SUSE CVE-2025-39920

In the Linux kernel, the following vulnerability has been resolved: pcmcia: Add error handling for addinterval in dovalidatemem In the dovalidatemem, the call to addinterval does not handle errors. If kmalloc fails in addinterval, it could result in a null pointer being inserted into the linked...

CVE-2025-60140

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.3...

CVE-2025-60140

Insertion of Sensitive Information Into Sent Data vulnerability in thetechtribe The Tribal the-tech-tribe allows Retrieve Embedded Sensitive Data.This issue affects The Tribal: from n/a through = 1.3.3...

CVE-2025-60125

Insertion of Sensitive Information Into Sent Data vulnerability in themelooks FoodBook foodbook allows Retrieve Embedded Sensitive Data.This issue affects FoodBook: from n/a through = 4.7.6...

CVE-2025-59010

Insertion of Sensitive Information Into Sent Data vulnerability in Maciej Bis Permalink Manager Lite permalink-manager allows Retrieve Embedded Sensitive Data.This issue affects Permalink Manager Lite: from n/a through = 2.5.1.3...

CVE-2025-60095 WordPress Stackable Plugin <= 3.18.1 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Benjamin Intal Stackable stackable-ultimate-gutenberg-blocks allows Retrieve Embedded Sensitive Data.This issue affects Stackable: from n/a through = 3.18.1...

PT-2025-39583

Name of the Vulnerable Software and Affected Versions The Tribal versions through 1.3.3 Description A flaw exists in The Tribal that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update The Tribal to a version later than 1.3....

PT-2025-39535

Name of the Vulnerable Software and Affected Versions Maciej Bis Permalink Manager Lite versions through 2.5.1.3 Description A flaw exists in Maciej Bis Permalink Manager Lite that allows retrieval of embedded sensitive data due to the insertion of sensitive information into sent data...

PT-2025-39542

Name of the Vulnerable Software and Affected Versions Stackable versions through 3.18.1 Description A flaw exists in Benjamin Intal Stackable that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update Stackable to a version...

PT-2025-39572

Name of the Vulnerable Software and Affected Versions Themelooks FoodBook versions through 4.7.1 Description An issue exists in Themelooks FoodBook that allows for the retrieval of embedded sensitive data due to insertion of sensitive information into sent data. Recommendations Update to a versio...

GitLab 14.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-9958)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 14.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that could have allowed Guest users to access sensitive...

CVE-2025-58649

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack all-in-one-seo-pack allows Retrieve Embedded Sensitive Data.This issue affects All In One SEO Pack: from n/a through = 4.8.7.1...

CVE-2025-57922

Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Envíos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Envíos Coordinadora Woocommerce: from n/a through = 1.1.32...

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

WordPress <= 6.8.2 Multiple Vulnerabilities (Sep 2025) - Windows

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

CVE-2025-58252

Insertion of Sensitive Information Into Sent Data vulnerability in jetmonsters Getwid getwid allows Retrieve Embedded Sensitive Data.This issue affects Getwid: from n/a through = 2.1.2...

CVE-2025-58249

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58226

Insertion of Sensitive Information Into Sent Data vulnerability in iberezansky 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery interactive-3d-flipbook-powered-physics-engine allows Retrieve Embedded Sensitive Data.This issue affects 3D FlipBook – PDF Flipbook Viewer, Flipbook Image...

CVE-2025-57923

Insertion of Sensitive Information Into Sent Data vulnerability in Ideal Postcodes UK Address Postcode Validation uk-address-postcode-validation allows Retrieve Embedded Sensitive Data.This issue affects UK Address Postcode Validation: from n/a through = 3.9.2...

CVE-2025-57922

Insertion of Sensitive Information Into Sent Data vulnerability in Coordinadora Mercantil S.A. Envíos Coordinadora Woocommerce coordinadora allows Retrieve Embedded Sensitive Data.This issue affects Envíos Coordinadora Woocommerce: from n/a through = 1.1.32...