CVE-2025-38564 perf/core: Handle buffer mapping fail correctly in perf_mmap()

In the Linux kernel, the following vulnerability has been resolved: perf/core: Handle buffer mapping fail correctly in perfmmap After successful allocation of a buffer or a successful attachment to an existing buffer perfmmap tries to map the buffer read only into the page table. If that fails, t...

CVE-2025-8622

The Flexible Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flexible Maps shortcode in all versions up to, and including, 1.18.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-8622

The Flexible Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flexible Maps shortcode in all versions up to, and including, 1.18.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2025-33763 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The perf mmap function in the Linux kernel does not correctly handle buffer mapping failures. Specifically, if mapping a buffer read-only into the page table fails after successful...

WordPress plugin Flexible Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-33713 · WordPress · Flexible Map

Name of the Vulnerable Software and Affected Versions: Flexible Map plugin for WordPress versions prior to 1.19.0 Description: The Flexible Map plugin for WordPress is susceptible to Stored Cross-Site Scripting through the plugin’s Flexible Maps shortcode. Insufficient input sanitization and outp...

CKM-Assisted Physical-Layer Security for Resilience against Unknown Eavesdropping Location

Channel Knowledge Map CKM is an emerging data-driven toolbox that captures our awareness of the wireless channel and enables efficient communication and resource allocation beyond the state of the art. In this work, we consider CKM for improving physical-layer security PLS in the presence of a...

Linux Distros Unpatched Vulnerability : CVE-2015-6771

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certain map and filter operations for arrays, which allows remote...

WordPress Flexible Maps plugin <= 1.18.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flexible Maps Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Flexible Maps Shortcode vulnerability discovered by zer0gh0st in WordPress Plugin Flexible Map versions = 1.18.0...

CVE-2025-55587

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

Instagram Map: What is it and how do I control it?

Instagram Map is a new feature—for Instagram, anyway—that users may have enabled without being fully aware of the consequences. The Map feature launched in the US on August 6, 2025, and is reportedly planned for a global rollout "soon." As of mid-August 2025, not all users outside the US,...

CVE-2025-38502

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix oob access in cgroup local storage Lonial reported that an out-of-bounds access in cgroup local storage can be crafted via tail calls. Given two programs each utilizing a cgroup local storage with a different value size,...

CVE-2025-55587

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-55591

TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint...

PT-2025-33687 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 4.0.0-B20230531.1404 Description: A buffer overflow exists in the hostname parameter at the /boafrm/formMapDelDevice API endpoint of the TOTOLINK A3002R router. This issue allows attackers to cause a Denial of Service...

Linux Distros Unpatched Vulnerability : CVE-2019-18423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEMaddtophysmap hypercall. p2m-maxmappedgfn is...

Linux Distros Unpatched Vulnerability : CVE-2021-23368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service ReDoS during source map parsing. CVE-2021-23368 Note tha...

Linux Distros Unpatched Vulnerability : CVE-2019-12222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9. There is an out-of-bounds read in the function SDLInvalidateMap at video/SDLpixels.c...

Linux Distros Unpatched Vulnerability : CVE-2020-11998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contai...

CVE-2025-52732

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in RealMag777 GMap Targeting gmap-targeting allows PHP Local File Inclusion.This issue affects GMap Targeting: from n/a through = 1.1.6...