Linux Distros Unpatched Vulnerability : CVE-2025-38150

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afpacket: move notifier's packetdevmc out of rcu critical section Syzkaller reports the...

Linux Distros Unpatched Vulnerability : CVE-2025-38323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: atm: add lecmutex syzbot found its way in net/atm/lec.c, and found an error path in lecdattach could leave a dangling pointer in devlec. Add a mutex to...

WordPress IDonate plugin unauthorized access vulnerability

WordPress IDonate plugin is a WordPress plugin designed for blood donation management, mainly used to create blood donation related website features. An unauthorized access vulnerability exists in WordPress IDonate plugin, which stems from the application's inadequate protection of sensitive...

Linux Distros Unpatched Vulnerability : CVE-2023-42752

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating skbsharedinfo in the userspace, which is exploitable in system...

Linux Distros Unpatched Vulnerability : CVE-2023-52899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Add exception protection processing for vd in axichanhandleerr function Since there is no protection for vd, a kernel panic will be triggered here in exceptiona...

CVE-2024-58238

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test This fixes the tx timeout issue seen while running a stress test on btnxpuart for couple of hours, such that the interval between two HCI commands coincide...

Linux Distros Unpatched Vulnerability : CVE-2023-52855

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency In dwc2hcdurbenqueue, urb-hcpriv = NULL is executed without holding the lock...

CVE-2025-36020

IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...

Multiple SEIKO EPSON products use weak initial passwords

Overview Multiple SEIKO EPSON products contain the following vulnerability. Use of weak credentials CWE-1391 - CVE-2025-35970 The initial administrator password is easy to guess from the information available via SNMP SEIKO EPSON CORPORATION reported this vulnerability to JPCERT/CC to notify user...

CVE-2025-8656

Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exist...

The vulnerability of the FortiSIEM security management graphical interface lies in the lack of protective measures for the SQL query structure, allowing attackers to disclose protected information.

The vulnerability of the FortiSIEM security management graphical interface is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to disclose the protected information remotely...

Linux Distros Unpatched Vulnerability : CVE-2024-46788

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The startkthread and...

Linux Distros Unpatched Vulnerability : CVE-2025-23141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extrem...

CVE-2025-54394

Netwrix Directory Manager formerly Imanami GroupID 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources...

Malwarebytes earns MRG Effitas Android 360° Certificate for mobile threat detection

We’re excited to announce that MRG Effitas, a globally recognized security assessment firm, has awarded Malwarebytes the prestigious MRG Effitas Android 360° Certificate, one of the toughest independent tests in mobile security. Our mobile protection received the highest marks, achieving a...

x86/sgx: Prevent attempts to reclaim poisoned pages

...

s390/pkey: Prevent overflow in size calculation for memdup_user()

...

CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

AZL-66122 CVE-2025-3770 affecting package hvloader for versions less than 1.0.1-14

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...