CLSA-2025-1747725447 kernel: Fix of 35 CVEs

ext4: fix OOB read when checking dotdot dir CVE-2025-37785 - wifi: iwlwifi: limit printed string from FW file CVE-2025-21905 - drm/amdgpu: Fix potential out-of-bounds access in 'amdgpudiscoveryregbaseinit' CVE-2024-27042 - dm-crypt: don't modify the data when using authenticated encryption...

CVE-2024-8854

The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...

CVE-2024-8854

The CVE-2024-8854 entry concerns the Polls CP WordPress plugin (versions prior to 1.0.77). The vulnerability arises because the plugin does not sanitize and escape certain poll settings, enabling stored cross-site scripting via admin-level actions, even when unfiltered_html is disallowed (e.g., i...

kernel: xen-netfront: Fix NULL sring after live migration

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with source host is destroyed before live migration and new sring with target host is setup after live...

CVE-2025-47545

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

CVE-2025-47545

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker allows Leveraging Race Conditions. This issue affects Poll Maker: from n/a through 5.7.7...

CVE-2025-47545

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

CVE-2025-47545 WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

CVE-2025-47545

CVE-2025-47545 relates to a race condition in the WordPress plugin Poll Maker. Affected software: Poll Maker versions n/a through 5.7.7. Root cause per sources: Concurrent execution using a shared resource with improper synchronization. Documented impact aligns with race conditions (no concrete e...

CVE-2025-47545 WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability

Race Condition Vulnerability discovered by Ibrahim Mohammad in WordPress Plugin Poll Maker versions = 5.7.7...

PT-2025-20158 · Unknown · Ays Pro Poll Maker

Name of the Vulnerable Software and Affected Versions: Ays Pro Poll Maker versions n/a through 5.7.7 Description: The issue is related to a 'Race Condition' vulnerability, which occurs due to concurrent execution using shared resources with improper synchronization. This allows for leveraging rac...

WordPress plugin Poll Maker 竞争条件问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A competitive...

CVE-2025-37791

In the Linux kernel, the following vulnerability has been resolved: ethtool: cmiscdb: use correct rpl size in ethtoolcmismodulepoll rpl is passed as a pointer to ethtoolcmismodulepoll, so the correct size of rpl is sizeofrpl which should be just 1 byte. Using the pointer size instead can cause...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from ethtoolcmismodulepoll using the wrong rpl size...

PT-2025-22179

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc2-next-20250417-00001-gf6a27738686c-dirty Description The issue is related to spinlock recursion in the mtk-star-emac driver, which can occur when enabling DMA interrupts again in rx/tx poll. This can le...

CVE-2025-24577

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 5.5.0...

CVE-2025-32562

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com WP Easy Poll wp-easy-poll-afo allows Reflected XSS.This issue affects WP Easy Poll: from n/a through = 2.2.9...

CVE-2025-32562

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aviplugins.com WP Easy Poll wp-easy-poll-afo allows Reflected XSS.This issue affects WP Easy Poll: from n/a through = 2.2.9...

CVE-2025-24577

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 5.5.0...