EUVD-2022-54677

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer list being corrupted, which usually happens when a timer is freed while still active. This is commonly triggered by code calling deltim...

EUVD-2025-35494

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through = 2.20.0...

EUVD-2025-35546

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...

CVE-2025-52736

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Daman Jeet Finale Lite finale-woocommerce-sales-countdown-timer-discount allows Reflected XSS.This issue affects Finale Lite: from n/a through = 2.20.0...

CVE-2025-49908

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...

CVE-2025-49908 WordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...

CVE-2025-49908

CVE-2025-49908 affects WPClever WPC Countdown Timer for WooCommerce (plugin: wpc-countdown-timer). Versions up to and including 3.1.4 suffer from improper input neutralization during web page generation, enabling Stored Cross-Site Scripting (XSS). Impact per the sources is stored XSS impacting us...

CVE-2025-49908 WordPress WPC Countdown Timer for WooCommerce plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPClever WPC Countdown Timer for WooCommerce wpc-countdown-timer allows Stored XSS.This issue affects WPC Countdown Timer for WooCommerce: from n/a through = 3.1.4...

CVE-2023-53728

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID...

DEBIAN-CVE-2023-53728

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID...

DEBIAN-CVE-2023-53725

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttctimerprobe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttctimerprobe warn: 'timerbaseaddr' from ofiomap not released on lines: 498,508,516. timerbaseaddr may...

CVE-2023-53725

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttctimerprobe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttctimerprobe warn: 'timerbaseaddr' from ofiomap not released on lines: 498,508,516. timerbaseaddr may...

DEBIAN-CVE-2022-50563

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

CVE-2022-50563

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

UBUNTU-CVE-2023-53727

In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 65536, fqpietimer is currently using too much time as syzbot reported. Add logic to yield the cpu every 2048 flows less than 150 usec on...

UBUNTU-CVE-2022-50563

In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to UAF, as follows: BUG: KASAN: use-after-free in runtimers+0x173/0x710 Write of size 8 at addr ffff88816d9490f0 by task swapper/0/0 Cal...

UBUNTU-CVE-2023-53712

In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c "smp: Warn on function calls from...

UBUNTU-CVE-2023-53725

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttctimerprobe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttctimerprobe warn: 'timerbaseaddr' from ofiomap not released on lines: 498,508,516. timerbaseaddr may...

CVE-2023-53728 posix-timers: Ensure timer ID search-loop limit is valid

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID...

CVE-2023-53728 posix-timers: Ensure timer ID search-loop limit is valid

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix timer ID by starting from the cached ID which was stored by the last successful allocation. This is done in a loop searching the ID...