EUVD-2025-35357

The All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0 via the 'aiotimeclocklitejs' AJAX action due to missing validation on a user controlled key. This makes it...

WordPress All in One Time Clock Lite plugin <= 2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Clocking In/Out vulnerability

Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Clocking In/Out vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin All in One Time Clock Lite versions = 2.0...

WordPress plugin All in One Time Clock Lite 安全漏洞

WordPress All in One Time Clock Lite plugin is a plugin for tracking employee attendance and supports employee/volunteer/contractor punch record management. The WordPress All in One Time Clock Lite plugin suffers from an insecure direct object reference vulnerability that stems from the applicati...

PT-2025-43126

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the ttc timer probe function within the cadence-ttc timer driver. The timer baseaddr resource, obtained through of iomap, was not consistently...

ROS-20251022-05

Vulnerability of the mtkclksimpleprobe function of the drivers/clk/mediatek/clk-mtk.c module of the drivers/clk/mediatek/clk-mtk.c kernel of the Linux operating system is related to insufficient blocking of the resource. Linux kernel is related to insufficient resource locking. Exploitation of th...

EUVD-2022-54846

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2lwdt: Fix 'BUG: Invalid wait context' This patch fixes the issue 'BUG: Invalid wait context' during restart callback by using clkprepareenable instead of pmruntimegetsync for turning on the clocks during restart. Th...

EUVD-2022-55037

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms to support M/N as 2/3 and the final D value calculated results in underflow errors. As the curren...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987549 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: ti: Fix missing sentinel for clkdivtable gettablemaxdiv tries to access clkdivtable array ou...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987607)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987607 advisory. In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987683 advisory. In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix struct clk leak on probe errors Make sure to release the pipe clock reference ...

PT-2025-51585

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the crypto/aspeed module where a double free issue can occur due to improper clock management with devm clk get enabled. Specifically, the clock...

PT-2025-51628

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to the cleanup of Precision Time Protocol PTP resources when a driver is removed, particularly in error scenarios. The problem arises from...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708...

SUSE-SU-2025:03633-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. -...

SUSE-SU-2025:20862-1 Security update for chrony

This update for chrony fixes the following issues: - Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

kernel: drm/amd/display: clear optc underflow before turn off odm clock

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock Why After ODM clock off, optc underflow bit will be kept there always and clear not work. We need to clear that before clock off. How Clear that if have when clock o...

SUSE-SU-2025:20846-1 Security update for chrony

This update for chrony fixes the following issues: - Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

Security update for chrony

This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

Linux Distros Unpatched Vulnerability : CVE-2022-50523

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clk: rockchip: Fix memory leak in rockchipclkregisterpll If clkregister fails, @pll-ratetable may have allocated memory by kmemdup, so it needs to be freed,...

Linux Distros Unpatched Vulnerability : CVE-2025-39954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was...