CVE-2025-58641 WordPress Exit Intent Popup Plugin <= 1.0.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in kamleshyadav Exit Intent Popup exitintentpopup allows Server Side Request Forgery.This issue affects Exit Intent Popup: from n/a through = 1.0.1...

CVE-2025-58641 WordPress Exit Intent Popup Plugin <= 1.0.1 - Server Side Request Forgery (SSRF) Vulnerability

Server-Side Request Forgery SSRF vulnerability in kamleshyadav Exit Intent Popup exitintentpopup allows Server Side Request Forgery.This issue affects Exit Intent Popup: from n/a through = 1.0.1...

CVE-2025-58641

CVE-2025-58641 – WordPress Exit Intent Popup SSRF A SSRF vulnerability exists in the kamleshyadav Exit Intent Popup WordPress plugin for versions

PT-2025-35769

Name of the Vulnerable Software and Affected Versions: kamleshyadav Exit Intent Popup versions n/a through 1.0.1 Description: A Server-Side Request Forgery SSRF vulnerability exists in kamleshyadav Exit Intent Popup. This issue allows attackers to perform Server Side Request Forgery...

WordPress plugin Exit Intent Popup 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

PT-2025-51590

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the cpufreq/longhaul component. Specifically, the longhaul exit function calls cpufreq cpu get0 without verifying if the policy pointer is NULL...

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

Ilevia EVE X1/X5 Server versions 4.7.18.0.eden and below construct a shell command using unsanitized user input passed to the system function, calling an external binary for authentication. Due to improper input handling and reliance on the binary's return value for access control, an attacker ca...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass Exploit

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

UBUNTU-CVE-2025-38671

In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...

CVE-2025-38671

CVE-2025-38671 affects the Linux kernel i2c: qup driver. Root cause: timeout handling only set a return value and did not exit the loop when a client keeps the bus active, enabling kernel hang (observed with PCA953x GPIO extender). Fix: change the logic to return via -ETIMEDOUT, jumping out of th...

CVE-2025-38671 i2c: qup: jump out of the loop in case of timeout

In the Linux kernel, the following vulnerability has been resolved: i2c: qup: jump out of the loop in case of timeout Original logic only sets the return value but doesn't jump out of the loop if the bus is kept active by a client. This is not expected. A malicious or buggy i2c client can hang th...

CVE-2024-58239

In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...

Astra Linux - уязвимость в openvpn

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session...

Linux Distros Unpatched Vulnerability : CVE-2025-38404

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lo...

CVE-2023-32246 ksmbd: call rcu_barrier() in ksmbd_server_exit()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call rcubarrier in ksmbdserverexit racy issue is triggered the bug by racing between closing a connection and rmmod. In ksmbd, rcubarrier is not called at module unload time, so nothing prevents ksmbd from getting unloaded...

Linux Distros Unpatched Vulnerability : CVE-2025-38424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf: Fix sample vs doexit Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access...

SUSE SLES15 / openSUSE 15 Security Update : iperf (SUSE-SU-2025:02749-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02749-1 advisory. - update to 3.19.1: CVE-2025-54351: Fixed buffer overflow in net.c bsc1247522 CVE-2025-54350: Fixed Base64Decode assertion failu...

Security update for iperf

This update for iperf fixes the following issues: update to 3.19.1: CVE-2025-54351: Fixed buffer overflow in net.c bsc1247522 CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt bsc1247520 CVE-2025-54349: Fixed off-by-one error and...

SUSE-SU-2025:02749-1 Security update for iperf

This update for iperf fixes the following issues: - update to 3.19.1: CVE-2025-54351: Fixed buffer overflow in net.c bsc1247522 CVE-2025-54350: Fixed Base64Decode assertion failure and application exit upon a malformed authentication attempt bsc1247520 CVE-2025-54349: Fixed off-by-one error and...

Linux Distros Unpatched Vulnerability : CVE-2021-47357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: iphase: fix possible use-after-free in iamoduleexit This module's remove path calls deltimer. However, that function does not wait until the timer handler...