| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability. |
| Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this vulnerability will affect availability. |
| Vulnerability of improper access control in the album module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| File replacement vulnerability on some devices
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Permission control vulnerability in the clipboard module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the ability module
Impact: Successful exploitation of this vulnerability may cause features to function abnormally. |
| Vulnerability of processes not being fully terminated in the VPN module
Impact: Successful exploitation of this vulnerability will affect power consumption. |
| Page table protection configuration vulnerability in the trusted firmware module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Access control vulnerability in the SystemUI module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of PIN enhancement failures in the screen lock module
Impact: Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability. |
| Access permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Permission control vulnerability in the App Multiplier module
Impact:Successful exploitation of this vulnerability may affect functionality and confidentiality. |
| Access control vulnerability in the security verification module
mpact: Successful exploitation of this vulnerability will affect integrity and confidentiality. |
| Access permission verification vulnerability in the Contacts module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized super type with unbounded generics. This can be an issue when using @PreAuthorize and other method security annotations, resulting in an authorization bypass.
Your application may be affected by this if you are using Spring Security's @EnableMethodSecurity feature.
You are not affected by this if you are not using @EnableMethodSecurity or if you do not use security annotations on methods in generic superclasses or generic interfaces.
This CVE is published in conjunction with CVE-2025-41249 https://spring.io/security/cve-2025-41249 . |
| Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows remote unauthenticated users (guests) to upload files via the form attachment field without proper validation, enabling extension obfuscation and bypassing MIME type checks. |
| In the Linux kernel, the following vulnerability has been resolved:
thermal/debugfs: Fix two locking issues with thermal zone debug
With the current thermal zone locking arrangement in the debugfs code,
user space can open the "mitigations" file for a thermal zone before
the zone's debugfs pointer is set which will result in a NULL pointer
dereference in tze_seq_start().
Moreover, thermal_debug_tz_remove() is not called under the thermal
zone lock, so it can run in parallel with the other functions accessing
the thermal zone's struct thermal_debugfs object. Then, it may clear
tz->debugfs after one of those functions has checked it and the
struct thermal_debugfs object may be freed prematurely.
To address the first problem, pass a pointer to the thermal zone's
struct thermal_debugfs object to debugfs_create_file() in
thermal_debug_tz_add() and make tze_seq_start(), tze_seq_next(),
tze_seq_stop(), and tze_seq_show() retrieve it from s->private
instead of a pointer to the thermal zone object. This will ensure
that tz_debugfs will be valid across the "mitigations" file accesses
until thermal_debugfs_remove_id() called by thermal_debug_tz_remove()
removes that file.
To address the second problem, use tz->lock in thermal_debug_tz_remove()
around the tz->debugfs value check (in case the same thermal zone is
removed at the same time in two different threads) and its reset to NULL.
Cc :6.8+ <stable@vger.kernel.org> # 6.8+ |
| In the Linux kernel, the following vulnerability has been resolved:
qibfs: fix dentry leak
simple_recursive_removal() drops the pinning references to all positives
in subtree. For the cases when its argument has been kept alive by
the pinning alone that's exactly the right thing to do, but here
the argument comes from dcache lookup, that needs to be balanced by
explicit dput().
Fucked-up-by: Al Viro <viro@zeniv.linux.org.uk> |
| In the Linux kernel, the following vulnerability has been resolved:
net/smc: fix neighbour and rtable leak in smc_ib_find_route()
In smc_ib_find_route(), the neighbour found by neigh_lookup() and rtable
resolved by ip_route_output_flow() are not released or put before return.
It may cause the refcount leak, so fix it. |
