WordPress plugin WP Less Compiler 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

(Pwn2Own) Apple Safari B3 JIT Compiler Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the B3 JIT compiler...

CVE-2024-36280

Uncontrolled search path for some IntelR High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

RLSA-2025:1338 Moderate: gcc-toolset-14-gcc security update

The gcc-toolset-14-gcc package contains the GNU Compiler Collection version 14. Security Fixes: jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

RHSA-2025:1346 Red Hat Security Advisory: gcc security update

Bulletin has no description...

CVE-2024-36280

Uncontrolled search path for some IntelR High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-39365

Uncontrolled search path for the FPGA Support Package for the IntelR oneAPI DPC++/C++ Compiler software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-36280

Uncontrolled search path for some IntelR High Level Synthesis Compiler software before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-36280

CVE-2024-36280 affects Intel® High Level Synthesis Compiler software before version 24.2. The vulnerability is an uncontrolled search path issue in the compiler, which could allow an authenticated local attacker to escalate privileges. Affected product: Intel® High Level Synthesis Compiler prior ...

RHSA-2025:1308 Red Hat Security Advisory: gcc security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: gcc-toolset-14-gcc security update

An update for gcc-toolset-14-gcc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Intel oneAPI DPC++/C++ Compiler 代码问题漏洞

Intel oneAPI DPC++/C++ Compiler is a compiler from Intel Corporation USA. A code issue vulnerability exists in Intel oneAPI DPC++/C++ Compiler versions prior to 2024.2, which stems from the presence of an uncontrolled search path that could allow an authenticated user to enable elevation of...

PT-2025-6648 · Intel · Intel High Level Synthesis Compiler

Name of the Vulnerable Software and Affected Versions: IntelR High Level Synthesis Compiler versions prior to 24.2 Description: The issue is related to an uncontrolled search path in some IntelR High Level Synthesis Compiler software. This may allow an authenticated user to potentially enable...

Small praise for modern compilers - A case of Ubuntu printing vulnerability that wasn’t

By Aleksandar Nikolich Earlier this year, we conducted code audits of the macOS printing subsystem, which is heavily based on the open-source CUPS package. During this investigation, IPP-USB protocol caught our attention. IPP over USB specification defines how printers that are available over USB...

RUSTSEC-2025-0029 totally-safe introduces memory vulnerabilities in safe Rust

totally-safe provides unsound APIs that exploit a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860...

totally-safe introduces memory vulnerabilities in safe Rust

totally-safe provides unsound APIs that exploit a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860...

SUSE SLES12 Security Update : google-osconfig-agent (SUSE-SU-2025:0377-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:0377-1 advisory. - Update to version 20250115.01 bsc1236406, bsc1236407 - CVE-2024-24790: Bump the golang compiler version to 1.22.4 bsc1225974 Tenable has...

CVE-2022-25987

Improper handling of Unicode encoding in source code to be compiled by the IntelR C++ Compiler Classic before version 2021.6 for IntelR oneAPI Toolkits before version 2022.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...

Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: Update to version 20250115.01 bsc1236406, bsc1236407 CVE-2024-24790: Bump the golang compiler version to 1.22.4 bsc1225974 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

SUSE-SU-2025:0377-1 Security update for google-osconfig-agent

This update for google-osconfig-agent fixes the following issues: - Update to version 20250115.01 bsc1236406, bsc1236407 - CVE-2024-24790: Bump the golang compiler version to 1.22.4 bsc1225974...