CVE-2025-21931

In the Linux kernel, the following vulnerability has been resolved: hwpoison, memoryhotplug: lock folio before unmap hwpoisoned folio Commit b15c87263a69 "hwpoison, memoryhotplug: allow hwpoisoned pages to be offlined add page poison checks in domigraterange in order to make offline hwpoisoned pa...

CVE-2025-21933 arm: pgtable: fix NULL pointer dereference issue

In the Linux kernel, the following vulnerability has been resolved: arm: pgtable: fix NULL pointer dereference issue When updatemmucacherange is called by updatemmucache, the vmf parameter is NULL, which will cause a NULL pointer dereference issue in adjustpte: Unable to handle kernel NULL pointe...

CVE-2025-21895

In the Linux kernel, the following vulnerability has been resolved: perf/core: Order the PMU list to fix warning about unordered pmuctxlist Syskaller triggers a warning due to prevepc-pmu != nextepc-pmu in perfeventswaptaskctxdata. vmcore shows that two lists have the same perfeventpmucontext, bu...

CVE-2025-31868

Missing Authorization vulnerability in JoomSky JS Job Manager js-jobs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS Job Manager: from n/a through = 2.0.2...

CVE-2025-29868 Apache Answer: Using externally referenced images can leak user privacy.

Private Data Structure Returned From A Public Method vulnerability in Apache Answer. This issue affects Apache Answer: through 1.4.2. If a user uses an externally referenced image, when a user accesses this image, the provider of the image may obtain private information about the ip address of th...

CVE-2025-31183

The CVE-2025-31183 issue affects Apple platforms as described in connected documents, with fixes in macOS Sonoma 14.7.5, iOS 18.4, iPadOS 18.4, tvOS 18.4, and macOS Sequoia 15.4. The root cause is improved restriction of data container access, and the vulnerability could allow an app to access se...

CVE-2025-24257

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.4. An app may be able to cause unexpected system termination or write kernel memory...

CVE-2025-31692

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Drupal AI Artificial Intelligence allows OS Command Injection.This issue affects AI Artificial Intelligence: from 0.0.0 before 1.0.5...

RHEL 9 : kernel (RHSA-2025:3208)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3208 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds...

@excelltechkylc/code-generator (>=1.0.0 <=1.0.1), @excelltechkylc/compiler (>=1.0.0 <=1.0.1) +5 more potentially affected by CVE-2024-38985 via depath (=1.0.6)

depath NPM version =1.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on depath and may be impacted: - @excelltechkylc/code-generator =1.0.0, =1.0.0, =1.0.6, =1.0.6, =1.0.0, =1.0.4 - vitis-lowcode-renderer =1.0.0 - vitis-lowcode-simulator-renderer...

CVE-2025-31102 WordPress Hostel plugin <= 1.1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bob Hostel allows Reflected XSS. This issue affects Hostel: from n/a through 1.1.5.5...

CVE-2025-28089

maccms10 v2025.1000.4047 is vulnerable to Server-Side Request Forgery SSRF via the Scheduled Task function...

CVE-2022-4834

creationtimestamp| type| source ---|---|--- 2025-03-27 20:27:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9209...

CVE-2025-30867 WordPress SearchIQ plugin <= 4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SearchIQ SearchIQ searchiq allows Stored XSS.This issue affects SearchIQ: from n/a through = 4.7...

CVE-2025-28873 WordPress Shuffle plugin <= 0.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Scott Taylor Shuffle shuffle allows Blind SQL Injection.This issue affects Shuffle: from n/a through = 0.5...

Moderate: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: container-tools:rhel8 security update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security h...

CVE-2025-30623 WordPress wA11y – The Web Accessibility Toolbox plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rachel Cherry wA11y – The Web Accessibility Toolbox wa11y allows Stored XSS.This issue affects wA11y – The Web Accessibility Toolbox: from n/a through = 1.0.3...

CVE-2025-29806 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...