CVE-2025-21xxx

There are 865 CVE in this subgroup.
Last updated: 
← Back to 2025
ID Summary Flags Max Score
CVE-2025-21000 Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to...
CVE-2025-21001 Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to ...
CVE-2025-21002 Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to ...
CVE-2025-21003 Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows lo...
CVE-2025-21004 Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul...
CVE-2025-21005 Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensit...
CVE-2025-21006 Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 ...
CVE-2025-21007 Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows loc...
CVE-2025-21008 Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attacke...
CVE-2025-21009 Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows loc...
CVE-2025-21081 Protection mechanism failure for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform m...
CVE-2025-21082 arkui_ace_engine has a type confusion vulnerability
CVE-2025-21083 Insufficient Input Validation on Post Props
S
CVE-2025-21084 Arkcompiler Ets Runtime has an NULL pointer dereference vulnerability
CVE-2025-21085 PingFederate OAuth Grant attribute duplication may use excessive memory
S
CVE-2025-21087 TMM Vulnerability
CVE-2025-21088 WebApp crash via improper validation of proto style in attachments
S
CVE-2025-21089 Arkcompiler Ets Runtime has an out-of-bounds read vulnerability
CVE-2025-21091 BIG-IP SNMP vulnerability
CVE-2025-21092 GMOD Apollo Incorrect Privilege Assignment
S
CVE-2025-21094 Improper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and M50FCP ...
CVE-2025-21095 Keysight Ixia Vision Product Family Path Traversal
S
CVE-2025-21097 Arkcompiler Ets Runtime has a NULL pointer dereference vulnerability
CVE-2025-21098 Liteos-A has an insecure storage of sensitive information vulnerability
CVE-2025-21099 Uncontrolled search path for some Intel(R) Graphics software may allow an authenticated user to pote...
CVE-2025-21100 Improper initialization in the UEFI firmware for the Intel(R) Server D50DNP and M50FCP boards may al...
CVE-2025-21101 Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local ma...
CVE-2025-21102 Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerab...
CVE-2025-21103 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 ...
CVE-2025-21104 Dell NetWorker, versions prior to 19.12.0.1 and versions prior to 19.11.0.4, contain(s) an Open Redi...
CVE-2025-21105 Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privi...
CVE-2025-21106 Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. ...
CVE-2025-21107 Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an ...
CVE-2025-21111 Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerab...
CVE-2025-21117 Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low p...
CVE-2025-21121 InDesign Desktop | Out-of-bounds Write (CWE-787)
CVE-2025-21122 Photoshop Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21123 InDesign Desktop | Heap-based Buffer Overflow (CWE-122)
CVE-2025-21124 InDesign Desktop | Out-of-bounds Read (CWE-125)
CVE-2025-21125 InDesign Desktop | NULL Pointer Dereference (CWE-476)
CVE-2025-21126 InDesign Desktop | Improper Input Validation (CWE-20)
CVE-2025-21127 Photoshop Desktop | Uncontrolled Search Path Element (CWE-427)
CVE-2025-21128 Substance3D - Stager | Stack-based Buffer Overflow (CWE-121)
CVE-2025-21129 Substance3D - Stager | Heap-based Buffer Overflow (CWE-122)
CVE-2025-21130 Substance3D - Stager | Out-of-bounds Write (CWE-787)
CVE-2025-21131 Substance3D - Stager | Out-of-bounds Write (CWE-787)
CVE-2025-21132 Substance3D - Stager | Out-of-bounds Write (CWE-787)
CVE-2025-21133 Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21134 Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21135 Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21136 Substance3D - Designer | Out-of-bounds Write (CWE-787)
CVE-2025-21137 Substance3D - Designer | Heap-based Buffer Overflow (CWE-122)
CVE-2025-21138 Substance3D - Designer | Out-of-bounds Write (CWE-787)
CVE-2025-21139 Substance3D - Designer | Heap-based Buffer Overflow (CWE-122)
CVE-2025-21155 Substance3D - Stager | NULL Pointer Dereference (CWE-476)
CVE-2025-21156 InCopy | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21157 InDesign Desktop | Out-of-bounds Write (CWE-787)
CVE-2025-21158 InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21159 Illustrator | Use After Free (CWE-416)
CVE-2025-21160 Illustrator | Integer Underflow (Wrap or Wraparound) (CWE-191)
CVE-2025-21161 Substance3D - Designer | Out-of-bounds Write (CWE-787)
CVE-2025-21162 Photoshop Elements | Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)
CVE-2025-21163 Illustrator | Stack-based Buffer Overflow (CWE-121)
CVE-2025-21164 Substance3D - Designer | Out-of-bounds Write (CWE-787)
CVE-2025-21165 Substance3D - Designer | Out-of-bounds Write (CWE-787)
CVE-2025-21166 Substance3D - Designer | Out-of-bounds Write (CWE-787)
CVE-2025-21167 Substance3D - Designer | Out-of-bounds Read (CWE-125)
CVE-2025-21168 Substance3D - Designer | Out-of-bounds Read (CWE-125)
CVE-2025-21169 Substance3D - Designer | Heap-based Buffer Overflow (CWE-122)
CVE-2025-21170 Substance3D - Modeler | NULL Pointer Dereference (CWE-476)
CVE-2025-21171 .NET Remote Code Execution Vulnerability
CVE-2025-21172 .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21173 .NET Elevation of Privilege Vulnerability
CVE-2025-21174 Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVE-2025-21176 .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2025-21177 Microsoft Dynamics 365 Sales Elevation of Privilege Vulnerability
CVE-2025-21178 Visual Studio Remote Code Execution Vulnerability
S
CVE-2025-21179 DHCP Client Service Denial of Service Vulnerability
S
CVE-2025-21180 Windows exFAT File System Remote Code Execution Vulnerability
CVE-2025-21181 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21182 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
S
CVE-2025-21183 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
S
CVE-2025-21184 Windows Core Messaging Elevation of Privileges Vulnerability
S
CVE-2025-21185 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2025-21186 Microsoft Access Remote Code Execution Vulnerability
S
CVE-2025-21187 Microsoft Power Automate Remote Code Execution Vulnerability
CVE-2025-21188 Azure Network Watcher VM Extension Elevation of Privilege Vulnerability
S
CVE-2025-21189 MapUrlToZone Security Feature Bypass Vulnerability
S
CVE-2025-21190 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21191 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2025-21193 Active Directory Federation Server Spoofing Vulnerability
S
CVE-2025-21194 Microsoft Surface Security Feature Bypass Vulnerability
CVE-2025-21195 Azure Service Fabric Runtime Elevation of Privilege Vulnerability
CVE-2025-21197 Windows NTFS Information Disclosure Vulnerability
CVE-2025-21198 Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability
S
CVE-2025-21199 Azure Agent Installer for Backup and Site Recovery Elevation of Privilege Vulnerability
CVE-2025-21200 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21201 Windows Telephony Server Remote Code Execution Vulnerability
S
CVE-2025-21202 Windows Recovery Environment Agent Elevation of Privilege Vulnerability
S
CVE-2025-21203 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-21204 Windows Process Activation Elevation of Privilege Vulnerability
M
CVE-2025-21205 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21206 Visual Studio Installer Elevation of Privilege Vulnerability
S
CVE-2025-21207 Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability
S
CVE-2025-21208 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
S
CVE-2025-21210 Windows BitLocker Information Disclosure Vulnerability
S
CVE-2025-21211 Secure Boot Security Feature Bypass Vulnerability
S
CVE-2025-21212 Internet Connection Sharing (ICS) Denial of Service Vulnerability
S
CVE-2025-21213 Secure Boot Security Feature Bypass Vulnerability
S
CVE-2025-21214 Windows BitLocker Information Disclosure Vulnerability
S
CVE-2025-21215 Secure Boot Security Feature Bypass Vulnerability
S
