CVE List - 2025 / July
Showing 1301 - 1400 of 3776 CVEs for July 2025 (Page 14 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-38282 | 2025-07-10 | kernfs: Relax constraint in draining guard |
| CVE-2025-38283 | 2025-07-10 | hisi_acc_vfio_pci: bugfix live migration function without VF device driver |
| CVE-2025-38284 | 2025-07-10 | wifi: rtw89: pci: configure manual DAC mode via PCI config API only |
| CVE-2025-38285 | 2025-07-10 | bpf: Fix WARN() in get_bpf_raw_tp_regs |
| CVE-2025-38286 | 2025-07-10 | pinctrl: at91: Fix possible out-of-boundary access |
| CVE-2025-38287 | 2025-07-10 | IB/cm: Drop lockdep assert and WARN when freeing old msg |
| CVE-2025-38288 | 2025-07-10 | scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels |
| CVE-2025-38289 | 2025-07-10 | scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk |
| CVE-2025-38290 | 2025-07-10 | wifi: ath12k: fix node corruption in ar->arvifs list |
| CVE-2025-38291 | 2025-07-10 | wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash |
| CVE-2025-38292 | 2025-07-10 | wifi: ath12k: fix invalid access to memory |
| CVE-2025-38293 | 2025-07-10 | wifi: ath11k: fix node corruption in ar->arvifs list |
| CVE-2025-38294 | 2025-07-10 | wifi: ath12k: fix NULL access in assign channel context handler |
| CVE-2025-38295 | 2025-07-10 | perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() |
| CVE-2025-38296 | 2025-07-10 | ACPI: platform_profile: Avoid initializing on non-ACPI platforms |
| CVE-2025-38297 | 2025-07-10 | PM: EM: Fix potential division-by-zero error in em_compute_costs() |
| CVE-2025-38298 | 2025-07-10 | EDAC/skx_common: Fix general protection fault |
| CVE-2025-38299 | 2025-07-10 | ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() |
| CVE-2025-38300 | 2025-07-10 | crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() |
| CVE-2025-38301 | 2025-07-10 | nvmem: zynqmp_nvmem: unbreak driver after cleanup |
| CVE-2025-38302 | 2025-07-10 | block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work |
| CVE-2025-38303 | 2025-07-10 | Bluetooth: eir: Fix possible crashes on eir_create_adv_data |
| CVE-2025-38304 | 2025-07-10 | Bluetooth: Fix NULL pointer deference on eir_get_service_data |
| CVE-2025-38305 | 2025-07-10 | ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() |
| CVE-2025-38306 | 2025-07-10 | fs/fhandle.c: fix a race in call of has_locked_children() |
| CVE-2025-38307 | 2025-07-10 | ASoC: Intel: avs: Verify content returned by parse_int_array() |
| CVE-2025-38308 | 2025-07-10 | ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw |
| CVE-2025-38309 | 2025-07-10 | drm/xe/vm: move xe_svm_init() earlier |
| CVE-2025-38310 | 2025-07-10 | seg6: Fix validation of nexthop addresses |
| CVE-2025-38311 | 2025-07-10 | iavf: get rid of the crit lock |
| CVE-2025-38312 | 2025-07-10 | fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod() |
| CVE-2025-38313 | 2025-07-10 | bus: fsl-mc: fix double-free on mc_dev |
| CVE-2025-38314 | 2025-07-10 | virtio-pci: Fix result size returned for the admin command completion |
| CVE-2025-38315 | 2025-07-10 | Bluetooth: btintel: Check dsbr size from EFI variable |
| CVE-2025-38316 | 2025-07-10 | wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996_set_monitor() |
| CVE-2025-38317 | 2025-07-10 | wifi: ath12k: Fix buffer overflow in debugfs |
| CVE-2025-38318 | 2025-07-10 | perf: arm-ni: Fix missing platform_set_drvdata() |
| CVE-2025-38319 | 2025-07-10 | drm/amd/pp: Fix potential NULL pointer dereference in atomctrl_initialize_mc_reg_table |
| CVE-2025-32988 | 2025-07-10 | Gnutls: vulnerability in gnutls othername san export |
| CVE-2025-32989 | 2025-07-10 | Gnutls: vulnerability in gnutls sct extension parsing |
| CVE-2025-38320 | 2025-07-10 | arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth() |
| CVE-2025-38321 | 2025-07-10 | smb: Log an error when close_all_cached_dirs fails |
| CVE-2025-38322 | 2025-07-10 | perf/x86/intel: Fix crash in icl_update_topdown_event() |
| CVE-2025-38323 | 2025-07-10 | net: atm: add lec_mutex |
| CVE-2025-38324 | 2025-07-10 | mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu(). |
| CVE-2025-38325 | 2025-07-10 | ksmbd: add free_transport ops in ksmbd connection |
| CVE-2025-38326 | 2025-07-10 | aoe: clean device rq_list in aoedev_downdev() |
| CVE-2025-38327 | 2025-07-10 | fgraph: Do not enable function_graph tracer when setting funcgraph-args |
| CVE-2025-38328 | 2025-07-10 | jffs2: check jffs2_prealloc_raw_node_refs() result in few other places |
| CVE-2025-38329 | 2025-07-10 | firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info) |
