CVE-2025-9457

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-9452

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to disable KASAN checks for non-current tasks in the riscv stack trace, which could lead to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly referenced currentstate, which could cause the kernel to crash...

Autodesk Shared Components 安全漏洞

Autodesk Shared Components is a component of Autodesk USA. A security vulnerability exists in Autodesk Shared Components that originates from a memory corruption when parsing a specially crafted CATPART file, which could lead to the execution of arbitrary code in the current process...

PT-2025-51574

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to stack unwinding and Kernel Address Sanitizer KASAN checks. When unwinding the stack of a task other than the current task, KASAN may...

Linux Distros Unpatched Vulnerability : CVE-2025-68196

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Cache streams targeting link when performing LT automation WHY Last LT automation update can cause crash by referencing currentstate and callin...

Linux Distros Unpatched Vulnerability : CVE-2025-40358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - riscv: stacktrace: Disable KASAN checks for non-current tasks Unwinding the stack of a task other than current, KASAN would report BUG: KASAN: out-of-bounds in...

PT-2025-51609

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM/AMD/display component related to stream caching during Link Training LT automation. A recent update to LT automation could cause a crash by...

CVE-2025-9457

A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-9452

A maliciously crafted SLDPRT file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

PT-2025-51329

Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed MODEL file can cause a memory corruption issue when processed by certain Autodesk products. A malicious actor could potentially use this issue to run code witho...

PT-2025-51343

Name of the Vulnerable Software and Affected Versions Autodesk products affected versions not specified Description A specially designed SLDPRT file can cause a memory corruption issue when processed by certain Autodesk products. A malicious actor could potentially use this to run arbitrary code...

CVE-2025-13320

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

WordPress WP User Manager plugin <= 2.9.12 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' Parameter vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via 'currentuseravatar' Parameter vulnerability discovered by YCInfosec in WordPress Plugin WP User Manager versions = 2.9.12...

CVE-2025-13320

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

EUVD-2025-202983

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filterinp...

CVE-2025-13320

CVE-2025-13320 : WP User Manager for WordPress is vulnerable to Authenticated Arbitrary File Deletion via the current_user_avatar parameter in profile updates. The issue arises from insufficient validation of user-supplied file paths and improper handling of array inputs in PHP, enabling attacker...

PT-2025-50815

The WP User Manager plugin for WordPress is vulnerable to Arbitrary File Deletion in all versions up to, and including, 2.9.12. This is due to insufficient validation of user-supplied file paths in the profile update functionality combined with improper handling of array inputs by PHP's filter...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.6.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...