CVE-2025-21216 Internet Connection Sharing (ICS) Denial of Service Vulnerability
S
CVE-2025-21217 Windows NTLM Spoofing Vulnerability
S
CVE-2025-21218 Windows Kerberos Denial of Service Vulnerability
S
CVE-2025-21219 MapUrlToZone Security Feature Bypass Vulnerability
S
CVE-2025-21220 Microsoft Message Queuing Information Disclosure Vulnerability
S
CVE-2025-21221 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21222 Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21223 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21224 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
S
CVE-2025-21225 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
S
CVE-2025-21226 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21227 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21228 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21229 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21230 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21231 IP Helper Denial of Service Vulnerability
S
CVE-2025-21232 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21233 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21234 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
S
CVE-2025-21235 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
S
CVE-2025-21236 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21237 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21238 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21239 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21240 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21241 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21242 Windows Kerberos Information Disclosure Vulnerability
S
CVE-2025-21243 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21244 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21245 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21246 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21247 MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21248 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21249 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21250 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21251 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21252 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21253 Microsoft Edge for IOS and Android Spoofing Vulnerability
CVE-2025-21254 Internet Connection Sharing (ICS) Denial of Service Vulnerability
S
CVE-2025-21255 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21256 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21257 Windows WLAN AutoConfig Service Information Disclosure Vulnerability
S
CVE-2025-21258 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21259 Microsoft Outlook Spoofing Vulnerability
S
CVE-2025-21260 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21261 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21262 Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21263 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21264 Visual Studio Code Security Feature Bypass Vulnerability
CVE-2025-21265 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21266 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21267 Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21268 MapUrlToZone Security Feature Bypass Vulnerability
S
CVE-2025-21269 Windows HTML Platforms Security Feature Bypass Vulnerability
S
CVE-2025-21270 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21271 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
S
CVE-2025-21272 Windows COM Server Information Disclosure Vulnerability
S
CVE-2025-21273 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21274 Windows Event Tracing Denial of Service Vulnerability
S
CVE-2025-21275 Windows App Package Installer Elevation of Privilege Vulnerability
S
CVE-2025-21276 Windows MapUrlToZone Denial of Service Vulnerability
S
CVE-2025-21277 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21278 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
S
CVE-2025-21279 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21280 Windows Virtual Trusted Platform Module Denial of Service Vulnerability
S
CVE-2025-21281 Microsoft COM for Windows Elevation of Privilege Vulnerability
S
CVE-2025-21282 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21283 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21284 Windows Virtual Trusted Platform Module Denial of Service Vulnerability
S
CVE-2025-21285 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21286 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21287 Windows Installer Elevation of Privilege Vulnerability
S
CVE-2025-21288 Windows COM Server Information Disclosure Vulnerability
S
CVE-2025-21289 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21290 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
S
CVE-2025-21291 Windows Direct Show Remote Code Execution Vulnerability
S
CVE-2025-21292 Windows Search Service Elevation of Privilege Vulnerability
S
CVE-2025-21293 Active Directory Domain Services Elevation of Privilege Vulnerability
S
CVE-2025-21294 Microsoft Digest Authentication Remote Code Execution Vulnerability
S
CVE-2025-21295 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
S
CVE-2025-21296 BranchCache Remote Code Execution Vulnerability
S
CVE-2025-21297 Windows Remote Desktop Services Remote Code Execution Vulnerability
S
CVE-2025-21298 Windows OLE Remote Code Execution Vulnerability
S
CVE-2025-21299 Windows Kerberos Security Feature Bypass Vulnerability
S
CVE-2025-21300 Windows upnphost.dll Denial of Service Vulnerability
S
CVE-2025-21301 Windows Geolocation Service Information Disclosure Vulnerability
S
CVE-2025-21302 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21303 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21304 Microsoft DWM Core Library Elevation of Privilege Vulnerability
S
CVE-2025-21305 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21306 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21307 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
S
CVE-2025-21308 Windows Themes Spoofing Vulnerability
S
CVE-2025-21309 Windows Remote Desktop Services Remote Code Execution Vulnerability
S
CVE-2025-21310 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21311 Windows NTLM V1 Elevation of Privilege Vulnerability
S
CVE-2025-21312 Windows Smart Card Reader Information Disclosure Vulnerability
S
CVE-2025-21313 Windows Security Account Manager (SAM) Denial of Service Vulnerability
CVE-2025-21314 Windows SmartScreen Spoofing Vulnerability
S
CVE-2025-21315 Microsoft Brokering File System Elevation of Privilege Vulnerability
S
CVE-2025-21316 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21317 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21318 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21319 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21320 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21321 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21322 Microsoft PC Manager Elevation of Privilege Vulnerability
S
CVE-2025-21323 Windows Kernel Memory Information Disclosure Vulnerability
S
CVE-2025-21324 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21325 Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2025-21326 Internet Explorer Remote Code Execution Vulnerability
S
CVE-2025-21327 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21328 MapUrlToZone Security Feature Bypass Vulnerability
S
CVE-2025-21329 MapUrlToZone Security Feature Bypass Vulnerability
S
CVE-2025-21330 Windows Remote Desktop Services Denial of Service Vulnerability
S
CVE-2025-21331 Windows Installer Elevation of Privilege Vulnerability
S
CVE-2025-21332 MapUrlToZone Security Feature Bypass Vulnerability
S
CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
KEV S
CVE-2025-21334 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
KEV S
CVE-2025-21335 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
KEV S
CVE-2025-21336 Windows Cryptographic Information Disclosure Vulnerability
S
CVE-2025-21337 Windows NTFS Elevation of Privilege Vulnerability
S
CVE-2025-21338 GDI+ Remote Code Execution Vulnerability
S
