CVE-2025-9895

The Notification Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the 'subscriber-list-empty.php' file. This makes it possible for unauthenticated attackers to empty the subscrib...

CVE-2025-9895 Notification Bar <= 2.2 - Cross-Site Request Forgery

The Notification Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the 'subscriber-list-empty.php' file. This makes it possible for unauthenticated attackers to empty the subscrib...

CVE-2025-9895

CVE-2025-9895 : The WordPress plugin Notification Bar (versions

WordPress plugin Notification Bar 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

PT-2025-40508

Name of the Vulnerable Software and Affected Versions Notification Bar plugin for WordPress versions prior to 2.3 Description The Notification Bar plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by insufficient or incorrect nonce validation within the...

can: j1939: implement NETDEV_UNREGISTER notification handler

...

SUSE CVE-2025-39925

In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...

UBUNTU-CVE-2025-39925

In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...

CVE-2025-39925 can: j1939: implement NETDEV_UNREGISTER notification handler

In the Linux kernel, the following vulnerability has been resolved: can: j1939: implement NETDEVUNREGISTER notification handler syzbot is reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 problem, for j1939 protocol did not have NETDEVUNREGISTER notification handler...

VMware vCenter SMTP Header Injection Vulnerability

VMware vCenter is a virtualization management software from VMware. An SMTP header injection vulnerability exists in VMware vCenter, which can be exploited by an attacker to manipulate notification emails for scheduled tasks...

Fedora 42 : bird (2025-f6b553e67d)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-f6b553e67d advisory. BIRD 3.1.4 2025-09-22 BGP: Fixed crash on Notification with a message, CVE-2025-59688 BGP: Fixed invalid memory access in pending TX flush BGP: Fixed a rare...

PT-2025-40184

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the IPv6 implementation related to the calculation of the nexthop length in the rt6 nlmsg size function. Specifically, when handling lwtunnel...

CVE-2025-41250

VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks...

Fedora 43 : bird (2025-182c305561)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-182c305561 advisory. BIRD 3.1.4 2025-09-22 BGP: Fixed crash on Notification with a message, CVE-2025-59688 BGP: Fixed invalid memory access in pending TX flush BGP: Fixed a rare...

CVE-2025-41250

VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks...

CVE-2025-41250

CVE-2025-41250 describes an SMTP header injection vulnerability in VMware vCenter. A malicious actor with non-administrative privileges and permission to create scheduled tasks can manipulate the notification emails sent for these tasks. The cited sources (NVD/VMware advisories) assign CVSSv3.1 b...

CVE-2025-41250 Header injection vulnerability

VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks...

VMware vCenter 安全漏洞

VMware vCenter is a virtualization management software from VMware. An SMTP header injection vulnerability exists in VMware vCenter, which can be exploited by an attacker to manipulate notification emails for scheduled tasks...

PT-2025-39744

CVE-2025-56714 Cloud-Classroom-PHP-1.0 CVE-2025-56713 Poc 2 - POST /classrooms/loginlin... https://t.co/Dx3zpMS4OH Vulnerability Notification: https://t.co/xhLrNnfyrO...

RHSA-2025:1963

creationtimestamp| type| source ---|---|--- 2025-09-25 17:54:46+00:00| seen| Telegram/LauEJH8XtyvIR8Jsw9hJgU55K19UrIz3P1NwYRmy9ZMAio...