kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arenamapfree on 64k page kernel On an aarch64 kernel with CONFIGPAGESIZE64KB=y, arenahtab tests cause a segmentation fault and soft lockup. The same failure is not observed with 4k pages on aarch64. It turn...

kernel: bpf: Fix deadlock when freeing cgroup storage

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...

kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arenamapfree on 64k page kernel On an aarch64 kernel with CONFIGPAGESIZE64KB=y, arenahtab tests cause a segmentation fault and soft lockup. The same failure is not observed with 4k pages on aarch64. It turn...

kernel: bpf: avoid holding freeze_mutex during mmap operation

In the Linux kernel, the following vulnerability has been resolved: bpf: avoid holding freezemutex during mmap operation We use map-freezemutex to prevent races between mapfreeze and memory mapping BPF map contents with writable permissions. The way we naively do this means we'll hold freezemutex...

kernel: bpf: Fix deadlock when freeing cgroup storage

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock when freeing cgroup storage The following commit bc235cdb423a "bpf: Prevent deadlock from recursive bpftaskstorageget|delete" first introduced deadlock prevention for fentry/fexit programs attaching on...

EUVD-2025-60925

The Coon Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter in the 'map' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

EUVD-2025-60924

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

CVE-2025-11999

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

CVE-2025-11999

CVE-2025-11999 concerns the WordPress plugin Add Multiple Marker. A missing capability check in addmultiplemarker_reset_map() and amm_save_map_api() allows unauthenticated users to modify map settings (update the map API and reset maps) in all versions up to and including 1.2. Public sources (Wor...

CVE-2025-11999 Add Multiple Marker <= 1.2 - Missing Authorization to Unauthenticated Settings Update

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

CVE-2025-11999 Add Multiple Marker <= 1.2 - Missing Authorization to Unauthenticated Settings Update

The Add Multiple Marker plugin for WordPress is vulnerable to unauthorized modification of data to due to a missing capability check on the addmultiplemarkerresetmap and ammsavemapapi functions in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upda...

CVE-2025-12662 Coon Google Maps <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Coon Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter in the 'map' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

CVE-2025-12662 Coon Google Maps <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Coon Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'height' parameter in the 'map' shortcode in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possibl...

CVE-2025-12662

The CVE-2025-12662 entry concerns the WordPress Coon Google Maps plugin. A stored XSS flaw exists in all versions up to 1.0 via the height parameter in the map shortcode, caused by insufficient input sanitization and output escaping. An authenticated attacker with contributor-level access or high...

WordPress plugin Coon Google Maps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Coon Maps plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...

PT-2025-46287

Name of the Vulnerable Software and Affected Versions Coon Google Maps plugin for WordPress versions prior to 1.1 Description The Coon Google Maps plugin for WordPress is susceptible to Stored Cross-Site Scripting through the height parameter within the 'map' shortcode. This occurs because of...

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2025-074 (ALASNITRO-ENCLAVES-2025-074)

The version of containerd installed on the remote host is prior to 2.1.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-074 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other tha...

WordPress plugin Add Multiple Marker 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security vulnerability exists in the WordPress plugin Add Multiple Marker, which stems from a...

PT-2025-46270

Name of the Vulnerable Software and Affected Versions Add Multiple Marker plugin for WordPress versions up to and including 1.2 Description The Add Multiple Marker plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check in the addmultiplemarker...

WordPress plugin Extensions for Leaflet Map cross-site scripting vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin Extensions for Leaflet Map suffers from a cross-site scripting vulnerability...