Vuldb Updates

A vulnerability classified as problematic has been found in Linux Kernel up to 6.15.2. Affected by this issue is the function ath9k_htc_swba. Performing manipulation results in out-of-bounds read. This vulnerability was named CVE-2025-38157. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.1.141/6.6.93/6.12.33/6.15.2. This affects the function hisi_acc_vfio_pci. Executing manipulation can lead to information disclosure. The identification of this vulnerability is CVE-2025-38158. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.6.93/6.12.33/6.15.2. This impacts the function mt7915_mmio_wed_init of the component wifi. The manipulation results in null pointer dereference. This vulnerability is known as CVE-2025-38155. Access to the local network is required for this attack. No exploit is available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.1.30/6.3.4. It has been declared as critical. This issue affects the function smc_listen_work of the component net. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2023-53382. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.0.2. The impacted element is the function btrfs_quota_enable. The manipulation leads to use after free. This vulnerability is referenced as CVE-2022-50379. The attack needs to be initiated within the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.75 and classified as critical. Affected is the function smaps_rollup of the file /proc/pid/smaps_rollup of the component mm. Such manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2022-50380. The attack must be carried out from within the local network. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.1.44/6.4.9. The impacted element is the function obj_stock_flush_required of the component mm. Performing manipulation results in null pointer dereference. This vulnerability is reported as CVE-2023-53401. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.54/6.5.4. It has been classified as critical. The affected element is the function of_find_device_by_node of the component media. This manipulation causes memory leak. This vulnerability is tracked as CVE-2023-53385. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.1.38/6.3.12/6.4.3. It has been classified as critical. Affected by this issue is the function smb2_compound_op of the component cifs. The manipulation leads to use after free. This vulnerability is referenced as CVE-2023-53377. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability categorized as problematic has been discovered in Adobe Acrobat Reader up to 20.005.30418/22.003.20281/22.003.20282. Affected is an unknown function. Such manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2023-21613. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Adobe Acrobat Reader up to 20.005.30418/22.003.20281/22.003.20282. Affected by this vulnerability is an unknown functionality. Performing manipulation results in out-of-bounds read. This vulnerability is known as CVE-2023-21614. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.194/5.15.131/6.1.52/6.4.15/6.5.2. It has been declared as critical. The impacted element is the function hci_remove_ltk/hci_remove_irk of the component Bluetooth. Such manipulation leads to use after free. This vulnerability is listed as CVE-2023-53386. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.4.219/5.10.149/5.15.74/5.19.16/6.0.2. The affected element is the function fsl_lpuart of the component tty. Executing manipulation can lead to denial of service. The identification of this vulnerability is CVE-2022-50375. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in Adobe Acrobat Reader up to 20.005.30418/22.003.20281/22.003.20282. The affected element is an unknown function. Performing manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2023-21609. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Adobe Acrobat Reader up to 20.005.30418/22.003.20281/22.003.20282. The impacted element is an unknown function. Executing manipulation can lead to stack-based buffer overflow. This vulnerability is tracked as CVE-2023-21610. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability has been found in Adobe Acrobat Reader up to 20.005.30418/22.003.20281/22.003.20282 and classified as critical. This affects an unknown function. The manipulation leads to creation of temporary file in directory with insecure permissions. This vulnerability is listed as CVE-2023-21611. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Adobe Acrobat Reader up to 20.005.30418/22.003.20281/22.003.20282. It has been classified as critical. Affected is an unknown function. This manipulation causes creation of temporary file in directory with insecure permissions. This vulnerability is registered as CVE-2023-21612. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in Linux Kernel up to 5.15.99/6.1.17/6.2.4. The impacted element is the function debugfs_lookup. The manipulation leads to memory leak. This vulnerability is documented as CVE-2023-53390. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in GrandNode up to 2.3.0. The impacted element is an unknown function of the file /checkout/ConfirmOrder/ of the component Voucher Handler. The manipulation of the argument giftvouchercouponcode results in race condition. This vulnerability is cataloged as CVE-2025-10216. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Linux Kernel up to 6.3.3. It has been classified as critical. This issue affects the function get_line_out_pfx of the component ALSA. This manipulation causes privilege escalation. The identification of this vulnerability is CVE-2023-53400. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.