Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Vulnerabilities

With the aim of informing, warning and helping professionals with the latest security vulnerabilities in technology systems, we have made a database available for users interested in this information, which is in Spanish and includes all of the latest documented and recognised vulnerabilities.

This repository, with over 75,000 registers, is based on the information from the NVD (National Vulnerability Database) – by virtue of a partnership agreement – through which INCIBE translates the included information into Spanish.

On occasions this list will show vulnerabilities that have still not been translated, as they are added while the INCIBE team is still carrying out the translation process. The CVE  (Common Vulnerabilities and Exposures) Standard for Information Security Vulnerability Names is used with the aim to support the exchange of information between different tools and databases.

All vulnerabilities collected are linked to different information sources, as well as available patches or solutions provided by manufacturers and developers. It is possible to carry out advanced searches, as there is the option to select different criteria to narrow down the results, some examples being vulnerability types, manufacturers and impact levels, among others.

Through RSS feeds or Newsletters we can be informed daily about the latest vulnerabilities added to the repository. Below there is a list, updated daily, where you can discover the latest vulnerabilities.

CVE-2022-50115
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes<br /> <br /> We have sanity checks for byte controls and if any of the fail the locally<br /> allocated scontrol-&gt;ipc_control_data is freed up, but not set to NULL.<br /> <br /> On a rollback path of the error the higher level code will also try to free<br /> the scontrol-&gt;ipc_control_data which will eventually going to lead to<br /> memory corruption as double freeing memory is not a good thing.
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2022-50114
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: 9p: fix refcount leak in p9_read_work() error handling<br /> <br /> p9_req_put need to be called when m-&gt;rreq-&gt;rc.sdata is NULL to avoid<br /> temporary refcount leak.<br /> <br /> [Dominique: commit wording adjustments, p9_req_put argument fixes for rebase]
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2022-50107
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cifs: Fix memory leak when using fscache<br /> <br /> If we hit the &amp;#39;index == next_cached&amp;#39; case, we leak a refcount on the<br /> struct page. Fix this by using readahead_folio() which takes care of<br /> the refcount for you.
Severity CVSS v4.0: Pending analysis
Last modification:
17/11/2025

CVE-2022-50110
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> watchdog: sp5100_tco: Fix a memory leak of EFCH MMIO resource<br /> <br /> Unlike release_mem_region(), a call to release_resource() does not<br /> free the resource, so it has to be freed explicitly to avoid a memory<br /> leak.
Severity CVSS v4.0: Pending analysis
Last modification:
17/11/2025

CVE-2022-50111
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ASoC: mt6359: Fix refcount leak bug<br /> <br /> In mt6359_parse_dt() and mt6359_accdet_parse_dt(), we should call<br /> of_node_put() for the reference returned by of_get_child_by_name()<br /> which has increased the refcount.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025

CVE-2022-50109
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> video: fbdev: amba-clcd: Fix refcount leak bugs<br /> <br /> In clcdfb_of_init_display(), we should call of_node_put() for the<br /> references returned by of_graph_get_next_endpoint() and<br /> of_graph_get_remote_port_parent() which have increased the refcount.<br /> <br /> Besides, we should call of_node_put() both in fail path or when<br /> the references are not used anymore.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025

CVE-2022-50108
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mfd: max77620: Fix refcount leak in max77620_initialise_fps<br /> <br /> of_get_child_by_name() returns a node pointer with refcount<br /> incremented, we should use of_node_put() on it when not need anymore.<br /> Add missing of_node_put() to avoid refcount leak.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025

CVE-2022-50106
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address<br /> <br /> of_get_next_parent() returns a node pointer with refcount incremented,<br /> we should use of_node_put() on it when not need anymore.<br /> Add missing of_node_put() in the error path to avoid refcount leak.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025

CVE-2022-50113
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ASoc: audio-graph-card2: Fix refcount leak bug in __graph_get_type()<br /> <br /> We should call of_node_put() for the reference before its replacement<br /> as it returned by of_get_parent() which has increased the refcount.<br /> Besides, we should also call of_node_put() before return.
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2022-50112
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> rpmsg: qcom_smd: Fix refcount leak in qcom_smd_parse_edge<br /> <br /> of_parse_phandle() returns a node pointer with refcount<br /> incremented, we should use of_node_put() on it when done.
Severity CVSS v4.0: Pending analysis
Last modification:
18/11/2025

CVE-2022-50105
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader<br /> <br /> of_find_node_by_path() returns remote device nodepointer with<br /> refcount incremented, we should use of_node_put() on it when done.<br /> Add missing of_node_put() to avoid refcount leak.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025

CVE-2022-50104
Publication date:
18/06/2025
In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powerpc/xive: Fix refcount leak in xive_get_max_prio<br /> <br /> of_find_node_by_path() returns a node pointer with<br /> refcount incremented, we should use of_node_put() on it when done.<br /> Add missing of_node_put() to avoid refcount leak.
Severity CVSS v4.0: Pending analysis
Last modification:
19/11/2025
Subscribe to Vulnerabilities