PT-2026-28351

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race condition that can lead to potential corruption of std::queue and std::deque. The issue is triggered by a...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accepting RSS hash key updates when there is no RX indirect table, potentially leading to a hang...

kernel security update

5.14.0-570.21.1.0.16.OL9 - nvme-pci: remove two deallocate zeroes quirks Orabug: 37756650 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys lis...

WordPress Resido theme <= 3.6 - Missing Authorization to Unauthenticated Server-Side Request Forgery and API Key Settings Update vulnerability

Missing Authorization to Unauthenticated Server-Side Request Forgery and API Key Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin Resido versions = 3.6...

Linux Distros Unpatched Vulnerability : CVE-2011-4110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The userupdate function in security/keys/userdefined.c in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and kern...

CGA-77FH-PX8C-24H3

Bulletin has no description...

PT-2023-28262 · WordPress · Poeditor

Name of the Vulnerable Software and Affected Versions: POEditor WordPress plugin versions prior to 0.9.8 Description: The issue is related to the lack of CSRF checks in various places within the plugin, allowing attackers to perform unwanted actions on logged-in admins, such as resetting the...

CVE-2023-0328 WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion

The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication such as update and delete...

WordPress plugin Google Maps 跨站请求伪造漏洞

WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin Google Maps 1.2.1 and previous versions have a cross-site request forgery vulnerability, which can be exploited by attacke...

CVE-2022-1656

Vulnerable versions of the JupiterX Theme =2.0.6 allow any logged-in user, including subscriber-level users, to access any of the functions registered in lib/api/api/ajax.php, which also grant access to the jupiterxapiajax actions registered by the JupiterX Core Plugin =2.0.6. This includes the...

FreeBSD Resource Management Error Vulnerability

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A resource management error vulnerability in FreeBSD versions prior to 12.1-STABLE r352509, prior to 11.3-STABLE r352509, and prior to 11.3-RELEASE p9, which stems from a failure of the SCTP layer to properly check when ...

Oracle Linux 7 : kernel (ELSA-2017-0386-1)

Description of changes: - 3.10.0-514.6.10.0.1.el7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigningkey.x509alexey.petrenko at oracle.com - Update...