kernel: sctp: linearize cloned gso packets in sctp_rcv

A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...

CVE-2025-41115 Incorrect privilege assignment

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user...

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

Threat actors with ties to Iran engaged in cyber warfare as part of efforts to facilitate and enhance physical, real-world attacks, a trend that Amazon has called cyber-enabled kinetic targeting. The development is a sign that the lines between state-sponsored cyber attacks and kinetic warfare ar...

TencentOS Server 4: apache-commons-beanutils (TSSA-2025:0562)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0562 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

SonicOS SSLVPN Pre-Auth Stack-Based Buffer Overflow Vulnerability

A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service DoS, which could cause an impacted firewall to crash.SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a PoC have been made...

EUVD-2025-198142

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 4.13.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2025-13206

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 4.13.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2025-13206

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 4.13.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2025-13206

CVE-2025-13206 affects the WordPress GiveWP – Donation Plugin and Fundraising Platform. The vulnerability is a stored cross-site scripting flaw in the name parameter present in all versions up to and including 4.13.0, caused by insufficient input sanitization and output escaping. It allows unauth...

CVE-2025-13206 GiveWP - Donation Plugin and Fundraising Platform <= 4.13.0 - Unauthenticated Stored Cross-Site Scripting via 'name'

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 4.13.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

CVE-2025-13319

An injection vulnerability has been discovered in the API feature in Digi On-Prem Manager, enabling an attacker with valid API tokens to inject SQL via crafted input. The API is not enabled by default, and a valid API token is required to perform the attack...

CVE-2025-13319

Digi On-Prem Manager API is affected by an authenticated SQL injection vulnerability (CVE-2025-13319). An attacker with valid API tokens can inject SQL via crafted input; the API is not enabled by default. CVSS 3.1 base score 8.8 (HIGH) with impact to confidentiality, integrity, and availability....

PrivateBin vulnerable to malicious filename use for self-XSS / HTML injection locally for users

Summary Dragging a file whose filename contains HTML is reflected verbatim into the page via the drag-and-drop helper, so any user who drops a crafted file on PrivateBin will execute arbitrary JavaScript within their own session self-XSS. This allows an attacker who can entice a victim to drag or...

CVE-2025-64711

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Starting in version 1.7.7 and prior to version 2.0.3, dragging a file whose filename contains HTML is reflected verbatim into the page via the drag-and-drop helper, so any user who drops a crafted file on...

CVE-2025-64711 PrivateBin vulnerable to malicious filename use for self-XSS / HTML injection locally for users

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Starting in version 1.7.7 and prior to version 2.0.3, dragging a file whose filename contains HTML is reflected verbatim into the page via the drag-and-drop helper, so any user who drops a crafted file on...

PT-2025-49089

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the SCSI subsystem, specifically in the sg module. The sg finish rem req function calls blk rq unmap user, which can potentially lead to sleeping...

kernel: sctp: linearize cloned gso packets in sctp_rcv

A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990801)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990801 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process...

CVE-2025-42885 Missing authentication in SAP HANA 2.0 (hdbrss)

Due to missing authentication, SAP HANA 2.0 hdbrss allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. As a result, it has a low impact on the confidentiality but no impact on the integrity and availability of the system...

CVE-2025-46413

Use of password hash with insufficient computational effort issue exists in BUFFALO Wi-Fi router 'WSR-1800AX4 series'. When WPS is enabled, PIN code and/or Wi-Fi password may be obtained by an attacker...