OESA-2025-2621 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \ Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \ the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: An issue...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990540)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990540 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989389 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990310)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990310 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: prevent potential spectre v1 gadget in ipmetricsconvert if !type continue; if type RTAXMAX...

CVE-2025-62911

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Content Rock Convert rock-convert allows Stored XSS.This issue affects Rock Convert: from n/a through = 3.0.1...

EUVD-2025-36028

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Content Rock Convert rock-convert allows Stored XSS.This issue affects Rock Convert: from n/a through = 3.0.1...

CVE-2025-62911

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Content Rock Convert rock-convert allows Stored XSS.This issue affects Rock Convert: from n/a through = 3.0.1...

CVE-2025-62911 WordPress Rock Convert plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Content Rock Convert rock-convert allows Stored XSS.This issue affects Rock Convert: from n/a through = 3.0.1...

CVE-2025-62911

CVE-2025-62911 is a stored XSS vulnerability in the WordPress Rock Convert plugin (rock-convert), caused by improper neutralization of input during web page generation. The issue affects Rock Convert versions from n/a up to and including 3.0.1. The CVSS base score is 5.4 (AV:N/AC:L/PR:L/UI:R/S:C/...

CVE-2025-62911 WordPress Rock Convert plugin <= 3.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Content Rock Convert rock-convert allows Stored XSS.This issue affects Rock Convert: from n/a through = 3.0.1...

PT-2025-43789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Content Rock Convert rock-convert allows Stored XSS.This issue affects Rock Convert: from n/a through = 3.0.1...

WordPress plugin Rock Convert 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

MAL-2025-48574 Malicious code in mender-convert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 287b36200e3e3bfaa56b44307f2cbc3f2deb931d055cfeb21ea49720e9dd9735 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in mender-convert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 287b36200e3e3bfaa56b44307f2cbc3f2deb931d055cfeb21ea49720e9dd9735 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-35759

Malicious code in mender-convert npm...

Malicious Package

Overview mender-convert is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

DEBIAN-CVE-2025-60751

GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987709 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix race condition between ext4write and ext4convertinlinedata Hulk Robot reported a BUGON:...

CVE-2025-60312

Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cross-Site Scripting XSS in the "Markdown Input" field, allowing a remote attacker to inject arbitrary HTML/JavaScript code that executes in the victim's browser upon clicking the "Convert to HTML" button...

EUVD-2017-3151

Malware in sbrugna...