kernel: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for non-leaf pmd/pud The page table check trigger BUGON unexpectedly when collapse hugepage: ------------ cut here ------------ kernel BUG at mm/pagetablecheck.c:82! Internal error: Oops - BUG...

kernel: of/irq: Prevent device address out-of-bounds read in interrupt map walk

In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk When ofirqparseraw is invoked with a device address smaller than the interrupt parent node from address-cells property, KASAN detects the following...

kernel: sock_map: avoid race between sock_map_close and sk_psock_put

In the Linux kernel, the following vulnerability has been resolved: sockmap: avoid race between sockmapclose and skpsockput skpsockget will return NULL if the refcount of psock has gone to 0, which will happen when the last call of skpsockput is done. However, skpsockdrop may not have finished ye...

kernel: sock_map: Add a cond_resched() in sock_hash_free()

In the Linux kernel, the following vulnerability has been resolved: sockmap: Add a condresched in sockhashfree Several syzbot soft lockup reports all have in common sockhashfree If a map with a large number of buckets is destroyed, we need to yield the cpu when needed...

xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

TOTOLINK A3002R 安全漏洞

TOTOLINK A3002R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in the TOTOLINK A3002R, which stems from the bandstr parameter in the formMapDelDevice interface failing to correctly validate the length size of the input data, no detailed...

CVE-2025-47669

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through = 1.1.12...

WordPress CBX Map for Google Map & OpenStreetMap plugin <= 1.1.12 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin CBX Map for Google Map & OpenStreetMap versions = 1.1.12...

CVE-2025-47669

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through = 1.1.12...

CVE-2025-47669 WordPress CBX Map for Google Map & OpenStreetMap plugin <= 1.1.12 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sabuj Kundu CBX Map for Google Map & OpenStreetMap cbxgooglemap allows DOM-Based XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through = 1.1.12...

CVE-2025-47669

CVE-2025-47669 affects the WordPress plugin CBX Map for Google Map & OpenStreetMap (versions 1.1.12 and earlier). The issue is a DOM-based XSS caused by improper input neutralization during web page generation. Affected product: CBX Map for Google Map & OpenStreetMap. Impact per provided data: Cr...

WordPress plugin CBX Map for Google Map & OpenStreetMap 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-20218 · Unknown · Cbx Map For Google Map & Openstreetmap

Name of the Vulnerable Software and Affected Versions: CBX Map for Google Map & OpenStreetMap versions 1.1.12 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means th...

SUSE CVE-2022-49778

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect filemapcount for non-leaf pmd/pud The page table check trigger BUGON unexpectedly when collapse hugepage: ------------ cut here ------------ kernel BUG at mm/pagetablecheck.c:82! Internal error: Oops - BUG...

clk: qcom: gcc-sm6350: Add missing parent_map for two clocks

...

Adversarial Sample Generation for Anomaly Detection in Industrial Control Systems

Machine learning ML-based intrusion detection systems IDS are vulnerable to adversarial attacks. It is crucial for an IDS to learn to recognize adversarial examples before malicious entities exploit them. In this paper, we generated adversarial samples using the Jacobian Saliency Map Attack JSMA...

CVE-2025-3504

The WP Maps WordPress plugin before 4.7.2 does not sanitise and escape some of its Map settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

SUSE CVE-2022-49832

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN about null pointer dereference: BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50 Read of size 1 at addr 0000000000000000 by task...

SUSE CVE-2023-53143

In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4 dev /, .fmrphysical = 0, ,...

DEBIAN-CVE-2023-53143

In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4 dev /, .fmrphysical = 0, ,...