CVE-2022-50382 padata: Always leave BHs disabled when running ->parallel()

In the Linux kernel, the following vulnerability has been resolved: padata: Always leave BHs disabled when running -parallel A deadlock can happen when an overloaded system runs -parallel in the context of the current task: padatadoparallel -parallel pcryptaeadenc/dec padatadoserial...

Slackware: Security Advisory (SSA:2025-260-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2025-260-02)

The version of mozilla-firefox installed on the remote host is prior to 140.3.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-260-02 advisory. New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Tenable has...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-140.3.0esr-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: ipatches/packages/mozilla-firefox-140.3.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

[slackware-security] expat

New expat packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.7.2-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Disallow use of disproportional amounts of dynamic memor...

Ashlar-Vellum Graphite 安全漏洞

Ashlar-Vellum Graphite is a CAD modeling software from Ashlar-Vellum. Ashlar-Vellum Graphite suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in the context of the current process...

UBUNTU-CVE-2023-53215

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in settaskcpu like below: ------------ cut here ------------...

CVE-2023-53215 sched/fair: Don't balance task to its current running CPU

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in settaskcpu like below: ------------ cut here ------------...

CVE-2023-53215

CVE-2023-53215 affects the Linux kernel sched/fair component. The issue occurs when the load balancer tries to migrate a task that is migration-disabled to its current CPU, triggering a warning in set_task_cpu() during balance. The root cause is how the new_dst_cpu is selected from env->dst_gr...

CVE-2023-53215 sched/fair: Don't balance task to its current running CPU

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration disabled task and trigger the warning in settaskcpu like below: ------------ cut here ------------...

Slackware: Security Advisory (SSA:2025-255-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered

...

CVE-2025-8570

The BeyondCart Connector plugin for WordPress (versions 1.4.2 through 2.1.0) is affected by Privilege Escalation due to improper JWT secret management and authorization in the determine_current_user filter. This allows unauthenticated attackers to craft valid JWTs and impersonate any user (includ...

CVE-2025-8570 BeyondCart Connector <= 2.1.0 - Missing Configuration of JWT Secret to Unauthenticated Privilege Escalation via determine_current_user Filter

The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to improper JWT secret management and authorization within the determinecurrentuser filter in versions 1.4.2 through 2.1.0. This makes it possible for unauthenticated attackers to craft valid tokens and assume...

Malicious Package

Overview @oneaudi/current-carline-service is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

CVE-2025-10245

A security flaw has been discovered in Display Painéis TGA up to 7.1.41. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument currentfolder results in path traversal. The exploit has been released to the...

CVE-2025-10245

CVE-2025-10245 affects Display Painéis TGA up to version 7.1.41. The flaw is in the Galeria Page’s /gallery/rename where manipulating the current_folder argument causes a path traversal. An exploit has been publicly released; vendor did not respond. Mitigation: upgrade to a version beyond 7.1.41,...

CVE-2025-10245 Display Painéis TGA Galeria rename path traversal

A security flaw has been discovered in Display Painéis TGA up to 7.1.41. Affected by this issue is some unknown functionality of the file /gallery/rename of the component Galeria Page. The manipulation of the argument currentfolder results in path traversal. The exploit has been released to the...

Adobe Premiere Pro Memory Misreference Vulnerability

Adobe Premiere Pro is a set of non-linear editing video editing software from the American company Audobee Adobe. A memory misreference vulnerability exists in Adobe Premiere Pro, which can be exploited by an attacker to cause arbitrary code to be executed in the current user environment...