CVE-2025-68760

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix potential out-of-bounds read in iommummioshow In iommummiowrite, it validates the user-provided offset with the check: iommu-dbgmmiooffset iommu-mmiophysend - 4. This assumes a 4-byte access. However, the...

CVE-2025-68753

The CVE CVE-2025-68753 relates to the Linux kernel ALSA: firewire-motu DSP event handling. The issue stems from a missing bounds check in a put_user() loop that copies DSP event data; if the user buffer size is not aligned to 4 bytes, data could be written beyond the intended boundary, potentiall...

CVE-2025-62138

Missing Authorization vulnerability in cedcommerce WP Advanced PDF wp-advanced-pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Advanced PDF: from n/a through = 1.1.7...

PT-2026-23763

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description This issue allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with the library is required for exploitation, and attack vectors may vary...

PT-2026-8198

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the AMD Asoc Advanced Linux Sound Architecture component, specifically within the acp3x PDM Pulse Density Modulation DMA Direct Memory Access operations. This iss...

CVE-2025-62138

Missing Authorization vulnerability in cedcommerce WP Advanced PDF wp-advanced-pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Advanced PDF: from n/a through = 1.1.7...

CVE-2025-62138 WordPress WP Advanced PDF plugin <= 1.1.7 - Other vulnerability Type vulnerability

Missing Authorization vulnerability in cedcommerce WP Advanced PDF wp-advanced-pdf allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Advanced PDF: from n/a through = 1.1.7...

CVE-2025-62138

CVE-2025-62138 refers to a Missing Authorization vulnerability in the WordPress plugin WP Advanced PDF (CedCommerce). Affected versions are listed as

CVE-2025-62138 WordPress WP Advanced PDF plugin <= 1.1.7 - Other vulnerability Type vulnerability

Missing Authorization vulnerability in CedCommerce WP Advanced PDF allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Advanced PDF: from n/a through 1.1.7...

WordPress WP Advanced PDF plugin <= 1.1.7 - Other vulnerability Type vulnerability

Other vulnerability Type vulnerability discovered by NumeX in WordPress Plugin WP Advanced PDF versions = 1.1.7...

SUSE CVE-2023-54244

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fix oops when removing custom query handlers When removing custom query handlers, the handler might still be used inside the EC query workqueue, causing a kernel oops if the module holding the callback function was...

SQL injection vulnerability in U8+ Channel Management (Advanced Edition) at UFIDA Network Technology Co. Ltd (CNVD-C-2025-1245200)

U8+ Channel Management Advanced Edition is a set of channel management software, together with U8+ supply chain system and financial system, extending the enterprise management radius from the internal enterprise to the distribution channels and sales terminals. A SQL injection vulnerability exis...

PT-2025-54338

Name of the Vulnerable Software and Affected Versions CedCommerce WP Advanced PDF versions through 1.1.7 Description An authorization issue exists in CedCommerce WP Advanced PDF, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update CedCommerce...

WordPress plugin WP Advanced PDF 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

WordPress Advanced Ads Code Execution Vulnerability

WordPress Advanced Ads is an ad management plugin for WordPress designed to help website owners manage, optimize, and monetize their websites efficiently. WordPress Advanced Ads suffers from a code execution vulnerability that arises due to insufficient validation of user input by the...

WordPress Advanced iFrame plugin <= 2024.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Host Header vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Host Header vulnerability discovered by omstaendlig in WordPress Plugin Advanced iFrame versions = 2024.5...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993196)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993196 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: fix potential memleak in 'addwidgetnode' As 'kobjectadd' may allocated memory for...

CVE-2025-13592

The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the 'change-adcontent' shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to execute code on the server...

CVE-2025-68878

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in prasadkirpekar Advanced Custom CSS advanced-custom-css allows Reflected XSS.This issue affects Advanced Custom CSS: from n/a through = 1.1.0...

EUVD-2023-60484

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...