CVE-2025-48235 WordPress WP Image Mask <= 3.1.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bogdan Bendziukov WP Image Mask allows DOM-Based XSS. This issue affects WP Image Mask: from n/a through 3.1.2...

kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()

In the Linux kernel, the following vulnerability has been resolved: iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic When performing an iSCSI boot using IPv6, iscsistart still reads the /sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix length is 64, this...

WordPress plugin WP Image Mask 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-21949 · WordPress · Wp Image Mask

Name of the Vulnerable Software and Affected Versions: WP Image Mask versions through 3.1.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows DOM-Based XSS. This means that an attacker could potential...

PT-2025-25829

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, which was causing a segfault when using PEBS-via-PT with a sample frequency instead of a sample period. The issue occurred because...

Xorg: xwayland: Buffer overflow in XkbVModMaskText()

A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size...

gstreamer1-plugins-base: GStreamer has an OOB-read in format_channel_mask

A flaw was found in the GStreamer library. An out-of-bounds read in the gst-discoverer-1.0 command line tool can cause crashes for certain input files, potentially allowing a malicious third party to trigger an application crash. This issue only affects the gst-discoverer-1.0 command line tool an...

kernel: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race

In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...

kernel: wifi: mac80211: don&#39;t use rate mask for offchannel TX either

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 "wifi: mac80211: don't use rate mask for scanning", ignore incorrect settings to avoid no supported rate warning reported by syzbot. The...

SUSE CVE-2025-37830

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scmicpufreqgetrate does not check for this case, which results in a NULL pointer...

SUSE CVE-2025-37831

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...

Sparsification under Siege: Defending against Poisoning Attacks in Communication-Efficient Federated Learning

Federated Learning FL enables collaborative model training across distributed clients while preserving data privacy, yet it faces significant challenges in communication efficiency and vulnerability to poisoning attacks. While sparsification techniques mitigate communication overhead by...

DEBIAN-CVE-2025-37830

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scmicpufreqgetrate does not check for this case, which results in a NULL pointer...

CVE-2025-37830

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scmicpufreqgetrate does not check for this case, which results in a NULL pointer...

DEBIAN-CVE-2025-37829

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scpicpufreqgetrate does not check for this case, which results in a NULL pointer...

DEBIAN-CVE-2025-37831

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in applesoccpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. applesoccpufreqgetrate does not check for this case, which results in a...

UBUNTU-CVE-2025-37830

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scmi: Fix null-ptr-deref in scmicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scmicpufreqgetrate does not check for this case, which results in a NULL pointer...

UBUNTU-CVE-2025-37829

In the Linux kernel, the following vulnerability has been resolved: cpufreq: scpi: Fix null-ptr-deref in scpicpufreqgetrate cpufreqcpugetraw can return NULL when the target CPU is not present in the policy-cpus mask. scpicpufreqgetrate does not check for this case, which results in a NULL pointer...

SUSE CVE-2022-49870

In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in...

SUSE CVE-2023-53047

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdteeopensession There is a potential race condition in amdteeopensession that may lead to use-after-free. For instance, in amdteeopensession after sess-sessmask is set, and before setting:...