Security Advisories
A list of vulnerabilities (CVE / GHSA) publicly disclosed by Tencent Zhuque Lab. View as JSONopen_in_new
bug_report
Vulnerabilities
67
deployed_code
Products
21
leaderboard
Severity Breakdown
-
open_in_newMedium CVE-2025-40254
net: openvswitch: remove never-working support for setting nsh fields
deployed_code Affected: Linux / openvswitch >= 4.15, < 5.4.302; >= 4.15, < 5.10.247; >= 4.15, < 5.15.197; >= 4.15, < 6.1.159; >= 4.15, < 6.6.118; >= 4.15, < 6.12.60; >= 4.15, < 6.17.10; >= 4.15, < 6.18 calendar_today Published: December 04, 2025 -
open_in_newMedium CVE-2025-39983
Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue
deployed_code Affected: Linux / bluetooth >= 6.15, < 6.16.10; >= 6.15, < 6.17 calendar_today Published: October 15, 2025 -
open_in_newMedium CVE-2025-38524
rxrpc: Fix recv-recv race of completed call
deployed_code Affected: Linux / rxrpc >= 4.9, < 6.6.100; >= 4.9, < 6.12.40; >= 4.9, < 6.15.8; >= 4.9, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-38525
rxrpc: Fix irq-disabled in local_bh_enable()
deployed_code Affected: Linux / rxrpc >= 6.14, < 6.15.8; >= 6.14, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-38544
rxrpc: Fix bug due to prealloc collision
deployed_code Affected: Linux / rxrpc >= 4.9, < 6.6.99; >= 4.9, < 6.12.39; >= 4.9, < 6.15.7; >= 4.9, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-38514
rxrpc: Fix oops due to non-existence of prealloc backlog struct
deployed_code Affected: Linux / rxrpc >= 4.9, < 5.4.296; >= 4.9, < 5.10.240; >= 4.9, < 5.15.189; >= 4.9, < 6.1.146; >= 4.9, < 6.6.99; >= 4.9, < 6.12.39; >= 4.9, < 6.15.7; >= 4.9, < 6.16 calendar_today Published: August 16, 2025 -
open_in_newMedium CVE-2025-48887 CWE-1333
vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
deployed_code Affected: vllm >= 0.6.4, < 0.9.0 calendar_today Published: May 28, 2025 -
open_in_newMedium GHSA-j828-28rj-hfhp CWE-1333
vLLM vulnerable to Regular Expression Denial of Service
deployed_code Affected: vllm >= 0.6.3, < 0.9.0 calendar_today Published: May 28, 2025 -
open_in_newMedium CVE-2025-46722 CWE-1023/CWE-1288
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
deployed_code Affected: vllm >= 0.7.0, < 0.9.0 calendar_today Published: May 28, 2025 -
open_in_newMedium CVE-2025-46560 CWE-1333
phi4mm: Quadratic Time Complexity in Input Token Processing leads to denial of service
deployed_code Affected: vllm >= 0.8.0, < 0.8.5 calendar_today Published: April 29, 2025
Per page
