PT-2025-6562 · WordPress · Actionwear Products Sync Plugin

Name of the Vulnerable Software and Affected Versions: Actionwear products sync plugin for WordPress versions up to, and including, 2.3.0 Description: The issue is due to the composer-setup.php file being publicly accessible with display errors set to true, allowing unauthenticated attackers to...

The vulnerability of components related to DRM, AMD, and display kernels in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of DRM/AMD/display cores in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow a hacker to cause service failures...

The vulnerability of Microsoft Edge browser, related to information representation errors in the user interface, allows attackers to perform spear-phishing attacks.

The vulnerability of Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spear-phishing attacks...

The vulnerability of the Microsoft Outlook for Android client, related to information representation errors in the user interface, allows a hacker to perform spear-phishing attacks.

The vulnerability of the Microsoft Outlook for Android client is related to information representation errors in the user interface. Exploiting this vulnerability can allow a remote attacker to perform spoofing attacks...

CVE-2025-25289

@octokit/request-error is an error class for Octokit request errors. Starting in version 1.0.0 and prior to version 6.1.7, a Regular Expression Denial of Service ReDoS vulnerability exists in the processing of HTTP request headers. By sending an authorization header containing an excessively long...

SUSE CVE-2023-1732

When sampling randomness for a shared secret, the implementation of Kyber and FrodoKEM, did not check whether crypto/rand.Read returns an error. In rare deployment cases error thrown by the Read function, this could lead to a predictable shared secret. The tkn20 and blindrsa components did not...

SUSE CVE-2024-47401

Mattermost versions 9.10.x = 9.10.2, 9.11.x = 9.11.1 and 9.5.x = 9.5.9 fail to prevent detailed error messages from being displayed in Playbooks which allows an attacker to generate a large response and cause an amplified GraphQL response which in turn could cause the application to crash by...

SUSE CVE-2025-1057

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas...

CVE-2024-31844

An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside a...

CPython 安全漏洞

CPython is a Python interpreter implemented in C from the Python Foundation. A security vulnerability exists in CPython that stems from the default use of user-writable file paths on Windows platforms, which could lead to memory errors or file type misclassification...

CVE-2023-5184

Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers...

Brocade SANnav encryption key is logged in the debug logs (CVE-2025-1053)

Under certain error conditions at time of Brocade SANnav installation or upgrade, the encryption key can be written into and obtained from a Brocade SANnav supportsave. An attacker with privileged access to the Brocade SANnav database could use the encryption key to obtain passwords used by Broca...

The vulnerability of the Windows operating system’s kernel, which allows a hacker to bypass existing security restrictions

The vulnerability of the Windows operating system’s kernel is related to access control errors. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions...

ROS-20250212-12

A vulnerability in the hbcairoglyphsfrombuffer function of the Harfbuzz text transformation library is related to the bounds errors in the hbcairoglyphsfrombuffer function in hb-cairo.cc. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code on the...

The vulnerability of the Kernel component in operating systems such as MacOs, iPadOS, iOS, watchOS, and tvOS allows attackers to elevate their privileges to a root level.

The vulnerability of the Kernel component in macOS, iPadOS, iOS, watchOS, and tvOS is related to permission handling errors. Exploiting this vulnerability can allow an attacker to elevate their privileges to a root level...

The vulnerability of the Contacts component in MacOS operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the Contacts component in MacOS operating systems is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

ROS-20250212-10

A vulnerability in the Python Babel library that helps internationalize and localize Python applications is associated with Input validation errors when processing directory traversal sequences in .dat locale files in Babel.Locale. Exploitation of the vulnerability could allow an attacker to...

ROS-20250212-02

Open Asset Import Library Assimp 3D model import library vulnerability is related to heap buffer overflow. heap buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability of OpenDDDLParser::parseStructure function of 3D models import...

Vulnerability of operating systems such as iOS, iPadOS, tvOS, MacOS, watchOS, and visionOS, due to errors in state management, allows attackers to gain unauthorized access to protected information.

The vulnerabilities of operating systems such as iOS, iPadOS, tvOS, macOS, watchOS, and visionOS are related to state management errors. Exploiting these vulnerabilities can allow a malicious actor to gain access to confidential information...

The vulnerability of the Linux operating system’s kernel, related to synchronization errors, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to synchronization errors. Exploiting this vulnerability can allow an attacker to cause a service failure...