CVE-2025-40028 binder: fix double-free in dbitmap

In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc-dmap. In that case, dbitmapgrow fails and frees the old bitmap via dbitmapfree. However, the driver calls dbitmapfree...

CVE-2025-40028 binder: fix double-free in dbitmap

In the Linux kernel, the following vulnerability has been resolved: binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc-dmap. In that case, dbitmapgrow fails and frees the old bitmap via dbitmapfree. However, the driver calls dbitmapfree...

UBUNTU-CVE-2025-62231

A flaw was identified in the X.Org X server’s X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

Linux Distros Unpatched Vulnerability : CVE-2025-40028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - binder: fix double-free in dbitmap A process might fail to allocate a new bitmap when trying to expand its proc-dmap. In that case, dbitmapgrow fails and frees...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1239)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1239 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

Linux Distros Unpatched Vulnerability : CVE-2025-40036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: fix possible map leak in fastrpcputargs copytouser failure would cause an early return without cleaning up the fdlist, which has been updated by...

kernel: mm: swap: fix potential buffer overflow in setup_clusters()

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setupclusters In setupswapmap, we only ensure badpages are in range 0, lastpage. As maxpages might be = maxpages. Only call incclusterinfopage for badpage which is maxpages to fix the...

Linux Distros Unpatched Vulnerability : CVE-2025-39972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...

Siemens SIMATIC Devices Improper Input Validation (CVE-2023-52447)

bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpfmapfdputptr decreases the ref-counter of the inner map directly through bpfmapput, if the...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling CVE-2022-50053 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 Affected Packages:...

CVE-2025-11813

The Responsive iframe GoogleMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsivemap' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on the 'width' and 'height' attributes. This makes it...

EUVD-2023-60023

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6findtlv optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center...

EUVD-2023-60031

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attrgroups in unregisternvdimmpmu Memory pointed by 'ndpmu-pmu.attrgroups' is allocated in function 'registernvdimmpmu' and is lost after 'kfreendpmu' call in function 'unregisternvdimmpmu'...

CVE-2025-11813

The Responsive iframe GoogleMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsivemap' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on the 'width' and 'height' attributes. This makes it...

CVE-2025-11813

CVE-2025-11813 — WordPress Responsive iframe GoogleMap plugin is vulnerable to stored cross-site scripting via the shortcode responsive_map in versions ≤ 1.0.2. The issue stems from insufficient input sanitization and output escaping on the width and height attributes, enabling authenticated user...

CVE-2025-11813 Responsive iframe GoogleMap <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Responsive iframe GoogleMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsivemap' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on the 'width' and 'height' attributes. This makes it...

EUVD-2025-35340

The Responsive iframe GoogleMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsivemap' shortcode in all versions up to, and including, 1.0.2. This is due to insufficient input sanitization and output escaping on the 'width' and 'height' attributes. This makes it...

WordPress plugin Responsive iframe GoogleMap 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to release a tag map when replacing an existing ct entry, which could lead to a memory leak...

What Is a Platform for Continuous Exposure Assessment?

You can’t protect what you don’t know you have. In an environment of sprawling cloud instances, remote endpoints, and shadow IT, gaining a complete and accurate picture of your attack surface is a massive challenge. Periodic scans only provide a snapshot in time, missing assets that spin up and...