434 matches found
SUSE CVE-2026-22997
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...
CVE-2026-22976
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This happens whe...
CVE-2026-22976
CVE-2026-22976 affects the Linux kernel’s net/sched sch_qfq, where two qfq_class objects can reference the same leaf_qdisc. In certain teardown paths (e.g., when a qdisc is pending destruction via tc_new_tfilter and another qdisc is root-attached), a shared leaf_qdisc may have q.qlen > 0 while...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003642)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003642 advisory. A NULL pointer dereference vulnerability in the function nfcgenldeactivatetarget in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicio...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000299)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000299 advisory. A NULL pointer dereference vulnerability in the function nfcgenldeactivatetarget in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicio...
EUVD-2023-60338
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: dropping parent refcount after pdfreefn is done Some cgroup policies will access parent pd through child pd even after pdofflinefn is done. If pdfreefn for parent is called before child, then UAF can be triggered. Hen...
CVE-2025-12091
The Search, Filters & Merchandising for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcissaveemail' endpoint in all versions up to, and including, 3.0.67. This makes it possible for authenticated attackers, with...
CVE-2025-12892
The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...
CVE-2025-12892
The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...
CVE-2025-12892 Survey Maker <= 5.1.9.4 - Missing Authorization Unauthenticated Limited Option Update
The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...
EUVD-2025-150408
The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivatepluginoption function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the...
PT-2025-46781
Name of the Vulnerable Software and Affected Versions Survey Maker plugin for WordPress versions up to and including 5.1.9.4 Description The software is susceptible to unauthorized data modification. This is due to a missing capability check within the deactivate plugin option function. This allo...
WordPress plugin Survey Maker 安全漏洞
WordPress Survey Maker plugin is a tool for creating questionnaires with support for multiple question types and data analysis features for businesses or individuals to collect user feedback. WordPress Survey Maker plugin suffers from a missing capability check vulnerability, which stems from a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989362)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989362 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The conclusion j1939sessiondeactivate...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989711)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989711 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix errant WARNONONCE in j1939sessiondeactivate The conclusion j1939sessiondeactivate...
Siemens SIMATIC Devices Use After Free (CVE-2024-43830)
In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by the activate callback and freed by the deactivat...
EUVD-2025-35906
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the postdeactive function and postactivate function in all versions up to, and including, 4.8.4...
CVE-2025-11888 ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution <= 4.8.4 - Incorrect Authorization to Authenticated (Editor+) License Status Update
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the postdeactive function and postactivate function in all versions up to, and including, 4.8.4...
EUVD-2023-60028
In the Linux kernel, the following vulnerability has been resolved: media: max9286: Fix memleak in max9286v4l2register There is a kmemleak when testing the media/i2c/max9286.c with bpf mock device: kmemleak: 5 new suspected memory leaks see /sys/kernel/debug/kmemleak unreferenced object...