Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003397)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003397 advisory. The ext4iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero ilinkscount, which allows attackers ...

WordPress ProfilePress plugin < 4.15.15 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin ProfilePress versions 4.15.15...

PT-2024-16336 · WordPress · Paid Membership Plugin

Name of the Vulnerable Software and Affected Versions: Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin versions prior to 4.15.15 Description: The issue concerns the Paid Membership Plugin's failure to sanitise and escape some...

PT-2018-1243 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.15.15 Description: The issue is related to the ext4 iget function in the Linux kernel, which mishandles a specific case involving a root directory with a zero i links count. This can be exploited by attackers t...

PT-2018-1240 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.15.15 Description: The issue is related to the ext4 xattr check entries function in the Linux kernel, which does not properly validate xattr sizes. This causes misinterpretation of a size as an error code,...