CVE-2025-21339 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21340 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability
S
CVE-2025-21341 Windows Digital Media Elevation of Privilege Vulnerability
S
CVE-2025-21342 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21343 Windows Web Threat Defense User Service Information Disclosure Vulnerability
S
CVE-2025-21344 Microsoft SharePoint Server Remote Code Execution Vulnerability
S
CVE-2025-21345 Microsoft Office Visio Remote Code Execution Vulnerability
S
CVE-2025-21346 Microsoft Office Security Feature Bypass Vulnerability
S
CVE-2025-21347 Windows Deployment Services Denial of Service Vulnerability
S
CVE-2025-21348 Microsoft SharePoint Server Remote Code Execution Vulnerability
S
CVE-2025-21349 Windows Remote Desktop Configuration Service Tampering Vulnerability
S
CVE-2025-21350 Windows Kerberos Denial of Service Vulnerability
S
CVE-2025-21351 Windows Active Directory Domain Services API Denial of Service Vulnerability
S
CVE-2025-21352 Internet Connection Sharing (ICS) Denial of Service Vulnerability
S
CVE-2025-21354 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21355 Microsoft Bing Remote Code Execution Vulnerability
S
CVE-2025-21356 Microsoft Office Visio Remote Code Execution Vulnerability
S
CVE-2025-21357 Microsoft Outlook Remote Code Execution Vulnerability
S
CVE-2025-21358 Windows Core Messaging Elevation of Privileges Vulnerability
S
CVE-2025-21359 Windows Kernel Security Feature Bypass Vulnerability
S
CVE-2025-21360 Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability
S
CVE-2025-21361 Microsoft Outlook Remote Code Execution Vulnerability
S
CVE-2025-21362 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21363 Microsoft Word Remote Code Execution Vulnerability
S
CVE-2025-21364 Microsoft Excel Security Feature Bypass Vulnerability
S
CVE-2025-21365 Microsoft Office Remote Code Execution Vulnerability
S
CVE-2025-21366 Microsoft Access Remote Code Execution Vulnerability
S
CVE-2025-21367 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
S
CVE-2025-21368 Microsoft Digest Authentication Remote Code Execution Vulnerability
S
CVE-2025-21369 Microsoft Digest Authentication Remote Code Execution Vulnerability
S
CVE-2025-21370 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
S
CVE-2025-21371 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21372 Microsoft Brokering File System Elevation of Privilege Vulnerability
S
CVE-2025-21373 Windows Installer Elevation of Privilege Vulnerability
S
CVE-2025-21374 Windows CSC Service Information Disclosure Vulnerability
S
CVE-2025-21375 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
S
CVE-2025-21376 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
S
CVE-2025-21377 NTLM Hash Disclosure Spoofing Vulnerability
S
CVE-2025-21378 Windows CSC Service Elevation of Privilege Vulnerability
S
CVE-2025-21379 DHCP Client Service Remote Code Execution Vulnerability
S
CVE-2025-21380 Azure Marketplace SaaS Resources Information Disclosure Vulnerability
CVE-2025-21381 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21382 Windows Graphics Component Elevation of Privilege Vulnerability
S
CVE-2025-21383 Microsoft Excel Information Disclosure Vulnerability
S
CVE-2025-21384 Azure Health Bot Elevation of Privilege Vulnerability
CVE-2025-21385 Microsoft Purview Information Disclosure Vulnerability
CVE-2025-21386 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21387 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21389 Windows upnphost.dll Denial of Service Vulnerability
S
CVE-2025-21390 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21391 Windows Storage Elevation of Privilege Vulnerability
KEV S
CVE-2025-21392 Microsoft Office Remote Code Execution Vulnerability
S
CVE-2025-21393 Microsoft SharePoint Server Spoofing Vulnerability
S
CVE-2025-21394 Microsoft Excel Remote Code Execution Vulnerability
S
CVE-2025-21395 Microsoft Access Remote Code Execution Vulnerability
S
CVE-2025-21396 Microsoft Account Elevation of Privilege Vulnerability
CVE-2025-21397 Microsoft Office Remote Code Execution Vulnerability
S
CVE-2025-21399 Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
E
CVE-2025-21400 Microsoft SharePoint Server Remote Code Execution Vulnerability
S
CVE-2025-21401 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
S
CVE-2025-21402 Microsoft Office OneNote Remote Code Execution Vulnerability
S
CVE-2025-21403 On-Premises Data Gateway Information Disclosure Vulnerability
S
CVE-2025-21404 Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2025-21405 Visual Studio Elevation of Privilege Vulnerability
S
CVE-2025-21406 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21407 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21408 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-21409 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21410 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
S
CVE-2025-21411 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21413 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21414 Windows Core Messaging Elevation of Privileges Vulnerability
S
CVE-2025-21415 Azure AI Face Service Elevation of Privilege Vulnerability
CVE-2025-21416 Azure Virtual Desktop Elevation of Privilege Vulnerability
CVE-2025-21417 Windows Telephony Service Remote Code Execution Vulnerability
S
CVE-2025-21418 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
KEV S
CVE-2025-21419 Windows Setup Files Cleanup Elevation of Privilege Vulnerability
S
CVE-2025-21420 Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
S
CVE-2025-21421 Buffer Over-read in Display
CVE-2025-21422 Cryptographic Issues in Automotive
CVE-2025-21423 Improper Validation of Array Index in Display
CVE-2025-21424 Use After Free in NPU
S
CVE-2025-21425 Improper Access Control in Automotive Linux OS
CVE-2025-21426 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera_Linux
CVE-2025-21427 Buffer Over-read in Data HLOS - LNX
CVE-2025-21428 Buffer Over-read in WLAN Host
CVE-2025-21429 Buffer Over-read in WLAN Host
CVE-2025-21430 Buffer Over-read in WLAN Host
CVE-2025-21431 Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform
CVE-2025-21432 Double Free in SPS-HLOS
CVE-2025-21433 NULL Pointer Dereference in SPS-HLOS
CVE-2025-21434 Buffer Over-read in WLAN Host
CVE-2025-21435 Buffer Over-read in WLAN Host Communication
CVE-2025-21436 Use After Free in DSP Service
CVE-2025-21437 Use After Free in Automotive Linux OS
CVE-2025-21438 Out-of-bounds Read in Windows WLAN Host
CVE-2025-21439 Out-of-bounds Read in Windows WLAN Host
CVE-2025-21440 Out-of-bounds Read in Windows WLAN Host
CVE-2025-21441 Out-of-bounds Read in Windows WLAN Host
CVE-2025-21442 Integer Overflow to Buffer Overflow in Automotive Vehicle Networks
CVE-2025-21443 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Automotive Vehicle Networks
CVE-2025-21444 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Data HLOS - QX
CVE-2025-21445 Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Data HLOS - QX
CVE-2025-21446 Buffer Over-read in WLAN Firmware
CVE-2025-21447 Improper Validation of Array Index in Computer Vision
CVE-2025-21448 Buffer Over-read in WLAN Firmware
CVE-2025-21449 Buffer Over-read in WLAN Embedded SW
CVE-2025-21450 Improper Authentication in GPS_GNSS
CVE-2025-21453 Use After Free in GPS HLOS Driver
S
CVE-2025-21454 Buffer Over-read in WLAN Embedded SW
CVE-2025-21459 Buffer Over-read in WLAN Host Communication
S
CVE-2025-21460 Improper Input Validation in Automotive Software platform based on QNX
CVE-2025-21462 Out-of-bounds Write in Computer Vision
CVE-2025-21463 Buffer Over-read in WLAN Host Communication
CVE-2025-21466 Use After Free in Display
CVE-2025-21467 Out-of-bounds Write in Computer Vision
S
CVE-2025-21468 Out-of-bounds Write in Computer Vision
S
CVE-2025-21469 Improper Access Control in Camera Driver
CVE-2025-21470 Improper Access Control in Camera Driver
CVE-2025-21475 Buffer Over-read in Display
CVE-2025-21479 Incorrect Authorization in Graphics
KEV
CVE-2025-21480 Incorrect Authorization in Graphics Windows
KEV
CVE-2025-21485 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
CVE-2025-21486 Untrusted Pointer Dereference in DSP Service
CVE-2025-21489 Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (componen...
