CVE-2025-60331

D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCUSHELL endpoint. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

EUVD-2025-35476

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Globalis MultiSite Clone Duplicator multisite-clone-duplicator allows Reflected XSS.This issue affects MultiSite Clone Duplicator: from n/a through = 1.5.3...

CVE-2025-60331

D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCUSHELL endpoint. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-52760

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Globalis MultiSite Clone Duplicator multisite-clone-duplicator allows Reflected XSS.This issue affects MultiSite Clone Duplicator: from n/a through = 1.5.3...

CVE-2025-52760

CVE-2025-52760 is a reflected Cross-Site Scripting (XSS) vulnerability in the WordPress plugin MultiSite Clone Duplicator (versions

CVE-2025-52760 WordPress MultiSite Clone Duplicator plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Globalis MultiSite Clone Duplicator multisite-clone-duplicator allows Reflected XSS.This issue affects MultiSite Clone Duplicator: from n/a through = 1.5.3...

CVE-2025-52760 WordPress MultiSite Clone Duplicator plugin <= 1.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Globalis MultiSite Clone Duplicator multisite-clone-duplicator allows Reflected XSS.This issue affects MultiSite Clone Duplicator: from n/a through = 1.5.3...

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024170 fixes several issues. The following security issues were fixed: CVE-2025-38678: netfilter: nftables: reject duplicate device on updates bsc1249534. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns...

WordPress plugin MultiSite Clone Duplicator 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

JLSEC-2025-183 An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0

An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...

Security update for the Linux Kernel (Live Patch 71 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122269 fixes several issues. The following security issues were fixed: CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free bsc1250302. CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-38644:...

SUSE-SU-2025:3703-1 Security update for the Linux Kernel (Live Patch 71 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122269 fixes several issues. The following security issues were fixed: - CVE-2022-50386: Bluetooth: L2CAP: Fix user-after-free bsc1250302. - CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. -...

SUSE SLES12 Security Update : kernel (Live Patch 61 for SLE 12 SP5) (SUSE-SU-2025:03653-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03653-1 advisory. This update for the Linux Kernel 4.12.14-122231 fixes several issues. The following security issues were fixed: - CVE-2022-50386: Bluetooth:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

SUSE SLES15 Security Update : kernel (Live Patch 34 for SLE 15 SP4) (SUSE-SU-2025:3679-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3679-1 advisory. This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: - CVE-2025-38678: netfilte...

SUSE SLES12 Security Update : kernel (Live Patch 60 for SLE 12 SP5) (SUSE-SU-2025:03652-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03652-1 advisory. This update for the Linux Kernel 4.12.14-122228 fixes several issues. The following security issues were fixed: - CVE-2022-50386: Bluetooth:...

SUSE SLES12 Security Update : kernel (Live Patch 62 for SLE 12 SP5) (SUSE-SU-2025:03656-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03656-1 advisory. This update for the Linux Kernel 4.12.14-122234 fixes several issues. The following security issues were fixed: - CVE-2022-50386: Bluetooth:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987594)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987594 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: fix unexpected zeroed page mapping with zram swap Two processes under CLONEVM cloning, user...

Security update for the Linux Kernel (Live Patch 51 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059185 fixes several issues. The following security issues were fixed: CVE-2025-38499: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns bsc1248673. CVE-2025-21971: netsched: Prevent creation of classes with TCHROOT bsc1245794...

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign

Cybersecurity researchers have uncovered a coordinated campaign that leveraged 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome to spam Brazilian users at scale. The 131 spamware extensions share the same codebase, design patterns, and infrastructure, according to...