VulDB Recent Entries

A vulnerability, which was classified as problematic, has been found in Vega and Vega-functions. This issue affects some unknown processing. The manipulation leads to improper neutralization of alternate xss syntax. The identification of this vulnerability is CVE-2025-27793. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Vega and Vega-functions. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-26619. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.13.5. This affects the function btrfs_scan_root. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21879. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.5. It has been rated as critical. Affected by this issue is the function devm_request_irq of the component npcm. The manipulation leads to denial of service. This vulnerability is handled as CVE-2025-21878. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.5. It has been classified as problematic. Affected is the function genelink_bind of the file drivers/usb/core/urb.c of the component gl620a Driver. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2025-21877. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.17/6.13.5. It has been declared as problematic. Affected by this vulnerability is the function journal_sectors of the component dm-integrity. The manipulation leads to divide by zero. This vulnerability is known as CVE-2025-21874. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.80/6.12.17/6.13.5 and classified as critical. This issue affects the function bsg_transport_sg_io_fn. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2025-21873. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.13.5 and classified as critical. This vulnerability affects the function drm_fbdev_dma_driver_fbdev_probe of the component fbdev-dma. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-58091. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.13.5. This affects the function sock_owned_by_me in the library /include/net/sock.h. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2025-21875. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.13.5. Affected by this issue is the function syscore_resume of the file drivers/base/syscore.c. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-58090. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.17/6.13.5. Affected by this vulnerability is the function enable_drhd_fault_handling of the component vt-d. The manipulation leads to deadlock. This vulnerability is known as CVE-2025-21876. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.234/6.6.82/6.12.17/6.13.5. Affected is the function early_memmap of the file mm/early_ioremap.c. The manipulation leads to excessive iteration. This vulnerability is traded as CVE-2025-21872. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in libming 0.4.8. It has been rated as problematic. This issue affects the function parseABC_STRING_INFO. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2025-29487. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in libming 0.4.8. It has been declared as problematic. This vulnerability affects the function parseABC_NS_SET_INFO. The manipulation leads to resource consumption. This vulnerability was named CVE-2025-29484. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in GitLab Duo with Amazon Q up to 17.8.5/17.9.2/17.10.0. It has been classified as critical. This affects an unknown part of the component AI-assisted Development Features. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2025-2867. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in libming 0.4.8 and classified as problematic. Affected by this issue is the function parseSWF_MORPHLINESTYLES. The manipulation leads to memory leak. This vulnerability is handled as CVE-2025-29489. The attack needs to be done within the local network. There is no exploit available.

A vulnerability has been found in libming 0.4.8 and classified as problematic. Affected by this vulnerability is the function parseSWF_INITACTION. The manipulation leads to memory leak. This vulnerability is known as CVE-2025-29488. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in libming 0.4.8. Affected is the function parseSWF_PLACEOBJECT3. The manipulation leads to memory leak. This vulnerability is traded as CVE-2025-29486. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in libming 0.4.8. This issue affects the function parseSWF_ENABLEDEBUGGER2. The manipulation leads to memory leak. The identification of this vulnerability is CVE-2025-29483. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability classified as problematic was found in IBM UrbanCode Deploy and DevOps Deploy up to 7.1.2.21/7.2.3.14/7.3.2.9. This vulnerability affects unknown code. The manipulation leads to sensitive information in log files. This vulnerability was named CVE-2025-1998. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.