CVE-2025-21900 NFSv4: Fix a deadlock when recovering state on a sillyrenamed file

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a deadlock when recovering state on a sillyrenamed file If the file is sillyrenamed, and slated for delete on close, it is possible for a server reboot to triggeer an open reclaim, with can again race with the...

WordPress WPC Smart Upsell Funnel for WooCommerce 3.0.4 Privilege Escalation

A missing authorization vulnerability in the WPC Smart Upsell Funnel for WooCommerce plugin versions through 3.0.4 allows authenticated users with minimal privileges e.g., subscriber to escalate their privileges by modifying arbitrary WordPress options via a vulnerable AJAX endpoint...

CVE-2025-2110

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on its on its AJAX functions in all versions up to, and including, 6.30.15. This makes it possible for authenticate...

PT-2025-12881 · WordPress · Wp Compress

Name of the Vulnerable Software and Affected Versions: WP Compress – Instant Performance & Speed Optimization plugin for WordPress versions up to, and including, 6.30.15 Description: The issue is related to missing capability checks on AJAX functions, allowing authenticated attackers with...

The vulnerability of the io_register_iowq_max_workers() function in the io_uring/io_uring.c module, an interface for asynchronous input/output in the Linux kernel, allows a attacker to trigger a service failure.

The vulnerability of the ioregisteriowqmaxworkers function in the iouring/iouring.c module, a component of the Linux kernel’s asynchronous input/output interface, is related to the occurrence of mutual locking. Exploiting this vulnerability could allow an attacker to trigger a service failure...

Unbreakable Enterprise kernel security update

5.4.17-2136.341.3.1 - Revert 'NFSD: Limit the number of concurrent async COPY operations' Sherry Yang Orabug: 37667080 5.4.17-2136.341.3 - iouring: fix possible deadlock in ioregisteriowqmaxworkers Hagar Hemdan Orabug: 37565787 - iouring/rw: fix missing NOWAIT check for ODIRECT start write Jens...

WordPress plugin Post Lockdown 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-13781

The Hero Maps Premium plugin for WordPress is vulnerable to SQL Injection via several AJAX actions in all versions up to, and including, 2.3.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

Linux Distros Unpatched Vulnerability : CVE-2023-31147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - c-ares is an asynchronous resolver library. When /dev/urandom or RtlGenRandom are unavailable, c-ares uses rand to generate random numbers used for DNS query id...

Linux Distros Unpatched Vulnerability : CVE-2022-0485

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the copying tool nbdcopy of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the...

Linux Distros Unpatched Vulnerability : CVE-2024-26643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: mark set as dead when unbinding anonymous set with timeout While the...

Linux Distros Unpatched Vulnerability : CVE-2023-52486

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm: Don't unref the same fb many times by mistake due to deadlock handling If we get a...

UBUNTU-CVE-2025-21811

In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references nilfslookupdirtydatabuffers, which iterates through the buffers attached to dirty data folios/pages, accesses the attached buffers without locking the folios/pages. For...

AZL-57772 CVE-2024-58002 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is written, we copy a pointer to the file handle that started the operation. That pointer will be used when the device is done. Which could be anytime in the future...

SUSE CVE-2022-49702

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix hang during unmount when block group reclaim task is running When we start an unmount, at closectree, if we have the reclaim task running and in the middle of a data block group relocation, we can trigger a deadlock wh...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from the media: uvcvideo module not clearing dangling pointers in asynchronous control...

UBUNTU-CVE-2022-49371

In the Linux kernel, the following vulnerability has been resolved: driver core: fix deadlock in deviceattach In deviceattach function, The lock holding logic is as follows: ... deviceattach devicelockdev // get lock dev asyncscheduledevdeviceattachasynchelper, dev; // func asyncschedulenode...

CVE-2022-49554 zsmalloc: fix races between asynchronous zspage free and page migration

In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending against page migration. Since pages which haven't yet been...

CVE-2022-49554

In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending against page migration. Since pages which haven't yet been...

CVE-2022-49554 zsmalloc: fix races between asynchronous zspage free and page migration

In the Linux kernel, the following vulnerability has been resolved: zsmalloc: fix races between asynchronous zspage free and page migration The asynchronous zspage free worker tries to lock a zspage's entire page list without defending against page migration. Since pages which haven't yet been...