Vuldb Updates

A vulnerability was found in ZenTao Biz up to 4.1.3. It has been rated as problematic. This affects an unknown function. This manipulation causes cross-site request forgery. This vulnerability is handled as CVE-2023-46375. The attack can be initiated remotely. There is not any exploit available.

A vulnerability, which was classified as problematic, was found in Num-Nine MiniCMS 1.1.1. Affected by this vulnerability is an unknown functionality of the file /mc-admin/conf.php of the component String Handler. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2023-46378. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in TP-Link TL-WDR7660 2.0.30. This vulnerability affects the function deviceInfoJsonToBincauses. Executing a manipulation can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2023-46373. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.14.1 and classified as critical. The affected element is the function watch_queue_set_size. The manipulation results in buffer overflow. This vulnerability is known as CVE-2025-23138. Access to the local network is required for this attack. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.13.10/6.14.1. The impacted element is the function kvm_exit of the file kernel/irq/manage.c. This manipulation causes state issue. This vulnerability is registered as CVE-2025-23135. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.14.1. Affected by this vulnerability is the function amd_pstate_update. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2025-23137. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.1. It has been classified as critical. This impacts the function int3402_thermal_probe. This manipulation causes null pointer dereference. The identification of this vulnerability is CVE-2025-23136. The attack needs to be done within the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. This affects the function copy_from_user/copy_to_user of the component ALSA. Such manipulation leads to deadlock. This vulnerability is documented as CVE-2025-23134. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in Linux Kernel up to 6.14.1. This issue affects the function dquot_writeback_dquots of the file fs/quota/dquot.c. Such manipulation leads to denial of service. This vulnerability is traded as CVE-2025-23132. Access to the local network is required for this attack to succeed. There is no exploit available. Upgrading the affected component is advised.

A vulnerability labeled as problematic has been found in Linux Kernel up to 6.14.1. Affected by this issue is the function ath11k_reg_update_chan_list of the component wifi. The manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2025-23133. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.14.1. It has been classified as problematic. The impacted element is the function ath11k_pcic_free_irq of the file kernel/irq/manage.c. This manipulation causes allocation of resources. This vulnerability is handled as CVE-2025-23129. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Linux Kernel up to 6.14.1. This vulnerability affects the function get_new_segment of the file fs/f2fs/segment.c. This manipulation causes denial of service. This vulnerability appears as CVE-2025-23130. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.1. It has been declared as critical. This affects the function event_done. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-23131. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.1 and classified as critical. This affects the function prepare_compress_overwrite of the component f2fs. Such manipulation leads to state issue. This vulnerability is referenced as CVE-2025-22127. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.14.1. This affects the function ath12k_pci_free_irq of the file kernel/irq/manage.c. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2025-22128. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 6.12.57/6.17.7 and classified as critical. This affects the function avs_dai_fe_shutdown of the component ASoC. This manipulation causes use after free. This vulnerability is tracked as CVE-2025-40344. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability described as critical has been identified in Linux Kernel up to 6.12.57/6.17.7. This affects the function ttm_bo_vm_dummy_page. Such manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2025-40340. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability described as critical has been identified in Linux Kernel up to 6.17.7. This vulnerability affects unknown code. The manipulation results in privilege escalation. This vulnerability is known as CVE-2025-40335. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Linux Kernel up to 6.17.7. This issue affects the function hmm_pfn_to_map_order. This manipulation causes privilege escalation. This vulnerability is handled as CVE-2025-40336. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.17.7. This affects an unknown part. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2025-40334. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.