERR() bug The qmp_usb_iomap() helper function currently returns the raw result of devm_iorem… | |||
| CVE-2025-13027 | unknown | — | — | — | Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t… | |||
| CVE-2025-68323 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec->work The delayed work uec->work is scheduled in gaokun_ucsi_probe() but never… | |||
| CVE-2025-38096 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: don't warn when if there is a FW error iwl_trans_reclaim is warning if it is called when the FW is not alive. But … | |||
| CVE-2025-68316 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro Ge… | |||
| CVE-2025-8860 | unknown | — | — | — | A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFI_VARS_REG_BUFFER_SIZE, the .write callback `uefi_vars_write` is invoked. The function allocates a heap … | |||
| CVE-2025-38589 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: neighbour: Fix null-ptr-deref in neigh_flush_dev(). kernel test robot reported null-ptr-deref in neigh_flush_dev(). [0] The cite… | |||
| CVE-2025-68341 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP no_direct return section to fix race As explain in commit fa349e396e48 ("veth: Fix race with AF_XDP exposing old… | |||
| CVE-2025-68348 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in __blkdev_issue_zero_pages Move the fatal signal check before bio_alloc() to prevent a memory leak when … | |||
| CVE-2025-38506 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amo… | |||
| CVE-2025-37950 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix panic in failed foilio allocation commit 7e119cff9d0a ("ocfs2: convert w_pages to w_folios") and commit 9a5e08652dc4b … | |||
| CVE-2025-68370 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUX_EVENT of each CPU and is r… | |||
| CVE-2025-24965 | unknown | — | — | — | crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creatio… | |||
| CVE-2025-38334 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Prevent attempts to reclaim poisoned pages TL;DR: SGX page reclaim touches the page to copy its contents to secondary st… | |||
| CVE-2025-68743 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region i… | |||
| CVE-2025-68747 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthor_vm_unmap_range() might return an error. We expect the page… | |||
| CVE-2025-68748 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthor_fw_unplug() will free the FW memory … | |||
| CVE-2025-68750 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: potential integer overflow in usbg_make_tpg() The variable tpgt in usbg_make_tpg() is defined as unsigned long and is assign… | |||
| CVE-2025-68752 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iavf: Implement settime64 with -EOPNOTSUPP ptp_clock_settime() assumes every ptp_clock has implemented settime64(). Stub it with … | |||
| CVE-2025-21634 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID… | |||
| CVE-2025-39722 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called… | |||
| CVE-2025-71074 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: functionfs: fix the open/removal races ffs_epfile_open() can race with removal, ending up with file->private_data pointing to fre… | |||
| CVE-2025-38095 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: dma-buf: insert memory barrier before updating num_fences smp_store_mb() inserts memory barrier after storing operation. It is di… | |||
| CVE-2025-21953 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: mana: cleanup mana struct after debugfs_remove() When on a MANA VM hibernation is triggered, as part of hibernate_snapshot()… |