CVE-2025-39869

CVE-2025-39869: Linux kernel memory allocation bug in dmaengine: ti: edma caused out-of-bounds writes to queue_priority_map due to allocating with sizeof(s8) for a 2D array; manifested as kernel crashes on ARM (BeagleBoard-X15). The issue is fixed by changing the allocation to sizeof(*queue_prior...

CVE-2025-39869

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queueprioritymap Fix a critical memory allocation bug in edmasetupfromhw where queueprioritymap was allocated with insufficient memory. The code declared queueprioritymap as s8 ...

CVE-2025-39869 dmaengine: ti: edma: Fix memory allocation size for queue_priority_map

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: edma: Fix memory allocation size for queueprioritymap Fix a critical memory allocation bug in edmasetupfromhw where queueprioritymap was allocated with insufficient memory. The code declared queueprioritymap as s8 ...

PT-2025-39124

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s netfilter module, specifically within the nft set pipapo function. A commit introduced a null dereference issue when handling empty sets, breaking the...

CVE-2025-57960

Cross-Site Request Forgery CSRF vulnerability in TravelMap Travel Map travelmap-blog allows Cross Site Request Forgery.This issue affects Travel Map: from n/a through = 1.0.3...

CVE-2025-57953

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin Open User Map versions = 1.4.14...

WordPress Travel Map Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Travel Map versions = 1.0.3...

CVE-2025-57953

The CVE-2025-57953 entry concerns the WordPress plugin Open User Map. Affected range: Open User Map from n/a through 1.4.14. The vulnerability is a DOM-Based XSS caused by Improper Neutralization of Input During Web Page Generation (Cross-site Scripting). The CVSS metrics indicate base score 6.5 ...

CVE-2025-57953 WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-57953 WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 100plugins Open User Map open-user-map allows DOM-Based XSS.This issue affects Open User Map: from n/a through = 1.4.14...

CVE-2025-57960 WordPress Travel Map Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in TravelMap Travel Map travelmap-blog allows Cross Site Request Forgery.This issue affects Travel Map: from n/a through = 1.0.3...

CVE-2025-57960 WordPress Travel Map Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in TravelMap Travel Map allows Cross Site Request Forgery. This issue affects Travel Map: from n/a through 1.0.3...

CVE-2025-57960

CVE-2025-57960 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Travel Map WordPress plugin. The issue affects the Travel Map plugin version range from not specified to 1.0.3 (i.e., vulnerable in Travel Map: from n/a through 1.0.3). The initial data provides a CVSS 3.1 base scor...

WordPress plugin Open User Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-38803

Name of the Vulnerable Software and Affected Versions 100plugins Open User Map versions through 1.4.14 Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a DOM-Based Cross-site Scripting issue. This allows for the execution of...

WordPress plugin Travel Map 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-38810

Name of the Vulnerable Software and Affected Versions TravelMap versions through 1.0.3 Description A Cross-Site Request Forgery CSRF issue exists in TravelMap Travel Map. This allows attackers to potentially perform actions on behalf of unsuspecting users. Recommendations Update TravelMap to a...

mm: /proc/pid/smaps_rollup: fix no vma's null-deref

...

riscv: rewrite __kernel_map_pages() to fix sleeping in invalid context

...