Latest warnings
| CVE-2025-8114 |
: null pointer dereference in libssh kex session id calculation
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-24294 |
<vuln:Note Title="FAQ" Type="FAQ" Ordinal="10"><p><strong>Is Azure Linux the only Microsoft product that inc
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-40777 |
A possible assertion failure when 'stale-answer-client-timeout' is set to '0'
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38113 |
ACPI: CPPC: Fix NULL pointer dereference when nosmp is used
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38345 |
ACPICA: fix acpi operand cache leak in dswstate.c
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38344 |
ACPICA: fix acpi parse and parseext cache leaks
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38386 |
ACPICA: Refuse to evaluate a method if arguments are missing
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38236 |
af_unix: Don't leave consecutive consumed OOB skbs.
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38249 |
ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38105 |
ALSA: usb-audio: Kill timer properly at removal
|
MSRC | 2026‑02‑24 | High |
| CVE-2024-36350 |
AMD: CVE-2024-36350 Transient Scheduler Attack in Store Queue
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2024-36357 |
AMD: CVE-2024-36357 Transient Scheduler Attack in L1 Data Queue
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38326 |
aoe: clean device rq_list in aoedev_downdev()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-48924 |
Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-54090 |
Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2024-42516 |
Apache HTTP Server: HTTP response splitting
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-53020 |
Apache HTTP Server: HTTP/2 DoS by Memory Increase
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-49630 |
Apache HTTP Server: mod_proxy_http2 denial of service
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-23048 |
Apache HTTP Server: mod_ssl access control bypass with session resumption
|
MSRC | 2026‑02‑24 | Critical |
| CVE-2024-47252 |
Apache HTTP Server: mod_ssl error log variable escaping
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-49812 |
Apache HTTP Server: mod_ssl TLS upgrade attack
|
MSRC | 2026‑02‑24 | High |
| CVE-2024-43204 |
Apache HTTP Server: SSRF with mod_headers setting Content-Type header
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38170 |
arm64/fpsimd: Discard stale CPU state when handling SME traps
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38320 |
arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38259 |
ASoC: codecs: wcd9335: Fix missing free of regulator supplies
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38307 |
ASoC: Intel: avs: Verify content returned by parse_int_array()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38438 |
ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38336 |
ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38185 |
atm: atmtcp: Free invalid length skb in atmtcp_c_send().
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38459 |
atm: clip: Fix infinite recursive call of clip_push().
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38458 |
atm: clip: Fix NULL pointer dereference in vcc_sendmsg()
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38460 |
atm: clip: Fix potential null-ptr-deref in to_atmarpd().
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38251 |
atm: clip: prevent NULL deref in clip_push()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38245 |
atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38190 |
atm: Revert atm_account_tx() if copy_from_iter_full() fails.
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-47158 |
Azure DevOps Server Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | Critical |
| CVE-2025-49747 |
Azure Machine Learning Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | Critical |
| CVE-2025-49746 |
Azure Machine Learning Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | Critical |
| CVE-2025-47995 |
Azure Machine Learning Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-47988 |
Azure Monitor Agent Remote Code Execution Vulnerability
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-21195 |
Azure Service Fabric Runtime Elevation of Privilege Vulnerability
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38143 |
backlight: pm8941: Add NULL check in wled_configure()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38263 |
bcache: fix NULL pointer in cache_set_flush()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38099 |
Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38303 |
Bluetooth: eir: Fix possible crashes on eir_create_adv_data
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38304 |
Bluetooth: Fix NULL pointer deference on eir_get_service_data
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38473 |
Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38250 |
Bluetooth: hci_core: Fix use-after-free in vhci_flush()
|
MSRC | 2026‑02‑24 | Medium |
| CVE-2025-38118 |
Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete
|
MSRC | 2026‑02‑24 | High |
| CVE-2025-38117 |
Bluetooth: MGMT: Protect mgmt_pending list with its own lock
|
MSRC | 2026‑02‑24 | Medium |
Page 1