Vuldb Updates

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. It has been declared as problematic. This affects the function pm_runtime_get_sync. The manipulation results in information disclosure. This vulnerability is reported as CVE-2022-49192. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability labeled as problematic has been found in Linux Kernel up to 5.16.18/5.17.1. Affected by this issue is the function nldev_stat_set_counter_dynamic_doit. Executing manipulation can lead to insufficient verification of data authenticity. This vulnerability is handled as CVE-2022-49199. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 5.17.1 and classified as problematic. This impacts the function pm80xx_send_abort_all. The manipulation of the argument n_elem results in improper initialization. This vulnerability is cataloged as CVE-2022-49217. The attack must originate from the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1 and classified as critical. The impacted element is an unknown function. The manipulation results in memory corruption. This vulnerability is identified as CVE-2022-49229. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1. This vulnerability affects the function tcp_bpf_send_verdict. The manipulation results in privilege escalation. This vulnerability was named CVE-2022-49204. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. It has been declared as problematic. Affected by this vulnerability is the function asix_read_cmd. Such manipulation leads to unchecked return value. This vulnerability is documented as CVE-2022-49226. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1. This affects the function __kmem_cache_shutdown. Performing manipulation results in stack-based buffer overflow. This vulnerability was named CVE-2022-49220. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability classified as problematic has been found in F5 BIG-IP up to 17.1.1 on SNMP. Affected is an unknown function. The manipulation leads to memory leak. This vulnerability is referenced as CVE-2025-21091. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in F5 BIG-IP up to 17.1.0. The impacted element is an unknown function of the component Traffic Management Microkernel. Such manipulation leads to denial of service. This vulnerability is traded as CVE-2024-33608. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in F5 BIG-IP Next CNF and BIG-IP AFM. This affects an unknown function of the component Traffic Management Microkernel. Performing manipulation results in denial of service. This vulnerability is known as CVE-2024-25560. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in RTI Connext Professional up to 6.1.0. It has been classified as critical. Affected is the function RTI_RoutingService_new/rti::recording::Service/RTI_QueuingService_new/RTI_CDS_Service_new of the component API. The manipulation leads to buffer overflow. This vulnerability is documented as CVE-2024-25724. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in 1902756969 reggie 1.0. It has been classified as critical. The affected element is the function Download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument Name leads to path traversal. This vulnerability is referenced as CVE-2025-0401. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in 1902756969 reggie 1.0. It has been declared as critical. The impacted element is the function Upload of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the argument File results in unrestricted upload. This vulnerability is identified as CVE-2025-0402. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in 1902756969 reggie 1.0. It has been rated as problematic. This affects an unknown function of the file /user/sendMsg of the component Phone Number Validation Handler. This manipulation of the argument code causes information disclosure. This vulnerability is tracked as CVE-2025-0403. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in F5 BIG-IP Next and BIG-IP. It has been classified as problematic. The affected element is an unknown function. The manipulation leads to improper initialization. This vulnerability is referenced as CVE-2024-33604. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in run-llama llama_index up to 0.10.12. It has been classified as critical. Affected by this vulnerability is the function RunGptLLM. The manipulation leads to code injection. This vulnerability is referenced as CVE-2024-4181. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability labeled as critical has been found in F5 BIG-IP. Affected is an unknown function of the component iControl REST/BIG-IP TMOS Shell. Executing manipulation can lead to os command injection. This vulnerability is handled as CVE-2025-20029. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in F5 BIG-IP up to 16.1.4/17.1.1. This affects an unknown function of the component Traffic Management Microkernel. Performing manipulation results in null pointer dereference. This vulnerability was named CVE-2025-20045. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability has been found in F5 BIG-IP and BIG-IQ and classified as problematic. This issue affects some unknown processing of the component Configuration utility. Performing manipulation results in cross site scripting. This vulnerability was named CVE-2024-31156. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability labeled as problematic has been found in F5 BIG-IP and BIG-IP Next. The impacted element is an unknown function of the component SSL Profile Handler. Such manipulation leads to resource consumption. This vulnerability is uniquely identified as CVE-2025-21087. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.