SUSE CVE-2024-45779

An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a he...

CVE-2024-13565

The Simple Map No Api plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2024-13565

The Simple Map No Api plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

WordPress plugin Simple Map No Api 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress WP Google Map plugin < 1.9.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin WP Google Map versions 1.9.4...

CVE-2025-26539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in petkivim Embed Google Map embed-google-map allows Stored XSS.This issue affects Embed Google Map: from n/a through = 3.2...

CVE-2024-13208 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

CVE-2024-13208 WP Google Map < 1.9.4 - Admin+ Stored XSS

The Maps Plugin using Google Maps for WordPress WordPress plugin before 1.9.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...

SUSE-SU-2025:0556-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-57897: drm/amdkfd: Correct the migration DMA map direction bsc1235969. - CVE-2024-57893: ALSA: seq: oss: Fix races at processing SysEx messages bsc123592...

CLSA-2025-1739525834 kernel: Fix of 24 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...

CVE-2025-26539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in petkivim Embed Google Map embed-google-map allows Stored XSS.This issue affects Embed Google Map: from n/a through = 3.2...

CVE-2025-26539 WordPress Embed Google Map plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in petkivim Embed Google Map embed-google-map allows Stored XSS.This issue affects Embed Google Map: from n/a through = 3.2...

CVE-2025-26539

CVE-2025-26539 concerns the WordPress plugin “Embed Google Map” (petkivim) with a Stored Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Affected version(s) are reported as

CVE-2025-26539 WordPress Embed Google Map plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in petkivim Embed Google Map allows Stored XSS. This issue affects Embed Google Map: from n/a through 3.2...

WordPress Embed Google Map plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Embed Google Map versions = 3.2...

WordPress plugin Embed Google Map 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-7180

Name of the Vulnerable Software and Affected Versions: petkivim Embed Google Map versions n/a through 3.2 Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Stored XSS in petkivim Embed Google Map...

Distribution's token authentication allows to inject an untrusted signing key in a JWT

Impact Systems running registry version 3.0.0-beta.1 with token authentication enabled. Patches Update to at least v3.0.0-rc.3 Workarounds There is no way to work around this issue without patching if your system requires token authentication. References The issue lies in how the JWK verification...

WordPress CM Map Locations plugin <= 2.0.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CM Map Locations versions = 2.0.8...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: sockmap: Avoid a race condition between sockmapclose and skpsockput. skpsockget will return NULL if the reference count of psock reaches 0, which will happen when the last call to skpsockput is completed. However, skpsockdrop may...