Protection Mechanism Failure

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Protection Mechanism Failure via the inspectedWindow.reload method and resource access functions in the DevTools Extensions API. An attacker can escape the extension sandbox and access or...

SUSE CVE-2025-40153

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a large hugetlb memory area in our customer's workload 300GB hugetlb memory, soft lockup was observed: watchdog: BUG: soft lockup - CPU98...

SUSE CVE-2025-40170

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

SUSE CVE-2025-40172

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat remaining == 0 as error in findandmapuserpages Currently, if findandmapuserpages takes a DMA xfer request from the user with a length field set to 0, or in a rare case, the host receives QAICTRANSDMAXFERCONT fro...

PT-2025-46992

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Prisma Browser affected versions not specified Description A sensitive information disclosure issue exists in Palo Alto Networks Prisma Browser. A locally authenticated, non-administrative user can retrieve sensitive data...

Intel QAT Windows software buffer overflow vulnerability

Intel QAT Windows software refers to the collection of Intel® Data Protection and Compression Acceleration Technology software components that provide support for the Windows operating system. The Intel QAT Windows software has a buffer overflow vulnerability that originates from a buffer overflo...

Intel CIP Information Disclosure Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause information...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28674)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from a protection mechanism failure, which can be exploited by an attacker to cause an elevation...

PT-2025-46991

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Prisma® Browser versions affected versions not specified Description A flaw exists in Palo Alto Networks Prisma® Browser on Windows where a locally authenticated, non-administrator user can circumvent the browser's screensho...

CVE-2025-36096 AIX Insufficiently Protected Credentials

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

6 Best CTEM Vendors: A Head-to-Head Comparison

Your team just ran a vulnerability scan and now you’re staring at a list of thousands of CVEs. The big question is, what do you fix first? Relying on CVSS scores alone doesn’t tell you which of these vulnerabilities are actually exploitable in your environment or which ones protect your most...

CVE-2025-64718

CVE-2025-64718 affects js-yaml, allowing prototype pollution via proto when parsing untrusted YAML. The issue is patched in js-yaml 4.1.1 and in 3.14.2. Public IBM bulletins confirm usage of vulnerable js-yaml versions in IBM Maximo components and recommend upgrading to a fixed release (e.g., js-...

CVE-2025-40170

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

CVE-2025-11260

The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.15. This is due to the plugin only checking for the existence of the Authorization header in a request when determining if the nonce protection should be bypasse...

CVE-2025-11260

The CVE-2025-11260 entry describes a protection mechanism bypass in the WordPress WP Headless CMS Framework plugin (versions up to and including 1.15). The vulnerability arises because the plugin only checks for the presence of the Authorization header to decide whether to bypass nonce protection...

CVE-2025-11260 WP Headless CMS Framework <= 1.15 - Unauthenticated Protection Mechanism Bypass

The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.15. This is due to the plugin only checking for the existence of the Authorization header in a request when determining if the nonce protection should be bypasse...

EUVD-2025-158258

The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.15. This is due to the plugin only checking for the existence of the Authorization header in a request when determining if the nonce protection should be bypasse...

CVE-2025-11260 WP Headless CMS Framework <= 1.15 - Unauthenticated Protection Mechanism Bypass

The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass in all versions up to, and including, 1.15. This is due to the plugin only checking for the existence of the Authorization header in a request when determining if the nonce protection should be bypasse...

CVE-2025-64429

A vulnerability was found in DuckDB’s database encryption design. In certain situations, DuckDB could generate encryption keys using a weak random number generator, fail to reliably wipe keys from memory, accept manipulated database headers that disable integrity protection, or miss detecting...

Rockwell Automation FactoryTalk Policy Manager

RISK EVALUATION Successful exploitation of this vulnerability could lead to resource exhaustion and denial of service. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...