663 matches found
CVE-2026-0939
CVE-2026-0939 (Rede Itaú for WooCommerce) : The WordPress plugin is vulnerable to unauthenticated order status manipulation due to insufficient verification of payment callback authenticity in all versions up to 5.1.2. This allows attackers to mark orders as paid/failed without authentication. Ex...
CVE-2026-0939 Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit <= 5.1.2 - Unauthenticated Order Status Manipulation
The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...
CVE-2026-0939
The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...
CVE-2026-0939 Rede Itaú for WooCommerce — Payment PIX, Credit Card and Debit <= 5.1.2 - Unauthenticated Order Status Manipulation
The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...
SUSE CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
WordPress plugin Rede Itaú for WooCommerce has a vulnerability related to data manipulation.
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
PT-2026-3226
The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
UBUNTU-CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117 block: Remove queue freezing from several sysfs store callbacks
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117
CVE-2025-71117 corresponds to a Linux kernel fix that removes queue freezing from several sysfs store callbacks to prevent deadlocks (notably with dm-multipath and the queue_if_no_path option). Affected sysfs attributes include io_poll_delay, io_timeout, nomerges, read_ahead_kb, and rq_affinity. ...
CVE-2025-71117
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
CVE-2025-71117 block: Remove queue freezing from several sysfs store callbacks
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...
PT-2026-27747
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where raw event callbacks could occur even for a HID device that had not been claimed, potentially causing a crash if a broken device were connected. The...
PT-2026-5520
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s idpf driver related to error handling within the init task during driver loading. If the init task fails, the system may lack necessary virtual ports...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993290)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993290 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the...
EUVD-2023-60380
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup" but not assigned for gfx11. Fixes a NULL dereference in debugfs...
CVE-2023-54261
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqdstride function was introduced in commit 2f77b9a242a2 "drm/amdkfd: Update MQD management on multi XCC setup" but not assigned for gfx11. Fixes a NULL dereference in debugfs...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992476)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992476 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: rtl8712: fix use after free bugs Read/WriteMACREG callbacks are NULL so the...
PT-2025-54022
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the net/sched subsystem related to the handling of traffic control blocks. Specifically, the error handler in tcf block bind frees the cb list without...