Lista CVE - 2025 / Luglio
Visualizzazione 201 - 300 di 3776 CVE per Luglio 2025 (Pagina 3 di 38)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-38113 | 2025-07-03 | ACPI: CPPC: Fix NULL pointer dereference when nosmp is used |
| CVE-2025-38114 | 2025-07-03 | e1000: Move cancel_work_sync to avoid deadlock |
| CVE-2025-38115 | 2025-07-03 | net_sched: sch_sfq: fix a potential crash on gso_skb handling |
| CVE-2025-38116 | 2025-07-03 | wifi: ath12k: fix uaf in ath12k_core_init() |
| CVE-2025-38117 | 2025-07-03 | Bluetooth: MGMT: Protect mgmt_pending list with its own lock |
| CVE-2025-38118 | 2025-07-03 | Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete |
| CVE-2025-38119 | 2025-07-03 | scsi: core: ufs: Fix a hang in the error handler |
| CVE-2025-38120 | 2025-07-03 | netfilter: nf_set_pipapo_avx2: fix initial map fill |
| CVE-2025-38121 | 2025-07-03 | wifi: iwlwifi: mld: avoid panic on init failure |
| CVE-2025-38122 | 2025-07-03 | gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO |
| CVE-2025-38123 | 2025-07-03 | net: wwan: t7xx: Fix napi rx poll issue |
| CVE-2025-38124 | 2025-07-03 | net: fix udp gso skb_segment after pull from frag_list |
| CVE-2025-38125 | 2025-07-03 | net: stmmac: make sure that ptp_rate is not 0 before configuring EST |
| CVE-2025-38126 | 2025-07-03 | net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping |
| CVE-2025-38127 | 2025-07-03 | ice: fix Tx scheduler error handling in XDP callback |
| CVE-2025-38128 | 2025-07-03 | Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands |
| CVE-2025-38129 | 2025-07-03 | page_pool: Fix use-after-free in page_pool_recycle_in_ring |
| CVE-2025-38130 | 2025-07-03 | drm/connector: only call HDMI audio helper plugged cb if non-null |
| CVE-2025-38131 | 2025-07-03 | coresight: prevent deactivate active config while enabling the config |
| CVE-2025-38132 | 2025-07-03 | coresight: holding cscfg_csdev_lock while removing cscfg from csdev |
| CVE-2025-38133 | 2025-07-03 | iio: adc: ad4851: fix ad4858 chan pointer handling |
| CVE-2025-38134 | 2025-07-03 | usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink() |
| CVE-2025-38135 | 2025-07-03 | serial: Fix potential null-ptr-deref in mlb_usio_probe() |
| CVE-2025-38136 | 2025-07-03 | usb: renesas_usbhs: Reorder clock handling and power management in probe |
| CVE-2025-38137 | 2025-07-03 | PCI/pwrctrl: Cancel outstanding rescan work when unregistering |
| CVE-2025-38138 | 2025-07-03 | dmaengine: ti: Add NULL check in udma_probe() |
| CVE-2025-38139 | 2025-07-03 | netfs: Fix oops in write-retry from mis-resetting the subreq iterator |
| CVE-2025-38140 | 2025-07-03 | dm: limit swapping tables for devices with zone write plugs |
| CVE-2025-38141 | 2025-07-03 | dm: fix dm_blk_report_zones |
| CVE-2025-38142 | 2025-07-03 | hwmon: (asus-ec-sensors) check sensor index in read_string() |
| CVE-2025-38143 | 2025-07-03 | backlight: pm8941: Add NULL check in wled_configure() |
| CVE-2025-38144 | 2025-07-03 | watchdog: lenovo_se30_wdt: Fix possible devm_ioremap() NULL pointer dereference in lenovo_se30_wdt_probe() |
| CVE-2025-38145 | 2025-07-03 | soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() |
| CVE-2025-38146 | 2025-07-03 | net: openvswitch: Fix the dead loop of MPLS parse |
| CVE-2025-38147 | 2025-07-03 | calipso: Don't call calipso functions for AF_INET sk. |
| CVE-2025-38148 | 2025-07-03 | net: phy: mscc: Fix memory leak when using one step timestamping |
| CVE-2025-38149 | 2025-07-03 | net: phy: clear phydev->devlink when the link is deleted |
| CVE-2025-38150 | 2025-07-03 | af_packet: move notifier's packet_dev_mc out of rcu critical section |
| CVE-2025-38151 | 2025-07-03 | RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work |
| CVE-2025-38153 | 2025-07-03 | net: usb: aqc111: fix error handling of usbnet read calls |
| CVE-2025-38154 | 2025-07-03 | bpf, sockmap: Avoid using sk_socket after free when sending |
| CVE-2025-38155 | 2025-07-03 | wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() |
| CVE-2025-38156 | 2025-07-03 | wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init() |
| CVE-2025-38157 | 2025-07-03 | wifi: ath9k_htc: Abort software beacon handling if disabled |
| CVE-2025-38158 | 2025-07-03 | hisi_acc_vfio_pci: fix XQE dma address error |
