ROOT-OS-UBUNTU-2404-CVE-2025-38392 CVE-2025-38392 in rootio-linux - Patched by Root

Root has patched CVE-2025-38392 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

MiracleLinux 9 : kernel-5.14.0-570.41.1.el9_6 (AXSA:2025-10857:68)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10857:68 advisory. kernel: udmabuf: fix a buf size overflow issue during udmabuf creation CVE-2025-37803 kernel: idpf: convert control queue mutex to a spinlock...

MiracleLinux 8 : kernel-4.18.0-553.75.1.el8_10 (AXSA:2025-10889:70)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10889:70 advisory. kernel: net: usb: smsc75xx: Limit packet length to skb-len CVE-2023-53125 kernel: net/sched: Always pass notifications when child class becomes emp...

Oracle Linux 10 : kernel (ELSA-2025-15782)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15782 advisory. - xfrm: interface: fix use-after-free after changing collectmd xfrm interface - CVE-2025-38500 - idpf: convert control queue mutex to a spinlock -...

AlmaLinux 8 : kernel-rt (ALSA-2025:15786)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:15786 advisory. kernel: net/sched: Always pass notifications when child class becomes empty CVE-2025-38350 kernel: idpf: convert control queue mutex to a spinlock...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ALSA-2025:15786 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: net/sched: Always pass notifications when child class becomes empty CVE-2025-38350 kernel: idpf: convert control queue mutex to a...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

MAL-2025-38392 Malicious code in vine-lightning-jbr406-project (npm)

The package vine-lightning-jbr406-project was found to contain malicious code...

SUSE CVE-2025-38392

In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...

CVE-2025-38392

In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...

CVE-2025-38392

In the Linux kernel, the following vulnerability has been resolved: idpf: convert control queue mutex to a spinlock With VIRTCHNL2CAPMACFILTER enabled, the following warning is generated on module load: 324.701677 BUG: sleeping function called from invalid context at kernel/locking/mutex.c:578...

CVE-2025-38392

CVE-2025-38392 (Linux kernel) describes a concurrency issue in the idpf driver where a control queue mutex (cq_lock) is held across operations that may sleep, triggering warnings during module load when VIRTCHNL2_CAP_MACFILTER is ON. The fix converts cq_lock from a mutex to a spinlock to avoid sl...

CVE-2024-38392

Pexip Infinity Connect before 1.13.0 has an integrity/authenticity flaw: during resource loading it does not perform sufficient authenticity checks, allowing a remote attacker to cause the application to execute untrusted code. The CVE-2024-38392 entry notes a high-severity, network-exploitable i...

CVE-2023-38392

creationtimestamp| type| source ---|---|--- 2023-08-07 16:18:16+00:00| seen| https://t.me/cibsecurity/67868...

CVE-2023-38392

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Hiroaki Miyashita Custom Field Template plugin = 2.5.9 versions...

CVE-2023-38392

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Hiroaki Miyashita Custom Field Template plugin = 2.5.9 versions...

CVE-2023-38392 WordPress Custom Field Template Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Hiroaki Miyashita Custom Field Template plugin = 2.5.9 versions...

CVE-2023-38392

CVE-2023-38392 : Unauthenticated Reflected Cross-Site Scripting in WordPress plugin Custom Field Template by Hiroaki Miyashita, affected versions ≤ 2.5.9. Root cause: reflected XSS vulnerability. Impact: potential client-side script execution for unauthenticated attackers. Mitigation: update to v...

WordPress Custom Field Template Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS)

Software Custom Field Template Type Plugin Vulnerable versions = 2.5.9 Fixed in 2.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-38392 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 03d055f030cb Credits Phd Require...