Security Bulletin: IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service (CVE-2025-36097)

Summary IBM WebSphere Application Server Liberty, which is bundled with IBM WebSphere Hybrid Edition, is affected by a denial of service with the jsonp-1.0, jsonp-1.1, or jsonp-2.0 features enabled. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

PT-2025-25894 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A possible race condition, specifically a use-after-free issue, has been identified in the Linux kernel. This issue arises due to a lack of synchronization between the upper layer...

PT-2025-25464 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: General information about the issue is not available. No details are provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue wa...

PT-2025-24427 · Lucky · Lucky Lm-520-Fsc +2

Name of the Vulnerable Software and Affected Versions: Lucky LM-520-SC, LM-520-FSC and LM-520-FSC-SAM up to 20250321 Description: A vulnerability classified as problematic was found in the affected devices, leading to missing authentication. The manipulation can be launched remotely, and the...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a cross-site scripting vulnerability (CVE-2025-33104)

Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a cross-site scripting vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products...

PT-2025-27719 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue was related to the ad4851 parse channels common function, where the pointer returned was incremented internally as each...

PT-2025-18648 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the IB/hfi1 module, where a commit incorrectly tries to move a list from one list head to another,...

PT-2025-18536

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the octeon ep module. The problem occurs when unsupported dev and mbox init errors happen, causing the oct-co...

PT-2025-23158

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to the erofs file system. The issue arises when bio add folio fails due to being full, and erofs fileio scan folio retrie...

PT-2025-14335 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the netmem feature. The issue allowed the transmission of unreadable network memory netmem packets into the device's...

lobe-chat implemented an insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964)

Summary SSRF protection implemented in https://github.com/lobehub/lobe-chat/blob/main/src/app/api/proxy/route.ts does not consider redirect and could be bypassed when attacker provides external malicious url which redirects to internal resources like private network or loopback address. PoC 1. Ru...

PT-2025-18890 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the mpi3mr remove function. This issue is related to the sas hba.phy memory not being properly freed. The...

PT-2023-9967 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It mentions that the candidate is unused by its CNA and refers to the Nationa...

PT-2023-9926 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The provided information does not contain details about the issue, affected devices, or real-world incidents. Recommendations: At the moment, there is no information about a newer...

PT-2023-10050 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It mentions that the candidate is unused by its CNA and refers to the Nationa...

PT-2023-11408 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It mentions a candidate that is unused by its CNA and refers to the National...

PT-2023-11082 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It mentions that the candidate is unused by its CNA and refers to the Nationa...

PT-2023-27514 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The requestor is working with another CNA for these vulnerabilities, as informed to GitHub. No further details are provided about the issue...

PT-2023-13332 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: No detailed information is provided about the issue, such as general information, estimated number of potentially affected devices worldwide, or...

PT-2023-13415 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The provided information does not contain details about the issue. It appears to be a notification about a candidate number that is not in use...