CVE-2025-21490 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21491 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21492 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21493 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges)....
CVE-2025-21494 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges)....
CVE-2025-21495 Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL (component: Firewall). Suppo...
CVE-2025-21497 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21498 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). The...
CVE-2025-21499 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi...
CVE-2025-21500 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21501 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21502 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ...
CVE-2025-21503 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21504 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21505 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). ...
CVE-2025-21506 Vulnerability in the Oracle Project Foundation product of Oracle E-Business Suite (component: Techno...
CVE-2025-21507 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21508 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21509 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21510 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21511 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21512 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21513 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21514 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21515 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21516 Vulnerability in the Oracle Customer Care product of Oracle E-Business Suite (component: Service Req...
CVE-2025-21517 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21518 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21519 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges)....
CVE-2025-21520 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported v...
CVE-2025-21521 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supp...
CVE-2025-21522 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported ve...
CVE-2025-21523 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21524 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitor...
CVE-2025-21525 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi...
CVE-2025-21526 Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construc...
CVE-2025-21527 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Design ...
CVE-2025-21528 Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construc...
CVE-2025-21529 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). ...
CVE-2025-21530 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Pane...
CVE-2025-21531 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21532 Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Sup...
CVE-2025-21533 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo...
CVE-2025-21534 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Performance Schema). ...
CVE-2025-21535 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ...
CVE-2025-21536 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21537 Vulnerability in the PeopleSoft Enterprise FIN Cash Management product of Oracle PeopleSoft (compone...
CVE-2025-21538 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
CVE-2025-21539 Vulnerability in the PeopleSoft Enterprise FIN eSettlements product of Oracle PeopleSoft (component:...
CVE-2025-21540 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges)....
CVE-2025-21541 Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens an...
CVE-2025-21542 Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communicat...
CVE-2025-21543 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging). Supported...
CVE-2025-21544 Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communicat...
CVE-2025-21545 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Open...
CVE-2025-21546 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges)....
CVE-2025-21547 Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (componen...
CVE-2025-21548 Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Suppor...
CVE-2025-21549 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). ...
CVE-2025-21550 Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle Financi...
CVE-2025-21551 Vulnerability in the Oracle Solaris product of Oracle Systems (component: File system). The suppor...
CVE-2025-21552 Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards (component: ...
CVE-2025-21553 Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec...
CVE-2025-21554 Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communicat...
CVE-2025-21555 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21556 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Int...
CVE-2025-21557 Vulnerability in Oracle Application Express (component: General). Supported versions that are affec...
CVE-2025-21558 Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construc...
CVE-2025-21559 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
CVE-2025-21560 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: SDK-Softw...
CVE-2025-21561 Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: P...
CVE-2025-21562 Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSof...
CVE-2025-21563 Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSof...
CVE-2025-21564 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile Int...
CVE-2025-21565 Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Install)....
CVE-2025-21566 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
CVE-2025-21567 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges)....
CVE-2025-21568 Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (compon...
CVE-2025-21569 Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (compon...
CVE-2025-21570 Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Application...
CVE-2025-21571 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppo...
CVE-2025-21572 OpenGrok 1.13.25 has a reflected Cross-Site Scripting (XSS) issue when producing the history view pa...
S
CVE-2025-21573 Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Fina...
S
CVE-2025-21574 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported ve...
S
CVE-2025-21575 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported ve...
S
CVE-2025-21576 Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Personal...
S
CVE-2025-21577 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions t...
S
CVE-2025-21578 Vulnerability in Oracle Secure Backup (component: General). Supported versions that are affected ar...
S
CVE-2025-21579 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported v...
S
CVE-2025-21580 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi...
S
CVE-2025-21581 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
S
CVE-2025-21582 Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ...
S
CVE-2025-21583 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi...
CVE-2025-21584 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versi...
S
CVE-2025-21585 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported...
S
CVE-2025-21586 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Run...
S
CVE-2025-21587 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ...
CVE-2025-21588 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versi...
S
CVE-2025-21590 Junos OS: An local attacker with shell access can execute arbitrary code
KEV S
CVE-2025-21591 Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to crash
S
CVE-2025-21592 Junos OS: SRX Series: Low privileged user able to access highly sensitive information on file system
S
CVE-2025-21593 Junos OS and Junos OS Evolved: On SRv6 enabled devices, an attacker sending a malformed BGP update can cause the rpd to crash
S
CVE-2025-21594 Junos OS: MX Series: In DS-lite and NAT scenario receipt of crafted IPv6 traffic causes port block
S
CVE-2025-21595 Junos OS and Junos OS Evolved: In an EVPN-VXLAN scenario specific ARP or NDP packets cause FPC to crash
S
CVE-2025-21596 Junos OS: SRX1500,SRX4100,SRX4200: Execution of low-privileged CLI command results in chassisd crash
S
CVE-2025-21597 Junos OS and Junos OS Evolved: When BGP rib-sharding and update-threading are configured and a peer flaps, an rpd core is observed
S
CVE-2025-21598 Junos OS and Junos OS Evolved: When BGP traceoptions are configured, receipt of malformed BGP packets causes RPD to crash
S
CVE-2025-21599 Junos OS Evolved: Receipt of specifically malformed IPv6 packets causes kernel memory exhaustion leading to Denial of Service
S
CVE-2025-21600 Junos OS and Junos OS Evolved: With certain BGP options enabled, receipt of specifically malformed BGP update causes RPD crash
S
CVE-2025-21601 Junos OS: SRX and EX Series, MX240, MX480, MX960, QFX5120 Series: When web management is enabled for specific services an attacker may cause a CPU spike by sending genuine packets to the device
S
CVE-2025-21602 Junos OS and Junos OS Evolved: Receipt of specially crafted BGP update packet causes RPD crash
S
CVE-2025-21603 Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an at...
