eLabFTW 跨站脚本漏洞

eLabFTW is an open source experimental data hosting platform from eLabFTW Open Source. The platform runs on Linux and supports storing a wide range of objects. A cross-site scripting vulnerability exists in eLabFTW that stems from SVG file inline services not being handled correctly, which could...

Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C

Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence, and dynamically control malware...

Linux Distros Unpatched Vulnerability : CVE-2023-53702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 crypto: s390 - add crypto library interface for ChaCha20 added a library...

Linux Distros Unpatched Vulnerability : CVE-2025-40009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/proc/taskmmu: check p-vecbuf for NULL When the PAGEMAPSCAN ioctl is invoked with veclen = 0 reaches pagemapscanbackoutrange, kernel panics with null-ptr-dere...

Linux Distros Unpatched Vulnerability : CVE-2023-53713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicat...

[SECURITY] Fedora 43 Update: qt5-qtsvg-5.15.17-3.fc43

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices...

[SECURITY] Fedora 41 Update: qt5-qtsvg-5.15.17-2.fc41

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices...

WordPress plugin Jeg Kit for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

Security update for poppler

This update for poppler fixes the following issues: CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is resized...

SUSE-SU-2025:3779-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2025-43718: fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files bsc1250908 - CVE-2025-52885: improved pointer handling that could have led to dangling pointers when the vector is...

CVE-2025-9158 Stored XSS in Request Tracker

The Request Tracker software is vulnerable to a Stored XSS vulnerability in calendar invitation parsing feature, which displays invitation data without HTML sanitization. XSS vulnerability allows an attacker to send a specifically crafted e-mail enabling JavaScript code execution by displaying th...

CVE-2025-9978 Jeg Elementor Kit < 2.7.0 - Author+ Stored XSS

The Jeg Kit for Elementor WordPress plugin before 2.7.0 does not sanitize SVG file contents when uploaded via xmlrpc.php, leading to a cross site scripting vulnerability...

CVE-2025-9978

CVE-2025-9978 affects the Jeg Kit for Elementor WordPress plugin prior to 2.7.0. The vulnerability arises because SVG file contents are not sanitized when uploaded via xmlrpc.php, enabling cross-site scripting (XSS). Multiple sources corroborate the issue and specify the vulnerable version range ...

SUSE CVE-2023-53713

In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the SVE state in...

PT-2025-43583

Name of the Vulnerable Software and Affected Versions Jeg Kit for Elementor WordPress plugin versions prior to 2.7.0 Description The Jeg Kit for Elementor WordPress plugin does not properly sanitize SVG file contents when uploaded through the xmlrpc.php file, which can result in a cross-site...

EUVD-2025-35632

binaryvecio access memory out-of-bounds in binaryreadtoref and binarywritefromref...

DEBIAN-CVE-2023-53702

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 "crypto: s390 - add crypto library interface for ChaCha20" added a library interface to the s390 specific ChaCha20 implementation. However no...

CVE-2023-53702

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 "crypto: s390 - add crypto library interface for ChaCha20" added a library interface to the s390 specific ChaCha20 implementation. However no...

UBUNTU-CVE-2023-53702

In the Linux kernel, the following vulnerability has been resolved: s390/crypto: use vector instructions only if available for ChaCha20 Commit 349d03ffd5f6 "crypto: s390 - add crypto library interface for ChaCha20" added a library interface to the s390 specific ChaCha20 implementation. However no...

UBUNTU-CVE-2023-53713

In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 and 256 bits in size depending upon the configured vector length. When saving the SVE state in...