pingora (>=0.1.0 <=0.4.0), pingora-cache (>=0.1.0 <=0.4.0) +3 more potentially affected by CVE-2025-4366 via pingora-core (>=0.1.1 <=0.4.0)

pingora-core CARGO version =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.4.0 - static-files-module =0.1.0 Source cves: CVE-2025-4366 Source advisory: OSV:GHSA-93C7-7XQW-W357...

PowSyBl 安全漏洞

PowSyBl is an open source framework from PowSyBl, Inc. dedicated to the modeling and simulation of power systems. A security vulnerability exists in PowSyBl versions prior to 6.7.2, which stems from a regular expression denial of service vulnerability in the DataSource mechanism that could lead t...

CVE-2025-4775

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and including, 7.4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for...

DEBIAN-CVE-2022-50162

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: Fix possible refcount leak in ifusbprobe usbgetdev will be called before lbsgetfirmwareasync which means that usbputdev need to be called when lbsgetfirmwareasync fails...

DEBIAN-CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

CVE-2022-50116

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

DEBIAN-CVE-2022-50074

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aasimplewritetobuffer When copyfromuser failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfreedata cause a memleak issue here. Use...

UBUNTU-CVE-2022-50074

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aasimplewritetobuffer When copyfromuser failed, the memory is freed by kvfree. however the management struct and data blob are allocated independently, so only kvfreedata cause a memleak issue here. Use...

CVE-2022-50151 usb: cdns3: fix random warning message when driver load

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from SOF ipc3-topology double freeing ipccontroldata in the loadbytes error path, which could lead to memory...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of data contention in bpfjitlimit, which could lead to a load tear...

WordPress Ajax Load More plugin <= 7.4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Ajax Load More versions = 7.4.0.1...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...

CVE-2025-4775 WordPress Infinite Scroll – Ajax Load More <= 7.4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting

The WordPress Infinite Scroll – Ajax Load More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the data-button-label HTML attribute in all versions up to, and including, 7.4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress plugin WordPress Infinite Scroll - Ajax Load More Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WordPress Infinite...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: vmxnet3: Fixed malformed packet sizes in vmxnet3processxdp. The XDP handling of the vmxnet3 driver is buggy for packet sizes using ring0 i.e., packet sizes between 128 and 3k bytes. We noticed connectivity issues related to MT...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fixed a hang that occurred in the kdump kernel when running on Hyper-V Gen 2 VMs. Hyper-V Gen 2 VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Abrupt exit when failing to load firmware in pspinitcapmicrocode. In the function pspinitcapmicrocode, an abrupt exit should occur when attempting to load firmware fails; otherwise, it may lead to invalid memory acces...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...

firefox: thunderbird: Script element events leaked cross-origin resource status

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Script elements loading cross-origin resources generate load and error events which can leak information enabling XS-Leaks attacks...