CVE-2025-21604 LangChain4j-AIDeepin Using MD5 to Hash files may cause file upload conflicts
CVE-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client
CVE-2025-21606 Local Privilege Escalation via Exposed XPC Method Due to Client Verification Failure in stats
CVE-2025-21607 Success of Certain Precompile Calls not Checked in Vyper
E
CVE-2025-21608 Forged packets over MQTT can show up in direct messages in Meshtastic firmware
CVE-2025-21609 SiYuan has an arbitrary file deletion vulnerability
E S
CVE-2025-21610 Trix allows Cross-site Scripting via `javascript:` url in a link
CVE-2025-21611 tgstation-server's role authorization incorrectly OR'd with user's enabled status
CVE-2025-21612 Cross-site Scripting in TabberTransclude in Extension:TabberNeue
CVE-2025-21613 go-git has an Argument Injection via the URL field
CVE-2025-21614 go-git clients vulnerable to DoS via maliciously crafted Git server replies
CVE-2025-21615 AAT allows data exfiltration by other apps installed on the same device
CVE-2025-21616 Plane has a Cross-site scripting (XSS) via SVG image upload
E
CVE-2025-21617 Guzzle OAuth Subscriber has insufficient nonce entropy
CVE-2025-21618 NiceGUI On Air authentication issue
CVE-2025-21619 GLPI allows SQL injection through the rules configuration
CVE-2025-21620 Deno's authorization headers not dropped when redirecting cross-origin
CVE-2025-21622 ClipBucket V5 Avatar URL Path Traversal to Arbitrary File Delete
E
CVE-2025-21623 ClipBucket V5 Unauthenticated Template Directory Update to Denial-of-Service
E
CVE-2025-21624 ClipBucket V5 Playlist Cover File Upload to Remote Code Execution
E
CVE-2025-21626 GLPI vulnerable to exposure of sensitive information in the `status.php` endpoint
CVE-2025-21627 GLPI Cross-site Scripting vulnerability
CVE-2025-21628 Chatwoot has a Blind SQL-injection in Conversation and Contacts filters
CVE-2025-21629 net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets
CVE-2025-21630 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21631 block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()
S
CVE-2025-21632 x86/fpu: Ensure shadow stack is active before "getting" registers
CVE-2025-21633 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21634 cgroup/cpuset: remove kernfs active break
S
CVE-2025-21635 rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
S
CVE-2025-21636 sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy
S
CVE-2025-21637 sctp: sysctl: udp_port: avoid using current->nsproxy
S
CVE-2025-21638 sctp: sysctl: auth_enable: avoid using current->nsproxy
S
CVE-2025-21639 sctp: sysctl: rto_min/max: avoid using current->nsproxy
S
CVE-2025-21640 sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
S
CVE-2025-21641 mptcp: sysctl: blackhole timeout: avoid using current->nsproxy
S
CVE-2025-21642 mptcp: sysctl: sched: avoid using current->nsproxy
S
CVE-2025-21643 netfs: Fix kernel async DIO
CVE-2025-21644 drm/xe: Fix tlb invalidation when wedging
S
CVE-2025-21645 platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it
CVE-2025-21646 afs: Fix the maximum cell name length
CVE-2025-21647 sched: sch_cake: add bounds checks to host bulk flow fairness counts
CVE-2025-21648 netfilter: conntrack: clamp maximum hashtable size to INT_MAX
CVE-2025-21649 net: hns3: fix kernel crash when 1588 is sent on HIP08 devices
S
CVE-2025-21650 net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue
S
CVE-2025-21651 net: hns3: don't auto enable misc vector
CVE-2025-21652 ipvlan: Fix use-after-free in ipvlan_get_iflink().
S
CVE-2025-21653 net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute
CVE-2025-21654 ovl: support encoding fid from inode with no alias
CVE-2025-21655 io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period
CVE-2025-21656 hwmon: (drivetemp) Fix driver producing garbage data when SCSI errors occur
CVE-2025-21657 sched_ext: Replace rq_lock() to raw_spin_rq_lock() in scx_ops_bypass()
CVE-2025-21658 btrfs: avoid NULL pointer dereference if no valid extent tree
S
CVE-2025-21659 netdev: prevent accessing NAPI instances from another namespace
CVE-2025-21660 ksmbd: fix unexpectedly changed path in ksmbd_vfs_kern_path_locked
CVE-2025-21661 gpio: virtuser: fix missing lookup table cleanups
S
CVE-2025-21662 net/mlx5: Fix variable not being completed when function returns
CVE-2025-21663 net: stmmac: dwmac-tegra: Read iommu stream id from device tree
CVE-2025-21664 dm thin: make get_first_thin use rcu-safe list first function
CVE-2025-21665 filemap: avoid truncating 64-bit offset to 32 bits
S
CVE-2025-21666 vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
S
CVE-2025-21667 iomap: avoid avoid truncating 64-bit offset to 32 bits
S
CVE-2025-21668 pmdomain: imx8mp-blk-ctrl: add missing loop break condition
CVE-2025-21669 vsock/virtio: discard packets if the transport changes
S
CVE-2025-21670 vsock/bpf: return early if transport is not assigned
S
CVE-2025-21671 zram: fix potential UAF of zram table
S
CVE-2025-21672 afs: Fix merge preference rule failure condition
S
CVE-2025-21673 smb: client: fix double free of TCP_Server_Info::hostname
S
CVE-2025-21674 net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
S
CVE-2025-21675 net/mlx5: Clear port select structure when fail to create
S
CVE-2025-21676 net: fec: handle page_pool_dev_alloc_pages error
S
CVE-2025-21677 pfcp: Destroy device along with udp socket's netns dismantle.
CVE-2025-21678 gtp: Destroy device along with udp socket's netns dismantle.
CVE-2025-21679 btrfs: add the missing error handling inside get_canonical_dev_path
CVE-2025-21680 pktgen: Avoid out-of-bounds access in get_imix_entries
S
CVE-2025-21681 openvswitch: fix lockup on tx to unregistering netdev with carrier
S
CVE-2025-21682 eth: bnxt: always recalculate features after XDP clearing, fix null-deref
S
CVE-2025-21683 bpf: Fix bpf_sk_select_reuseport() memory leak
S
CVE-2025-21684 gpio: xilinx: Convert gpio_lock to raw spinlock
S
CVE-2025-21685 platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: fix serdev race
S
CVE-2025-21686 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21687 vfio/platform: check the bounds of read/write syscalls
S
CVE-2025-21688 drm/v3d: Assign job pointer to NULL before signaling the fence
S
CVE-2025-21689 USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
S
CVE-2025-21690 scsi: storvsc: Ratelimit warning logs to prevent VM denial of service
S
CVE-2025-21691 cachestat: fix page cache statistics permission checking
CVE-2025-21692 net: sched: fix ets qdisc OOB Indexing
S
CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug
S
CVE-2025-21694 fs/proc: fix softlockup in __read_vmcore (part 2)
S
CVE-2025-21695 platform/x86: dell-uart-backlight: fix serdev race
S
CVE-2025-21696 mm: clear uffd-wp PTE/PMD state on mremap()
S
CVE-2025-21697 drm/v3d: Ensure job pointer is set to NULL after job completion
S
CVE-2025-21698 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21699 gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
S
CVE-2025-21700 net: sched: Disallow replacing of child qdisc from one parent to another
