CVE-2025-37754

CVE-2025-37754 affects the Linux kernel i915 HuC path: HuC delayed loading fence was registered in the object tracker during probe but is not unregistered on early-probe errors. Because memory is allocated under devres and later released, the fence can be allocated and reused on subsequent probes...

CVE-2025-37754 drm/i915/huc: Fix fence not released on early probe errors

In the Linux kernel, the following vulnerability has been resolved: drm/i915/huc: Fix fence not released on early probe errors HuC delayed loading fence, introduced with commit 27536e03271da "drm/i915/huc: track delayed HuC load with a fence", is registered with object tracker early on driver pro...

WordPress Optimole plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress plugin Optimole version 3.3.2 has a cross-site scripting vulnerability that stems from the failure of image optimization and...

WordPress plugin Optimole 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress plugin Optimole version 3.3.2 has a cross-site scripting vulnerability that stems from the failure of image optimization and...

WebKit: UXSS via a focus event and a link element (CVE-2017-2479)

This is somewhat similar to https://crbug.com/663476. Here's a snippet of Container::replaceAllChildren. while RefPtr child = mfirstChild removeBetweennullptr, child-nextSibling, child; notifyChildNodeRemovedthis, child; If the location hash value is set, the page will give focus to the associate...