CVE-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

CVE-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

CVE-2025-30162 East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For Cilium users who use Gateway API for Ingress for some services and use LB-IPAM or BGP for LB Service implementation and use network policies to block egress traffic from workloads in a namespace to...

CVE-2025-30529

Cross-Site Request Forgery CSRF vulnerability in Sébastien Dumont Auto Load Next Post auto-load-next-post allows Cross Site Request Forgery.This issue affects Auto Load Next Post: from n/a through = 1.5.14...

CVE-2025-30529

CVE-2025-30529 describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin “Auto Load Next Post” (WordPress Infinite Scroll) affecting versions from unknown up to 1.5.14. CVSS v3.1 base score is 4.3 (Medium). Connected documents show no public exploit details or patch status; monitor fo...

CVE-2025-30529 WordPress Auto Load Next Post plugin <= 1.5.14 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Sébastien Dumont Auto Load Next Post auto-load-next-post allows Cross Site Request Forgery.This issue affects Auto Load Next Post: from n/a through = 1.5.14...

CVE-2025-30529 WordPress Auto Load Next Post plugin <= 1.5.14 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Sébastien Dumont Auto Load Next Post auto-load-next-post allows Cross Site Request Forgery.This issue affects Auto Load Next Post: from n/a through = 1.5.14...

WordPress Auto Load Next Post plugin <= 1.5.14 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Auto Load Next Post versions = 1.5.14...

Security update for zvbi

This update for zvbi fixes the following issues: CVE-2025-2173: Fixed check on srclength to avoid an unitinialized heap read bsc1239222. CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c bsc1239299. CVE-2025-2175: Fixed integer overflow in...

Cilium 安全漏洞

Cilium is an open source software from Cilium Open Source. It is used to provide and transparently secure network connectivity and load balancing between application workloads such as application containers or processes. A security vulnerability exists in Cilium versions v1.15.0 through v1.15.14,...

WordPress plugin Auto Load Next Post 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in...

PT-2025-12672

Name of the Vulnerable Software and Affected Versions Cilium versions 1.15.0 through 1.15.14 Cilium versions 1.16.0 through 1.16.7 Cilium versions 1.17.0 through 1.17.1 Description The issue affects Cilium users who use Gateway API for Ingress and LB-IPAM or BGP for LoadBalancer Service...

Security update for zvbi

This update for zvbi fixes the following issues: CVE-2025-2173: Fixed check on srclength to avoid an unitinialized heap read bsc1239222. CVE-2025-2174: Fixed integer overflow leading to heap overflow in src/conv.c, src/io-sim.c, src/search.c bsc1239299. CVE-2025-2175: Fixed integer overflow in...

The vulnerability of the bpf_object_load_prog() function in the tools/lib/bpf/libbpf.c file of the Linux operating system’s kernel allows a hacker to induce a service failure.

The vulnerability of the bpfobjectloadprog function in the tools/lib/bpf/libbpf.c file of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a system failure...

AgentScope path traversal vulnerability in save-workflow

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

GHSA-J9RW-QM5F-R8XM AgentScope path traversal vulnerability in save-workflow

A path traversal vulnerability exists in the save-workflow and load-workflow functionality of modelscope/agentscope versions prior to the fix. This vulnerability allows an attacker to read and write arbitrary JSON files on the filesystem, potentially leading to the exposure or modification of...

AgentScope 安全漏洞

AgentScope is a ModelScope open source application. Build LLM-based multi-intelligence applications more simply. AgentScope has a security vulnerability that stems from the existence of path traversal in the save-workflow and load-workflow functions, which allows an attacker to read and write...

Apache Airflow 安全漏洞

Apache Airflow is an open source platform for creating, managing and monitoring workflows from the Apache USA Foundation. The platform is characterized by scalability and dynamic monitoring. A security vulnerability exists in Apache Airflow versions prior to 6.2.0, which stems from a table...

Moderate: Red Hat Bug Fix Advisory: mod_proxy_cluster bug fix update

An update for modproxycluster is now available for Red Hat Enterprise Linux 9. The modproxycluster module is a plugin for the Apache HTTP Server that provides load-balancer functionality. Bug Fixes: Rebuild modproxycluster against httpd 2.4.62 JIRA:RHEL-70140 Rebase modproxycluster to upstream...

Sytel Softdial Contact Center（Sytel SCC） 路径遍历漏洞

Sytel Softdial Contact Center Sytel SCC is a cloud contact center software from Sytel. A path traversal vulnerability exists in Sytel Softdial Contact Center Sytel SCC, which originates from a path traversal of the /softdial/scheduler/load.php endpoint id parameter, which could lead to unauthoriz...