Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then successfully allocates a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in the...

UBUNTU-CVE-2025-71240

SPIP before 4.2.15 allows Cross-Site Scripting XSS via crafted content in HTML code tags. The application does not properly verify JavaScript within code tags, allowing an attacker to inject malicious scripts that execute in a victim's browser...

WordPress QR Code for WooCommerce order emails, PDF invoices, packing slips plugin <= 1.9.42 - Authenticated (Contributor+) Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Cross-Site Scripting via Shortcode Attributes vulnerability discovered by WordFence in WordPress Plugin QR Code Tag for WC versions = 1.9.42...

EUVD-2025-203697

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...

CVE-2025-68199

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...

UBUNTU-CVE-2025-68199

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...

CVE-2025-68199

Mode C: The CVE-2025-68199 entry concerns the Linux kernel, where an issue in the slab allocator (mm/slub.c) arises when free_slab_obj_exts() encounters slabobj_exts already set to CODETAG_EMPTY instead of NULL. The root cause is that, after a failed then later successful alloc_slab_obj_exts(), o...

CVE-2025-68199 codetag: debug: handle existing CODETAG_EMPTY in mark_objexts_empty for slabobj_ext

In the Linux kernel, the following vulnerability has been resolved: codetag: debug: handle existing CODETAGEMPTY in markobjextsempty for slabobjext When allocslabobjexts fails and then later succeeds in allocating a slab extension vector, it calls handlefailedobjextsalloc to mark all objects in t...

PT-2025-51612

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc1+ Description The Linux kernel contains a flaw related to the handling of CODETAG EMPTY in the mark objexts empty function for slab object extensions. Specifically, when a slab extension vector allocati...

EUVD-2023-57866

Malicious code in bioql PyPI...

EUVD-2025-9781

Malicious code in bioql PyPI...

MAL-2025-41407 Malicious code in spelunker-agent (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-5233 Malicious code in nitro-contracts (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fcfdc095311c01986f57ec3730d8e3600f3c83ffb5fc23c500a51eed38ea048d Any computer that has this package installed or running should be considered...

CVE-2023-5567

The QR Code Tag plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'qrcodetag' shortcode in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

MAL-2025-3291 Malicious code in quaoqpdizoqsqdqsd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f1f9340c89842abcbd40ae92859a72850ca38d95401add0c0bf3591b5ab8e8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-32268

Cross-Site Request Forgery CSRF vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through = 1.9.42...

CVE-2025-32268

Cross-Site Request Forgery CSRF vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through = 1.9.42...

CVE-2025-32268 WordPress QR Code Tag for WC plugin <= 1.9.42 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through = 1.9.42...

CVE-2025-32268 WordPress QR Code Tag for WC plugin <= 1.9.42 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in www.15.to QR Code Tag for WC qr-code-tag-for-wc-from-goaskle-com allows Cross Site Request Forgery.This issue affects QR Code Tag for WC: from n/a through = 1.9.42...

CVE-2025-32268

Technical details about CVE-2025-32268 are not publicly provided in the supplied documents. No confirmed affected products, versions, or fixes are disclosed here. Monitor for official advisories and updates.