FreeBSD -- blocklistd(8) socket leak

Problem Description: Due to a programming error, blocklistd leaks a socket descriptor for each adverse event report it receives. Once a certain number of leaked sockets is reached, blocklistd becomes unable to run the helper script: a child process is forked, but this child dereferences a null...

CVE-2025-13363

CVE-2025-13363 concerns the IMAQ CORE WordPress plugin. According to Wordfence, versions up to and including 1.2.1 are vulnerable to a Cross-Site Request Forgery (CSRF) due to missing nonce validation on the URL structure settings update function. This enables unauthenticated attackers to modify ...

AMD System Management Unit(SMU) 缓冲区错误漏洞

The AMD System Management Unit SMU is a system management unit at UltraMicroelectronics AMD. A security vulnerability exists in the AMD System Management Unit SMU that stems from insufficient bind checking and could allow an attacker to update the sender/receiver address space to an invalid value...

PT-2020-13033 · Xt · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 5.1 through 6.2.2 Description: The issue allows remote authenticated users to manipulate the id field in the POST request for altering an address, enabling them to zero out other users' stored addresses. Recommendations:...