CVE-2025-58687

Cross-Site Request Forgery CSRF vulnerability in WP CMS Ninja Current Age Plugin current-age allows Stored XSS.This issue affects Current Age Plugin: from n/a through = 1.6...

CVE-2025-8892

CVE-2025-8892 relates to Autodesk products, notably AutoCAD, where parsing a specially crafted PRT file can trigger a memory corruption vulnerability. The underlying issue is in the PRT file handling of certain Autodesk components, allowing a malicious actor to execute arbitrary code in the conte...

WordPress Current Age Plugin Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Current Age Plugin versions = 1.6...

CVE-2025-58687

CVE-2025-58687 affects the Current Age Plugin for WordPress (up to 1.6). Public docs (Wordfence/ Patchstack lineage) confirm a CSRF flaw that leads to a stored XSS condition. Affected plugin versions prior to 1.6 are vulnerable; remediation is to upgrade to 1.6 (patched). CVSS v3.1 base score 7.1...

CVE-2025-58687 WordPress Current Age Plugin Plugin <= 1.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in WP CMS Ninja Current Age Plugin current-age allows Stored XSS.This issue affects Current Age Plugin: from n/a through = 1.6...

Command Injection

Overview git-commiters is a Statistical summary of various infomation about git commiter. Affected versions of this package are vulnerable to Command Injection via the gitCommiters API which allows specifying options such as cwd for current working directory and revisionRange as a revision pointe...

PT-2025-38975

Name of the Vulnerable Software and Affected Versions WP CMS Ninja Current Age Plugin versions through 1.6 Description A Cross-Site Request Forgery CSRF issue exists in WP CMS Ninja Current Age Plugin, which also allows Stored Cross-Site Scripting XSS. Recommendations Update WP CMS Ninja Current...

WordPress plugin Current Age Plugin 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-39068

Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially crafted PRT file, when processed by certain Autodesk products, can lead to a memory corruption issue. A malicious actor could potentially exploit this to execute arbitra...

Ashlar-Vellum Graphite Stack Buffer Overflow Vulnerability

Ashlar-Vellum Graphite is a CAD modeling software from Ashlar-Vellum. Ashlar-Vellum Graphite suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

CVE-2025-47906 Unexpected paths returned from LookPath in os/exec

If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

CVE-2022-50382

CVE-2022-50382 refers to a Linux kernel fix for a deadlock involving padata parallelization when BHs are enabled during the serial path. The issue occurs in padata_do_serial where a spin_lock on reorder-&gt;lock could be taken with BHs still on, enabling a deadlock on overload. The fix ensures BH...

CVE-2022-50382 padata: Always leave BHs disabled when running ->parallel()

In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...

CVE-2022-50382 padata: Always leave BHs disabled when running ->parallel()

In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...

Slackware: Security Advisory (SSA:2025-260-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2025-260-02)

The version of mozilla-firefox installed on the remote host is prior to 140.3.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-260-02 advisory. New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.3.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: ipatches/packages/mozilla-firefox-140.3.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

[slackware-security] expat

New expat packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.7.2-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Disallow use of disproportional amounts of dynamic memor...

Ashlar-Vellum Graphite 安全漏洞

Ashlar-Vellum Graphite is a CAD modeling software from Ashlar-Vellum. Ashlar-Vellum Graphite suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...