WordPress PSW Front-end Login Registration 1.12 User Registration

WordPress PSW Front-end Login Registration plugin versions 1.12 and below suffers from a vulnerability that allows an unauthenticated attacker to register new user accounts via an exposed AJAX action without proper validation or restrictions...

Lara: Lightweight Anonymous Authentication with Asynchronous Revocation Auditability

Anonymous authentication is a technique that allows to combine access control with privacy preservation. Typically, clients use different pseudonyms for each access, hindering providers from correlating their activities. To perform the revocation of pseudonyms in a privacy preserving manner is...

Huawei EulerOS: Security Advisory for c-ares (EulerOS-SA-2025-1453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: NFSD: Limit the number of concurrent async COPY operations

In the Linux kernel, the following vulnerability has been resolved: NFSD: Limit the number of concurrent async COPY operations Nothing appears to limit the number of concurrent async COPY operations that clients can start. In addition, AFAICT each async COPY can copy an unlimited number of 4MB...

kernel: NFSv4.0: Fix a use-after-free problem in the asynchronous open()

In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfsreleaseseqid in...

[SECURITY] Fedora 40 Update: python-h11-0.14.0-7.fc40

This is a little HTTP/1.1 library written from scratch in Python, heavily inspired by hyper-h2. It is a "bring-your-own-I/O" library; h11 contains no IO code whatsoever. This means you can hook h11 up to your favorite network API, and that could be anything you want: synchronous, threaded,...

libevent bug fix update

An update is available for libevent. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libevent packages provide an abstract asynchronous event notification...

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

libuv security update

An update is available for libuv. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libuv is a multi-platform support library with a focus on asynchronous I/O...

c-ares security update

An update is available for c-ares. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The c-ares C library defines asynchronous DNS Domain Name System requests and...

USN-7477-1: c-ares vulnerability

It was discovered that c-ares incorrectly handled re-enqueuing certain queries. A remote attacker could possibly use this issue to cause c-ares to crash, resulting in a denial of service...

SUSE CVE-2023-53111

In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues doreqfilebacked calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loophandlecmd such that it does not dereference...

CVE-2023-53111

In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues doreqfilebacked calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loophandlecmd such that it does not dereference...

UBUNTU-CVE-2023-53111

In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues doreqfilebacked calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loophandlecmd such that it does not dereference...

CVE-2023-53111 loop: Fix use-after-free issues

In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues doreqfilebacked calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loophandlecmd such that it does not dereference...

WordPress多款产品 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers. A code injection...

UBUNTU-CVE-2025-37777

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2leasebreaknoti Move tcptransport free to ksmbdconnfree. If ksmbd connection is referenced when ksmbd server thread terminates, It will not be freed, but conn-tcptransport is freed...

Race Condition

Overview @genkit-ai/firebase is a Genkit AI framework plugin for Firebase including Firestore trace/state store and deployment helpers for Cloud Functions for Firebase. Affected versions of this package are vulnerable to Race Condition via the asynchronous user engagement collection in the...

Race Condition

Overview @genkit-ai/core is a Genkit AI framework core libraries. Affected versions of this package are vulnerable to Race Condition via the asynchronous user engagement collection in the appendSpan and collectUserEngagement methods, where calls were not correctly awaited. Improper handling of...

[SECURITY] Fedora 42 Update: mingw-libsoup-2.74.3-11.fc42

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...