S
CVE-2025-21701 net: avoid race between device unregistration and ethnl ops
CVE-2025-21702 pfifo_tail_enqueue: Drop new packet when sch->limit == 0
CVE-2025-21703 netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()
S
CVE-2025-21704 usb: cdc-acm: Check control transfer buffer size before access
CVE-2025-21705 mptcp: handle fastopen disconnect correctly
CVE-2025-21706 mptcp: pm: only set fullmesh for subflow endp
CVE-2025-21707 mptcp: consolidate suboption status
S
CVE-2025-21708 net: usb: rtl8150: enable basic endpoint checking
CVE-2025-21709 kernel: be more careful about dup_mmap() failures and uprobe registering
CVE-2025-21710 tcp: correct handling of extreme memory squeeze
CVE-2025-21711 net/rose: prevent integer overflows in rose_setsockopt()
S
CVE-2025-21712 md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime
CVE-2025-21713 powerpc/pseries/iommu: Don't unset window if it was never set
S
CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free
S
CVE-2025-21715 net: davicom: fix UAF in dm9000_drv_remove
S
CVE-2025-21716 vxlan: Fix uninit-value in vxlan_vnifilter_dump()
S
CVE-2025-21717 net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq
CVE-2025-21718 net: rose: fix timer races against user threads
S
CVE-2025-21719 ipmr: do not call mr_mfc_uses_dev() for unres entries
CVE-2025-21720 xfrm: delete intermediate secpath entry in packet offload mode
CVE-2025-21721 nilfs2: handle errors that nilfs_prepare_chunk() may return
CVE-2025-21722 nilfs2: do not force clear folio if buffer is referenced
S
CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails
S
CVE-2025-21724 iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()
CVE-2025-21725 smb: client: fix oops due to unset link speed
CVE-2025-21726 padata: avoid UAF for reorder_work
S
CVE-2025-21727 padata: fix UAF in padata_reorder
S
CVE-2025-21728 bpf: Send signals asynchronously if !preemptible
CVE-2025-21729 wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion
S
CVE-2025-21730 wifi: rtw89: avoid to init mgnt_entry list twice when WoWLAN failed
CVE-2025-21731 nbd: don't allow reconnect after disconnect
S
CVE-2025-21732 RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error
CVE-2025-21733 tracing/osnoise: Fix resetting of tracepoints
CVE-2025-21734 misc: fastrpc: Fix copy buffer page size
CVE-2025-21735 NFC: nci: Add bounds checking in nci_hci_create_pipe()
S
CVE-2025-21736 nilfs2: fix possible int overflows in nilfs_fiemap()
S
CVE-2025-21737 ceph: fix memory leak in ceph_mds_auth_match()
S
CVE-2025-21738 ata: libata-sff: Ensure that we cannot write outside the allocated buffer
CVE-2025-21739 scsi: ufs: core: Fix use-after free in init error and remove paths
S
CVE-2025-21740 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21741 usbnet: ipheth: fix DPE OoB read
S
CVE-2025-21742 usbnet: ipheth: use static NDP16 location in URB
S
CVE-2025-21743 usbnet: ipheth: fix possible overflow in DPE length check
S
CVE-2025-21744 wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()
S
CVE-2025-21745 blk-cgroup: Fix class @block_class's subsystem refcount leakage
S
CVE-2025-21746 Input: synaptics - fix crash when enabling pass-through port
CVE-2025-21747 drm/ast: astdp: Fix timeout for enabling video signal
CVE-2025-21748 ksmbd: fix integer overflows on 32 bit systems
S
CVE-2025-21749 net: rose: lock the socket in rose_bind()
S
CVE-2025-21750 wifi: brcmfmac: Check the return value of of_property_read_string_index()
CVE-2025-21751 net/mlx5: HWS, change error flow on matcher disconnect
S
CVE-2025-21752 btrfs: don't use btrfs_set_item_key_safe on RAID stripe-extents
CVE-2025-21753 btrfs: fix use-after-free when attempting to join an aborted transaction
S
CVE-2025-21754 btrfs: fix assertion failure when splitting ordered extent after transaction abort
CVE-2025-21755 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21756 vsock: Keep the binding until socket destruction
E S
CVE-2025-21757 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21758 ipv6: mcast: add RCU protection to mld_newpack()
CVE-2025-21759 ipv6: mcast: extend RCU protection in igmp6_send()
S
CVE-2025-21760 ndisc: extend RCU protection in ndisc_send_skb()
S
CVE-2025-21761 openvswitch: use RCU protection in ovs_vport_cmd_fill_info()
S
CVE-2025-21762 arp: use RCU protection in arp_xmit()
S
CVE-2025-21763 neighbour: use RCU protection in __neigh_notify()
S
CVE-2025-21764 ndisc: use RCU protection in ndisc_alloc_skb()
S
CVE-2025-21765 ipv6: use RCU protection in ip6_default_advmss()
CVE-2025-21766 ipv4: use RCU protection in __ip_rt_update_pmtu()
CVE-2025-21767 clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context
CVE-2025-21768 net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
CVE-2025-21769 ptp: vmclock: Add .owner to vmclock_miscdev_fops
S
CVE-2025-21770 iommu: Fix potential memory leak in iopf_queue_remove_device()
S
CVE-2025-21771 sched_ext: Fix incorrect autogroup migration detection
CVE-2025-21772 partitions: mac: fix handling of bogus partition table
CVE-2025-21773 can: etas_es58x: fix potential NULL pointer dereference on udev->serial
S
CVE-2025-21774 can: rockchip: rkcanfd_handle_rx_fifo_overflow_int(): bail out if skb cannot be allocated
S
CVE-2025-21775 can: ctucanfd: handle skb allocation failure
S
CVE-2025-21776 USB: hub: Ignore non-compliant devices with too many configs or interfaces
S
CVE-2025-21777 ring-buffer: Validate the persistent meta data subbuf array
CVE-2025-21778 tracing: Do not allow mmap() of persistent ring buffer
CVE-2025-21779 KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel
S
CVE-2025-21780 drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()
S
CVE-2025-21781 batman-adv: fix panic during interface removal
CVE-2025-21782 orangefs: fix a oob in orangefs_debug_write
S
CVE-2025-21783 gpiolib: Fix crash on error in gpiochip_get_ngpios()
S
CVE-2025-21784 drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()
CVE-2025-21785 arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array
S
CVE-2025-21786 workqueue: Put the pwq after detaching the rescuer from the pool
S
CVE-2025-21787 team: better TEAM_OPTION_TYPE_STRING validation
S
CVE-2025-21788 net: ethernet: ti: am65-cpsw: fix memleak in certain XDP cases
S
CVE-2025-21789 LoongArch: csum: Fix OoB access in IP checksum code for negative lengths
S
CVE-2025-21790 vxlan: check vxlan_vnigroup_init() return value
S
CVE-2025-21791 vrf: use RCU protection in l3mdev_l3_out()
S
CVE-2025-21792 ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt
S
CVE-2025-21793 spi: sn-f-ospi: Fix division by zero
S
CVE-2025-21794 HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()
S
CVE-2025-21795 NFSD: fix hang in nfsd4_shutdown_callback
CVE-2025-21796 nfsd: clear acl_access/acl_default after releasing them
S
CVE-2025-21797 HID: corsair-void: Add missing delayed work cancel for headset status
S
CVE-2025-21798 firewire: test: Fix potential null dereference in firewire kunit test
S
CVE-2025-21799 net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()