| CVE-2025-38330 | 2025-07-10 | firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) |
| CVE-2025-38331 | 2025-07-10 | net: ethernet: cortina: Use TOE/TSO on all TCP |
| CVE-2025-38332 | 2025-07-10 | scsi: lpfc: Use memcpy() for BIOS version |
| CVE-2025-38333 | 2025-07-10 | f2fs: fix to bail out in get_new_segment() |
| CVE-2025-38334 | 2025-07-10 | x86/sgx: Prevent attempts to reclaim poisoned pages |
| CVE-2025-38335 | 2025-07-10 | Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT |
| CVE-2025-38336 | 2025-07-10 | ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 |
| CVE-2025-38337 | 2025-07-10 | jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() |
| CVE-2025-38338 | 2025-07-10 | fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() |
| CVE-2025-38339 | 2025-07-10 | powerpc/bpf: fix JIT code size calculation of bpf trampoline |
| CVE-2025-38340 | 2025-07-10 | firmware: cs_dsp: Fix OOB memory read access in KUnit test |
| CVE-2025-38341 | 2025-07-10 | eth: fbnic: avoid double free when failing to DMA-map FW msg |
| CVE-2025-38342 | 2025-07-10 | software node: Correct a OOB check in software_node_get_reference_args() |
| CVE-2025-38343 | 2025-07-10 | wifi: mt76: mt7996: drop fragments with multicast or broadcast RA |
| CVE-2025-38344 | 2025-07-10 | ACPICA: fix acpi parse and parseext cache leaks |
| CVE-2025-38345 | 2025-07-10 | ACPICA: fix acpi operand cache leak in dswstate.c |
| CVE-2025-38346 | 2025-07-10 | ftrace: Fix UAF when lookup kallsym after ftrace disabled |
| CVE-2025-38347 | 2025-07-10 | f2fs: fix to do sanity check on ino and xnid |
| CVE-2025-38348 | 2025-07-10 | wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() |
| CVE-2025-6948 | 2025-07-10 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab |
| CVE-2025-6168 | 2025-07-10 | Incorrect Authorization in GitLab |
| CVE-2025-4972 | 2025-07-10 | Incorrect Authorization in GitLab |
| CVE-2025-3396 | 2025-07-10 | Incorrect Authorization in GitLab |
| CVE-2025-5022 | 2025-07-10 | Weak Password Requirements vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the units... |
| CVE-2025-5023 | 2025-07-10 | Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic system monitor “EcoGuideTAB” PV-DR004J all versions and PV-DR004JA all versions allows an attacker within the Wi-Fi communication range between the... |
| CVE-2025-32990 | 2025-07-10 | Gnutls: vulnerability in gnutls certtool template parsing |
| CVE-2024-7650 | 2025-07-10 | Remote code execution vulnerability discovered in OpenText™ Directory Services CE 23.4 |
| CVE-2025-5037 | 2025-07-10 | RFA File Parsing Memory Corruption Vulnerability |
| CVE-2025-5040 | 2025-07-10 | RTE File Parsing Heap-Based Overflow Vulnerability |
| CVE-2025-6211 | 2025-07-10 | MD5 Hash Collision in run-llama/llama_index |
| CVE-2025-7407 | 2025-07-10 | Netgear D6400 diag.cgi os command injection |
| CVE-2025-7425 | 2025-07-10 | Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr |
| CVE-2025-7424 | 2025-07-10 | Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes |
| CVE-2024-37524 | 2025-07-10 | IBM Analytics Content Hub information disclosure |
| CVE-2025-36090 | 2025-07-10 | IBM Analytics Content Hub information disclosure |
| CVE-2024-38327 | 2025-07-10 | IBM Analytics Content Hub information disclosure |
| CVE-2024-39752 | 2025-07-10 | IBM Analytics Content Hub file upload |
| CVE-2025-7365 | 2025-07-10 | Keycloak: phishing attack via email verification step in first login flow |
| CVE-2025-7408 | 2025-07-10 | SourceCodester Zoo Management System animal_form_template.php cross site scripting |
| CVE-2025-27613 | 2025-07-10 | Gitk can create and truncate files in the user's home directory |
| CVE-2025-27614 | 2025-07-10 | Gitk allows arbitrary command execution |
| CVE-2025-46334 | 2025-07-10 | Git GUI malicious command injection on Windows |
| CVE-2025-46835 | 2025-07-10 | Git GUI can create and overwrite files for which the user has write permission |
| CVE-2025-53364 | 2025-07-10 | Parse Server exposes the data schema via GraphQL API |
| CVE-2025-6395 | 2025-07-10 | Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() |
| CVE-2025-46788 | 2025-07-10 | Zoom Workplace for Linux - Improper Certificate Validation |
| CVE-2025-46789 | 2025-07-10 | Zoom Clients for Windows - Classic Buffer Overflow |
| CVE-2025-49462 | 2025-07-10 | Zoom Clients - Cross-site Scripting |
| CVE-2025-49463 | 2025-07-10 | Zoom Clients for iOS - Insufficient Control Flow Management |
| CVE-2025-7409 | 2025-07-10 | code-projects Mobile Shop LoginAsAdmin.php sql injection |