Vuldb Updates

A vulnerability labeled as problematic has been found in Xen. This affects an unknown function of the component netback. Executing manipulation can lead to denial of service. This vulnerability is handled as CVE-2023-34319. The attack can be executed remotely. There is not any exploit available. It is advisable to implement a patch to correct this issue.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.74/5.19.16/6.0.2. Affected is the function rtw_init_drv_sw of the file drivers/staging/r8188eu/os_dep/os_intfs.c. This manipulation causes unchecked return value. This vulnerability is registered as CVE-2022-50469. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.41/6.4.6. Affected by this vulnerability is the function release_mem_region of the component fbdev. Such manipulation leads to privilege escalation. This vulnerability is documented as CVE-2023-53448. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 5.10.162/5.15.85/6.0.15/6.1.1. It has been declared as critical. Impacted is the function cros_usbpd_notify_init. Executing manipulation can lead to unchecked return value. The identification of this vulnerability is CVE-2022-50468. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in code-projects Blog Site 1.0. Impacted is the function category_exists of the file /resources/functions/blog.php of the component Category Handler. Such manipulation of the argument name/field leads to sql injection. This vulnerability is listed as CVE-2025-13575. The attack may be performed from remote. In addition, an exploit is available. Multiple endpoints are affected.

A vulnerability classified as critical has been found in code-projects Blog Site 1.0. The affected element is an unknown function of the file /admin.php. Performing manipulation results in improper authorization. This vulnerability is cataloged as CVE-2025-13576. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Multiple endpoints are affected.

A vulnerability was found in Linux Kernel up to 5.19.16/6.0.2. It has been classified as critical. This issue affects the function lpfc_cmpl_ct_cmd_gft_id. Performing manipulation results in null pointer dereference. This vulnerability was named CVE-2022-50467. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 5.10.152/5.15.76/6.0.6 and classified as critical. This issue affects the function load_elf_binary of the component binfmt_elf. This manipulation causes memory leak. The identification of this vulnerability is CVE-2022-50466. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.0.15/6.1.1 and classified as critical. This vulnerability affects the function mt7915_pci_init_hif2. Such manipulation leads to unchecked return value. This vulnerability is uniquely identified as CVE-2022-50464. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.162/5.15.86/6.0.17/6.1.3. This vulnerability affects unknown code of the component ext4. The manipulation results in uninitialized pointer. This vulnerability was named CVE-2022-50465. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.1. Affected by this vulnerability is the function mpc52xx_lpbfifo_probe. Performing manipulation results in memory leak. This vulnerability is known as CVE-2022-50463. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.1. It has been declared as critical. The impacted element is the function put_device of the component MIPS. Executing manipulation can lead to memory leak. This vulnerability is tracked as CVE-2022-50462. The attack is only possible within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.0.15/6.1.1 and classified as critical. This affects the function am65_cpsw_nuss_ndo_slave_open of the component net. This manipulation causes privilege escalation. This vulnerability is handled as CVE-2022-50461. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.16.8. This impacts the function cgroup_lock_and_drain_offline of the component cgroup. Executing manipulation can lead to allocation of resources. This vulnerability appears as CVE-2025-39953. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.107/6.12.48/6.16.8. Affected is the function wilc_wlan_parse_response_frame of the file drivers/net/wireless/microchip/wilc1000/wlan_cfg.c of the component wifi. Executing manipulation of the argument len can lead to buffer overflow. This vulnerability is registered as CVE-2025-39952. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.16.8. The impacted element is the function register_virtio_device of the component um. This manipulation causes use after free. This vulnerability is tracked as CVE-2025-39951. The attack is only possible within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.16.8. The affected element is the function p_hwfn of the component Qede Ethernet Driver. The manipulation results in unchecked return value. This vulnerability is identified as CVE-2025-39949. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.48/6.16.8. This affects the function ice_put_rx_mbuf. Such manipulation leads to buffer overflow. This vulnerability is listed as CVE-2025-39948. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.107/6.12.48/6.16.8. Impacted is the function mlx5_uplink_netdev_get. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2025-39947. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.153/6.6.107/6.12.48/6.16.8. This issue affects the function tls_rx_msg_size of the component tls. Executing manipulation can lead to allocation of resources. The identification of this vulnerability is CVE-2025-39946. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.