CVE-2025-21800 net/mlx5: HWS, fix definer's HWS_SET32 macro for negative offset
CVE-2025-21801 net: ravb: Fix missing rtnl lock in suspend/resume path
CVE-2025-21802 net: hns3: fix oops when unload drivers paralleling
CVE-2025-21803 LoongArch: Fix warnings during S3 suspend
CVE-2025-21804 PCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()
CVE-2025-21805 RDMA/rtrs: Add missing deinit() call
CVE-2025-21806 net: let net.core.dev_weight always be non-zero
CVE-2025-21807 block: fix queue freeze vs limits lock order in sysfs store methods
CVE-2025-21808 net: xdp: Disallow attaching device-bound programs in generic mode
CVE-2025-21809 rxrpc, afs: Fix peer hash locking vs RCU callback
S
CVE-2025-21810 driver core: class: Fix wild pointer dereferences in API class_dev_iter_next()
CVE-2025-21811 nilfs2: protect access to buffers with no active references
S
CVE-2025-21812 ax25: rcu protect dev->ax25_ptr
S
CVE-2025-21813 timers/migration: Fix off-by-one root mis-connection
CVE-2025-21814 ptp: Ensure info->enable callback is always set
S
CVE-2025-21815 mm/compaction: fix UBSAN shift-out-of-bounds warning
CVE-2025-21816 hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING
CVE-2025-21817 block: mark GFP_NOIO around sysfs ->store()
CVE-2025-21818 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21819 Revert "drm/amd/display: Use HW lock mgr for PSR1"
CVE-2025-21820 tty: xilinx_uartps: split sysrq handling
S
CVE-2025-21821 fbdev: omap: use threaded IRQ for LCD DMA
CVE-2025-21822 ptp: vmclock: Set driver data before its usage
CVE-2025-21823 batman-adv: Drop unmanaged ELP metric worker
CVE-2025-21824 gpu: host1x: Fix a use of uninitialized mutex
S
CVE-2025-21825 bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
CVE-2025-21826 netfilter: nf_tables: reject mismatching sum of field_len with set key length
CVE-2025-21827 Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface()
CVE-2025-21828 wifi: mac80211: don't flush non-uploaded STAs
CVE-2025-21829 RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"
CVE-2025-21830 landlock: Handle weird files
CVE-2025-21831 PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1
CVE-2025-21832 block: don't revert iter for -EIOCBQUEUED
CVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE
S
CVE-2025-21834 seccomp: passthrough uretprobe systemcall without filtering
CVE-2025-21835 usb: gadget: f_midi: fix MIDI Streaming descriptor lengths
CVE-2025-21836 io_uring/kbuf: reallocate buf lists on upgrade
CVE-2025-21837 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2025-21838 usb: gadget: core: flush gadget workqueue after device removal
CVE-2025-21839 KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop
CVE-2025-21840 thermal/netlink: Prevent userspace segmentation fault by adjusting UAPI header
CVE-2025-21841 cpufreq/amd-pstate: Fix cpufreq_policy ref counting
CVE-2025-21842 amdkfd: properly free gang_ctx_bo when failed to init user queue
CVE-2025-21843 drm/panthor: avoid garbage value in panthor_ioctl_dev_query()
S
CVE-2025-21844 smb: client: Add check for next_buffer in receive_encrypted_standard()
S
CVE-2025-21845 mtd: spi-nor: sst: Fix SST write failure
S
CVE-2025-21846 acct: perform last write from workqueue
S
CVE-2025-21847 ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()
S
CVE-2025-21848 nfp: bpf: Add check for nfp_app_ctrl_msg_alloc()
S
CVE-2025-21849 drm/i915/gt: Use spin_lock_irqsave() in interruptible context
S
CVE-2025-21850 nvmet: Fix crash when a namespace is disabled
S
CVE-2025-21851 bpf: Fix softlockup in arena_map_free on 64k page kernel
S
CVE-2025-21852 net: Add rx_skb of kfree_skb to raw_tp_null_args[].
S
CVE-2025-21853 bpf: avoid holding freeze_mutex during mmap operation
S
CVE-2025-21854 sockmap, vsock: For connectible sockets allow only connected
S
CVE-2025-21855 ibmvnic: Don't reference skb after sending to VIOS
S
CVE-2025-21856 s390/ism: add release function for struct device
S
CVE-2025-21857 net/sched: cls_api: fix error handling causing NULL dereference
S
CVE-2025-21858 geneve: Fix use-after-free in geneve_find_dev().
S
CVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work
S
CVE-2025-21860 mm/zswap: fix inconsistency when zswap_store_page() fails
S
CVE-2025-21861 mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
S
CVE-2025-21862 drop_monitor: fix incorrect initialization order
S
CVE-2025-21863 io_uring: prevent opcode speculation
S
CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst
S
CVE-2025-21865 gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().
S
CVE-2025-21866 powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC
S
CVE-2025-21867 bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()
S
CVE-2025-21868 net: allow small head cache usage with large MAX_SKB_FRAGS values
CVE-2025-21869 powerpc/code-patching: Disable KASAN report during patching via temporary mm
CVE-2025-21870 ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers
CVE-2025-21871 tee: optee: Fix supplicant wait loop
CVE-2025-21872 efi: Don't map the entire mokvar table to determine its size
CVE-2025-21873 scsi: ufs: core: bsg: Fix crash when arpmb command fails
CVE-2025-21874 dm-integrity: Avoid divide by zero in table status in Inline mode
CVE-2025-21875 mptcp: always handle address removal under msk socket lock
CVE-2025-21876 iommu/vt-d: Fix suspicious RCU usage
CVE-2025-21877 usbnet: gl620a: fix endpoint checking in genelink_bind()
CVE-2025-21878 i2c: npcm: disable interrupt enable bit before devm_request_irq
CVE-2025-21879 btrfs: fix use-after-free on inode when scanning root during em shrinking
S
CVE-2025-21880 drm/xe/userptr: fix EFAULT handling
CVE-2025-21881 uprobes: Reject the shared zeropage in uprobe_write_opcode()
CVE-2025-21882 net/mlx5: Fix vport QoS cleanup on error
CVE-2025-21883 ice: Fix deinitializing VF in error path
CVE-2025-21884 net: better track kernel sockets lifetime
CVE-2025-21885 RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers
CVE-2025-21886 RDMA/mlx5: Fix implicit ODP hang on parent deregistration
CVE-2025-21887 ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
S
CVE-2025-21888 RDMA/mlx5: Fix a WARN during dereg_mr for DM type
CVE-2025-21889 perf/core: Add RCU read lock protection to perf_iterate_ctx()
CVE-2025-21890 idpf: fix checksums set in idpf_rx_rsc()
CVE-2025-21891 ipvlan: ensure network headers are in skb linear part
S
CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP
CVE-2025-21893 keys: Fix UAF in key_put()
S
CVE-2025-21894 net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC
CVE-2025-21895 perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list
CVE-2025-21896 fuse: revert back to __readahead_folio() for readahead
CVE-2025-21897 sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without balance()
CVE-2025-21898 ftrace: Avoid potential division by zero in function_stat_show()
S
CVE-2025-21899 tracing: Fix bad hist from corrupting named_triggers list
CVE-2025-21900 NFSv4: Fix a deadlock when recovering state on a sillyrenamed file
S
CVE-2025-21901 RDMA/bnxt_re: Add sanity checks on rdev validity
S
