UBUNTU-CVE-2023-53215

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in settaskcpu like below: ------------ cut here ------------...

CVE-2023-53215

CVE-2023-53215 affects the Linux kernel sched/fair component. The issue occurs when the load balancer tries to migrate a task that is migration-disabled to its current CPU, triggering a warning in set_task_cpu() during balance. The root cause is how the new_dst_cpu is selected from env->dst_gr...

CVE-2023-53215 sched/fair: Don't balance task to its current running CPU

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in settaskcpu like below: ------------ cut here ------------...

CVE-2023-53215 sched/fair: Don't balance task to its current running CPU

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in settaskcpu like below: ------------ cut here ------------...

Slackware: Security Advisory (SSA:2025-255-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered

...

CVE-2025-8570 BeyondCart Connector <= 2.1.0 - Missing Configuration of JWT Secret to Unauthenticated Privilege Escalation via determine_current_user Filter

The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determinecurrentuser filter in versions 1.4.2 through 2.1.0. This makes it possible for unauthenticated attackers to craft valid tokens and assume...

CVE-2025-8570

The BeyondCart Connector plugin for WordPress (versions 1.4.2 through 2.1.0) is affected by Privilege Escalation due to improper JWT secret management and authorization in the determine_current_user filter. This allows unauthenticated attackers to craft valid JWTs and impersonate any user (includ...

Malicious Package

Overview @oneaudi/current-carline-service is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

CVE-2025-10245

A security flaw has been discovered in Display Painéis TGA up to 7.1.41. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument currentfolder results in path traversal. The exploit has been released to the...

CVE-2025-10245

CVE-2025-10245 affects Display Painéis TGA up to version 7.1.41. The flaw is in the Galeria Page’s /gallery/rename where manipulating the current_folder argument causes a path traversal. An exploit has been publicly released; vendor did not respond. Mitigation: upgrade to a version beyond 7.1.41,...

CVE-2025-10245 Display Painéis TGA Galeria rename path traversal

A security flaw has been discovered in Display Painéis TGA up to 7.1.41. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument currentfolder results in path traversal. The exploit has been released to the...

PT-2025-37134

Name of the Vulnerable Software and Affected Versions: BeyondCart Connector plugin for WordPress versions 1.4.2 through 2.1.0 Description: The BeyondCart Connector plugin for WordPress is susceptible to privilege escalation due to improper JWT JSON Web Token secret management and authorization...

Adobe Substance3D Viewer Heap Buffer Overflow Vulnerability

Adobe Substance3D Viewer is a stand-alone desktop application for viewing and editing 3D files from Audobee Adobe USA. Adobe Substance3D Viewer suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

Display Painéis TGA 路径遍历漏洞

Display Painéis TGA is a queuing system from the Brazilian company Display Painéis. A path traversal vulnerability exists in Display Painéis TGA 7.1.41 and earlier versions, which stems from incorrect manipulation of the parameter currentfolder in the file /gallery/rename, which can lead to path...

Adobe Premiere Pro Memory Misreference Vulnerability

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Premiere Pro, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...

[slackware-security] libssh

New libssh packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libssh-0.11.3-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Fix NULL pointer dereference after allocation failure...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2025-2060)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current libssh Multiple Vulnerabilities (SSA:2025-252-01)

The version of libssh installed on the remote host is prior to 0.11.3. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-252-01 advisory. New libssh packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the precedin...

CVE-2025-54257

Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...