CVE-2025-62096 WordPress Maximum Products per User for WooCommerce plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Maximum Products per User for WooCommerce maximum-products-per-user-for-woocommerce allows Stored XSS.This issue affects Maximum Products per User for WooCommerce: from n/a through = 4.4....

EUVD-2025-205952

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Maximum Products per User for WooCommerce allows Stored XSS.This issue affects Maximum Products per User for WooCommerce: from n/a through 4.4.2...

CVE-2025-62096 WordPress Maximum Products per User for WooCommerce plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Maximum Products per User for WooCommerce maximum-products-per-user-for-woocommerce allows Stored XSS.This issue affects Maximum Products per User for WooCommerce: from n/a through = 4.4....

WordPress Maximum Products per User for WooCommerce plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Maximum Products per User for WooCommerce versions = 4.4.3...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993162)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993162 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on probe Add the missing sanity check on the probed-session...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993281)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993281 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interfac...

PT-2025-54316

Name of the Vulnerable Software and Affected Versions WPFactory Maximum Products per User for WooCommerce versions through 4.4.2 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Cross-site Scripting XSS issue. This...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992843)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992843 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If getnumsdmaqueues or getnumxgmisdmaqueues is ...

CLSA-2025-1767120767 Fix CVE(s): CVE-2025-14178

SECURITY UPDATE: Heap buffer overflow in arraymerge - debian/patches/CVE-2025-14178.patch: add validation to check if total element count exceeds HTMAXSIZE before allocation. - CVE-2025-14178...

EUVD-2023-60390

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller found zero division error 0 in divs64rem called from getcycletimeelapsed, where sched-cycletime is the divisor. We have tests in parsetaprioschedule so tha...

CVE-2023-54251

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller found zero division error 0 in divs64rem called from getcycletimeelapsed, where sched-cycletime is the divisor. We have tests in parsetaprioschedule so tha...

UBUNTU-CVE-2022-50816

In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in tunnels Another syzbot report 1 with no reproducer hints at a bug in ip6gre tunnel dev:ip6gretap0 Since ipv6 mcast code makes sure to read dev-mtu once and applies a sanity check on it see commit...

CVE-2023-54251 net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCATAPRIOATTRSCHEDCYCLETIME to INTMAX. syzkaller found zero division error 0 in divs64rem called from getcycletimeelapsed, where sched-cycletime is the divisor. We have tests in parsetaprioschedule so tha...

CVE-2022-50816

CVE-2022-50816 affects the Linux kernel IPv6 tunneling MTU handling. Root cause: a layer could set dev-&gt;mtu to an underflowed value due to insufficient sanitization when updating MTU for ip6_gre/ip6_tnl/ipip6 tunnels. Impact described in the sources includes potential invalid skb handling and ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tunneling device MTU value not being integrity-checked, which could result in an underflow value...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992350 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix memory corruption on probe Add the missing sanity check on the probed-session...

bpf: Check skb->transport_header is set in bpf_skb_check_mtu

...

SUSE CVE-2023-54070

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

SUSE CVE-2023-54135

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

Linux Distros Unpatched Vulnerability : CVE-2023-54070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 igb: Enable SR-IOV after reinit, removing the igb module could hang or crash...