CVE-2025-21902 acpi: typec: ucsi: Introduce a ->poll_cci method
CVE-2025-21903 mctp i3c: handle NULL header address
CVE-2025-21904 caif_virtio: fix wrong pointer check in cfv_probe()
S
CVE-2025-21905 wifi: iwlwifi: limit printed string from FW file
S
CVE-2025-21906 wifi: iwlwifi: mvm: clean up ROC on failure
CVE-2025-21907 mm: memory-failure: update ttu flag inside unmap_poisoned_folio
CVE-2025-21908 NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback
S
CVE-2025-21909 wifi: nl80211: reject cooked mode if it is set along with other flags
CVE-2025-21910 wifi: cfg80211: regulatory: improve invalid hints checking
CVE-2025-21911 drm/imagination: avoid deadlock on fence release
S
CVE-2025-21912 gpio: rcar: Use raw_spinlock to protect register access
S
CVE-2025-21913 x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()
CVE-2025-21914 slimbus: messaging: Free transaction ID in delayed interrupt scenario
CVE-2025-21915 cdx: Fix possible UAF error in driver_override_show()
S
CVE-2025-21916 usb: atm: cxacru: fix a flaw in existing endpoint checks
CVE-2025-21917 usb: renesas_usbhs: Flush the notify_hotplug_work
S
CVE-2025-21918 usb: typec: ucsi: Fix NULL pointer access
S
CVE-2025-21919 sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
S
CVE-2025-21920 vlan: enforce underlying device type
S
CVE-2025-21921 net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device
CVE-2025-21922 ppp: Fix KMSAN uninit-value warning with bpf
S
CVE-2025-21923 HID: hid-steam: Fix use-after-free when detaching device
S
CVE-2025-21924 net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error
CVE-2025-21925 llc: do not use skb_get() before dev_queue_xmit()
CVE-2025-21926 net: gso: fix ownership in __udp_gso_segment
CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
S
CVE-2025-21928 HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
S
CVE-2025-21929 HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove()
S
CVE-2025-21930 wifi: iwlwifi: mvm: don't try to talk to a dead firmware
S
CVE-2025-21931 hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio
CVE-2025-21932 mm: abort vma_modify() on merge out of memory failure
CVE-2025-21933 arm: pgtable: fix NULL pointer dereference issue
S
CVE-2025-21934 rapidio: fix an API misues when rio_add_net() fails
S
CVE-2025-21935 rapidio: add check for rio_add_net() in rio_scan_alloc_net()
CVE-2025-21936 Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()
S
CVE-2025-21937 Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
S
CVE-2025-21938 mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
CVE-2025-21939 drm/xe/hmm: Don't dereference struct page pointers without notifier lock
CVE-2025-21940 drm/amdkfd: Fix NULL Pointer Dereference in KFD queue
S
CVE-2025-21941 drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params
S
CVE-2025-21942 btrfs: zoned: fix extent range end unlock in cow_file_range()
CVE-2025-21943 gpio: aggregator: protect driver attr handlers against module unload
S
CVE-2025-21944 ksmbd: fix bug on trap in smb2_lock
CVE-2025-21945 ksmbd: fix use-after-free in smb2_lock
S
CVE-2025-21946 ksmbd: fix out-of-bounds in parse_sec_desc()
CVE-2025-21947 ksmbd: fix type confusion via race condition when using ipc_msg_send_request
S
CVE-2025-21948 HID: appleir: Fix potential NULL dereference at raw event handle
S
CVE-2025-21949 LoongArch: Set hugetlb mmap base address aligned with pmd size
S
CVE-2025-21950 drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
CVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock
S
CVE-2025-21952 HID: corsair-void: Update power supply values with a unified work handler
CVE-2025-21953 net: mana: cleanup mana struct after debugfs_remove()
S
CVE-2025-21954 netmem: prevent TX of unreadable skbs
CVE-2025-21955 ksmbd: prevent connection release during oplock break notification
CVE-2025-21956 drm/amd/display: Assign normalized_pix_clk when color depth = 14
CVE-2025-21957 scsi: qla1280: Fix kernel oops when debug level > 2
S
CVE-2025-21958 Revert "openvswitch: switch to per-action label counting in conntrack"
CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
S
CVE-2025-21960 eth: bnxt: do not update checksum in bnxt_xdp_build_skb()
CVE-2025-21961 eth: bnxt: fix truesize for mb-xdp-pass case
S
CVE-2025-21962 cifs: Fix integer overflow while processing closetimeo mount option
S
CVE-2025-21963 cifs: Fix integer overflow while processing acdirmax mount option
S
CVE-2025-21964 cifs: Fix integer overflow while processing acregmax mount option
S
CVE-2025-21965 sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl()
CVE-2025-21966 dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature
S
CVE-2025-21967 ksmbd: fix use-after-free in ksmbd_free_work_struct
S
CVE-2025-21968 drm/amd/display: Fix slab-use-after-free on hdcp_work
S
CVE-2025-21969 Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
S
CVE-2025-21970 net/mlx5: Bridge, fix the crash caused by LAG state check
CVE-2025-21971 net_sched: Prevent creation of classes with TC_H_ROOT
CVE-2025-21972 net: mctp: unshare packets when reassembling
CVE-2025-21973 eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}
CVE-2025-21974 eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc()
CVE-2025-21975 net/mlx5: handle errors in mlx5_chains_create_table()
CVE-2025-21976 fbdev: hyperv_fb: Allow graceful removal of framebuffer
CVE-2025-21977 fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs
CVE-2025-21978 drm/hyperv: Fix address space leak when Hyper-V DRM device is removed
CVE-2025-21979 wifi: cfg80211: cancel wiphy_work before freeing wiphy
S
CVE-2025-21980 sched: address a potential NULL pointer dereference in the GRED scheduler.
S
CVE-2025-21981 ice: fix memory leak in aRFS after reset
S
CVE-2025-21982 pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw
S
CVE-2025-21983 mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq
CVE-2025-21984 mm: fix kernel BUG when userfaultfd_move encounters swapcache
S
CVE-2025-21985 drm/amd/display: Fix out-of-bound accesses
CVE-2025-21986 net: switchdev: Convert blocking notification chain to a raw one
CVE-2025-21987 drm/amdgpu: init return value in amdgpu_ttm_clear_buffer
CVE-2025-21988 fs/netfs/read_collect: add to next->prev_donated
CVE-2025-21989 drm/amd/display: fix missing .is_two_pixels_per_container
S
CVE-2025-21990 drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags
S
CVE-2025-21991 x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
S
CVE-2025-21992 HID: ignore non-functional sensor in HP 5MP Camera
CVE-2025-21993 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
S
CVE-2025-21994 ksmbd: fix incorrect validation for num_aces field of smb_acl
CVE-2025-21995 drm/sched: Fix fence reference count leak
S
CVE-2025-21996 drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()
S
CVE-2025-21997 xsk: fix an integer overflow in xp_create_and_assign_umem()
S
CVE-2025-21998 firmware: qcom: uefisecapp: fix efivars registration race
S
CVE-2025-21999 proc: fix UAF in proc_get_inode()
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.