Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly referenced currentstate, which could cause the kernel to crash...

Linux Distros Unpatched Vulnerability : CVE-2025-68196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Cache streams targeting link when performing LT automation WHY Last LT automation update can cause crash by referencing currentstate and callin...

CVE-2025-9457

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-9452

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

PT-2025-51329

Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed MODEL file can cause a memory corruption issue when processed by certain Autodesk products. A malicious actor could potentially use this issue to run code witho...

PT-2025-51343

Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed SLDPRT file can cause a memory corruption issue when processed by certain Autodesk products. A malicious actor could potentially use this to run arbitrary code...

CVE-2025-13320

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

WordPress WP User Manager plugin <= 2.9.12 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' Parameter vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via 'currentuseravatar' Parameter vulnerability discovered by YCInfosec in WordPress Plugin WP User Manager versions = 2.9.12...

CVE-2025-13320

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

EUVD-2025-202983

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

CVE-2025-13320

CVE-2025-13320 : WP User Manager for WordPress is vulnerable to Authenticated Arbitrary File Deletion via the current_user_avatar parameter in profile updates. The issue arises from insufficient validation of user-supplied file paths and improper handling of array inputs in PHP, enabling attacker...

PT-2025-50815

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filter...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.6.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...

(0Day) PDFsam Enhanced XLS File Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDFsam Enhanced. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

PT-2025-50566

Name of the Vulnerable Software and Affected Versions Ibexa versions 5.0.0-beta1 through 5.0.3 Description Ibexa is a composable end-to-end DXP Digital Experience Platform. Versions 5.0.0-beta1 through 5.0.3 lack proper password validation during password changes. An error introduced during the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991164 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: fix oops in concurrently setting insnemulation sysctls emulationprochandler changes...

(0Day) PDFsam Enhanced DOC File Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDFsam Enhanced. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

CVE-2025-64785

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate...

CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...

SUSE CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmisetting, the result has to be freed using kfree. In currentvalueshow however, malformed item strings are not freed,...