| CVE-2025-38159 | 2025-07-03 | wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds |
| CVE-2025-38160 | 2025-07-03 | clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() |
| CVE-2025-38161 | 2025-07-03 | RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction |
| CVE-2025-38162 | 2025-07-03 | netfilter: nft_set_pipapo: prevent overflow in lookup table allocation |
| CVE-2025-38163 | 2025-07-03 | f2fs: fix to do sanity check on sbi->total_valid_block_count |
| CVE-2025-38164 | 2025-07-03 | f2fs: zone: fix to avoid inconsistence in between SIT and SSA |
| CVE-2025-38165 | 2025-07-03 | bpf, sockmap: Fix panic when calling skb_linearize |
| CVE-2025-38166 | 2025-07-03 | bpf: fix ktls panic with sockmap |
| CVE-2025-38167 | 2025-07-03 | fs/ntfs3: handle hdr_first_de() return value |
| CVE-2025-38168 | 2025-07-03 | perf: arm-ni: Unregister PMUs on probe failure |
| CVE-2025-38169 | 2025-07-03 | arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP |
| CVE-2025-38170 | 2025-07-03 | arm64/fpsimd: Discard stale CPU state when handling SME traps |
| CVE-2025-38171 | 2025-07-03 | power: supply: max77705: Fix workqueue error handling in probe |
| CVE-2025-38172 | 2025-07-03 | erofs: avoid using multiple devices with different type |
| CVE-2025-38173 | 2025-07-03 | crypto: marvell/cesa - Handle zero-length skcipher requests |
| CVE-2024-5647 | 2025-07-03 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library |
| CVE-2025-0885 | 2025-07-03 | Incorrect Authorization vulnerability affects OpenText™ GroupWise |
| CVE-2025-6587 | 2025-07-03 | Exposure of system environment variables in Docker Desktop diagnostic logs |
| CVE-2025-1708 | 2025-07-03 | CVE-2025-1708 |
| CVE-2025-6563 | 2025-07-03 | Cross-site scripting via dst parameter in RouterOS WiFi hotspot |
| CVE-2025-2540 | 2025-07-03 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library |
| CVE-2025-1709 | 2025-07-03 | CVE-2025-1709 |
| CVE-2025-1710 | 2025-07-03 | CVE-2025-1710 |
| CVE-2025-1711 | 2025-07-03 | CVE-2025-1711 |
| CVE-2025-27447 | 2025-07-03 | CVE-2025-27447 |
| CVE-2025-27448 | 2025-07-03 | CVE-2025-27448 |
| CVE-2025-27449 | 2025-07-03 | CVE-2025-27449 |
| CVE-2025-27450 | 2025-07-03 | CVE-2025-27450 |
| CVE-2025-27451 | 2025-07-03 | CVE-2025-27451 |
| CVE-2025-27452 | 2025-07-03 | CVE-2025-27452 |
| CVE-2025-27453 | 2025-07-03 | CVE-2025-27453 |
| CVE-2025-27454 | 2025-07-03 | CVE-2025-27454 |
| CVE-2025-27455 | 2025-07-03 | CVE-2025-27455 |
| CVE-2025-27456 | 2025-07-03 | CVE-2025-27456 |
| CVE-2025-27457 | 2025-07-03 | CVE-2025-27457 |
| CVE-2025-27458 | 2025-07-03 | CVE-2025-27458 |
| CVE-2025-27459 | 2025-07-03 | CVE-2025-27459 |
| CVE-2025-27460 | 2025-07-03 | CVE-2025-27460 |
| CVE-2025-27461 | 2025-07-03 | CVE-2025-27461 |
| CVE-2025-40722 | 2025-07-03 | Stored Cross-Site Scripting (XSS) vulnerability on Flatboard |
| CVE-2025-40723 | 2025-07-03 | Stored Cross-Site Scripting (XSS) vulnerability on Flatboard |
| CVE-2025-49032 | 2025-07-03 | WordPress Gutenberg Blocks plugin <= 3.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-3702 | 2025-07-03 | WordPress Melapress File Monitor plugin < 2.2.0 - Broken Access Control vulnerability |
| CVE-2025-49595 | 2025-07-03 | n8n Vulnerable to Denial of Service via Malformed Binary Data Requests |
| CVE-2025-2537 | 2025-07-03 | Multiple Plugins <= (Various Versions) - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library |
| CVE-2025-2932 | 2025-07-03 | JKDEVKIT <= 1.9.4 - Authenticated (Subscriber+) Arbitrary File Deletion |
| CVE-2025-5961 | 2025-07-03 | Migration, Backup, Staging – WPvivid Backup & Migration <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload |
| CVE-2025-53490 | 2025-07-03 | Multiple XSS in CampaignEvents |
| CVE-2025-53489 | 2025-07-03 | XSS in GoogleDocs4MW |
| CVE-2025-53502 | 2025-07-03 | HTML injection in FeaturedFeeds |
| CVE-2025-53501 | 2025-07-03 | Content Access Bypass in Scribunto |
| CVE-2025-53500 | 2025-07-03 | Stored XSS in MassEditRegex |
| CVE-2025-6926 | 2025-07-03 | Security Authentication Bypass in CentralAuth |
| CVE-2025-48939 | 2025-07-03 | tarteaucitron.js vulnerable to DOM Clobbering via document.currentScript |
| CVE-2025-49846 | 2025-07-03 | wire-ios accidentally logs message contents |