CVE-2020-36853 10WebMapBuilder <= 1.0.63 - Unauthenticated Stored Cross-Site Scripting via Plugin Settings Change

The 10WebMapBuilder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Plugin Settings Change in versions up to, and including, 1.0.63 due to insufficient input sanitization and output escaping and a lack of capability checks. This makes it possible for unauthenticated attacker...

Linux Distros Unpatched Vulnerability : CVE-2025-62490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not...

SUSE CVE-2025-39972

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...

DEBIAN-CVE-2025-62490

In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during jsprintvalue, during which the array could get resized and len1 become ou...

CVE-2025-62490

CVE-2025-62490 affects QuickJS: in js_print_object, during printing of arrays, maps, or sets, the code reads the length and iterates, but printing a value is not side-effect free. An attacker-defined callback during js_print_value could resize or remove items (e.g., in an array or ms-&gt;records)...

CVE-2025-62490

In quickjs, in jsprintobject, when printing an array, the function first fetches the array length and then loops over it. The issue is, printing a value is not side-effect free. An attacker-defined callback could run during jsprintvalue, during which the array could get resized and len1 become ou...

CVE-2025-39972

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...

CVE-2025-11365

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

i40e: fix idx validation in i40e_validate_queue_map

...

CVE-2025-11365

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2025-11365

CVE-2025-11365 : The WP Google Map Plugin for WordPress (

CVE-2025-11365 WP Google Map Plugin <= 1.0 - Authenticated (Contributor+) SQL Injection

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2025-11365 WP Google Map Plugin <= 1.0 - Authenticated (Contributor+) SQL Injection

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

EUVD-2025-34548

The WP Google Map Plugin plugin for WordPress is vulnerable to blind SQL Injection via the 'id' parameter of the 'googlemap' shortcode in all versions up to, and including, 1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2025-39972

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...

AZL-68483 CVE-2025-39972 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...

UBUNTU-CVE-2025-39972

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...

CVE-2025-39992 mm: swap: check for stable address space before operating on the VMA

In the Linux kernel, the following vulnerability has been resolved: mm: swap: check for stable address space before operating on the VMA It is possible to hit a zero entry while traversing the vmas in unusemm called from swapoff path and accessing it causes the OOPS: Unable to handle kernel NULL...

CVE-2025-39972

CVE-2025-39972 affects the Linux kernel i40e driver. The vulnerability stems from insufficient idx validation in i40e_validate_queue_map(), where idx may reference vf-&gt;ch[idx] outside the range of active/initialized TCs, risking out-of-bounds access. The issue has been fixed in the upstream ke...

CVE-2025-39972 i40e: fix idx validation in i40e_validate_queue_map

In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in i40evalidatequeuemap Ensure idx is within range of active/initialized TCs when iterating over vf-chidx in i40evalidatequeuemap...