CVE-2025-10498

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.12.0. This is due to missing or incorrect nonce validation when exporting CSV files. This makes it possible for unauthenticated...

CVE-2025-10498

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.12.0. This is due to missing or incorrect nonce validation when exporting CSV files. This makes it possible for unauthenticated...

CVE-2025-10498 Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File Deletion

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.12.0. This is due to missing or incorrect nonce validation when exporting CSV files. This makes it possible for unauthenticated...

CVE-2025-10498

CVE-2025-10498 affects Ninja Forms for WordPress (

PT-2025-39705

Name of the Vulnerable Software and Affected Versions Ninja Forms – The Contact Form Builder That Grows With You versions prior to 3.12.1 Description The software is susceptible to Cross-Site Request Forgery CSRF due to inadequate nonce validation when exporting CSV files. This allows...

Improper Handling of Undefined Values

Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Improper Handling of Undefined Values in the torch.cummin component when compiling a model with Inductor. An attacker can cause the application to cra...

CVE-2025-47328

Transient DOS while processing power control requests with invalid antenna or stream values...

CVE-2025-47328 Buffer Over-read in WLAN HAL

Transient DOS while processing power control requests with invalid antenna or stream values...

CVE-2025-47328

CVE-2025-47328 describes a transient Denial of Service in Qualcomm WLAN HAL caused by processing power control requests with invalid antenna or stream values. The issue affects Qualcomm closed‑source WLAN components and is associated with a high 7.5 CVSSv3.1 base score (Network attack, low comple...

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to form-data-4.0.3.tgz CVE-2025-7783

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to form-data-4.0.3.tgz CVE-2025-7783. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in...

PT-2025-39284

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A temporary denial-of-service condition can occur when processing power control requests that contain invalid antenna or stream values. Recommendations At the moment, there is no information about a...

Security Bulletin: IBM Watsonx BI is affected by use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP).

Summary Watsonx BI use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for August 2025.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF006, 24.0.1-IF004 and 25.0.0-IF001. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random...

CVE-2025-59799

Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...

CVE-2025-57396

Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation. This is due to the rework of the API, which resulted in the User Profile API Endpoint containing two boolean values indicating whether a user is staff or administrative. Consequently, any user can escala...

CVE-2022-50403

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

CVE-2022-50403

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-50403

In the Linux kernel, the following vulnerability has been resolved: ext4: fix undefined behavior in bit shift for ext4checkflagvalues Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds i...

CVE-2022-50403

CVE-2022-50403 is documented in connected advisories as a kernel/ext4 issue: undefined behavior in a bit-shift check within ext4_check_flag_values. Red Hat RHSA-2025-23947 (RHEL 7 kernel) and RHSA-2025-23445 (RHEL 8 kernel) enumerate this CVE among security fixes for the kernel. Affected componen...

PT-2025-38481

Name of the Vulnerable Software and Affected Versions Dover Fueling Solutions ProGauge MagLink LX4 Devices affected versions not specified Description ProGauge MagLink LX4 devices are susceptible to a time-based issue where they fail to correctly handle Unix time values exceeding a specific point...