EUVD-2025-29425

Malicious code in bioql PyPI...

MaxQueryDuration not honoured in Samba AD DC LDAP

...

CVE-2025-60663

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function...

CVE-2023-53517

In the Linux kernel, the following vulnerability has been resolved: tipc: do not update mtu if msgmax is too small in mtu negotiation When doing link mtu negotiation, a malicious peer may send Activate msg with a very small mtu, e.g. 4 in Shuang's testing, without checking for the minimum mtu,...

UBUNTU-CVE-2023-53517

In the Linux kernel, the following vulnerability has been resolved: tipc: do not update mtu if msgmax is too small in mtu negotiation When doing link mtu negotiation, a malicious peer may send Activate msg with a very small mtu, e.g. 4 in Shuang's testing, without checking for the minimum mtu,...

CVE-2023-53517

The CVE-2023-53517 vulnerability is in the Linux kernel TIPC mtu negotiation logic. When a peer sends an Activate message with a very small mtu (e.g., 4), tipc_link_proto_rcv() can set l->mtu to 4 and then n->links[bearer_id].mtu to 4294967228, causing an overflow in tipc_link_mss(). This c...

CVE-2021-4460

CVE-2021-4460 affects the Linux kernel drm/amdkfd path. The issue is a UBSAN shift-out-of-bounds warning when get_num_sdma_queues or get_num_xgmi_sdma_queues is 0, causing a shift by the operand’s bit width (undefined behavior). The fix changes the code to set num_sdma_queues or num_xgmi_sdma_que...

CVE-2025-39924

In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...

UBUNTU-CVE-2025-39921

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: stop checking viability of op-maxfreq in supportsop callback In commit 13529647743d9 "spi: microchip-core-qspi: Support per spi-mem operation frequency switches" the logic for checking the viability of...

CVE-2025-39924 erofs: fix invalid algorithm for encoded extents

In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...

CVE-2025-39924 erofs: fix invalid algorithm for encoded extents

In the Linux kernel, the following vulnerability has been resolved: erofs: fix invalid algorithm for encoded extents The current algorithm sanity checks do not properly apply to new encoded extents. Unify the algorithm check with ZEROFSCOMPRESSIONRUNTIMEMAX and ensure consistency with...

CVE-2025-39921

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: stop checking viability of op-maxfreq in supportsop callback In commit 13529647743d9 "spi: microchip-core-qspi: Support per spi-mem operation frequency switches" the logic for checking the viability of...

Ruckus Wireless ICX Switches Integer Overflow or Wraparound (CVE-2019-11477)

Three flaws were found in the Linux kernel's handling of TCP networking. The most severe vulnerability could allow a remote attacker to trigger a kernel panic in systems running the affected software and, as a result, impact the system's availability. The issues have been assigned multiple CVEs:...

OpenMLS improper persistence of the secret tree during message processing

Summary A bug in the OpenMLS library prevented private key material from being updated in storage during message processing. The key material in question are the keys stored in the MLS secret tree, which are used for decryption of private MLS messages. The effects of the bug are limited in scope,...

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 15, 2025 to September 21, 2025)

Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

Linux Distros Unpatched Vulnerability : CVE-2025-39886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the...

Configure a Proper Value for MaxAuthTries

MaxAuthTries indicates the maximum number of user authentication failures allowed in a single connection. If the number of user authentication failures exceeds the value, the connection is automatically disconnected. You are advised to set this field to a value less than or equal to 3. If this...

DEBIAN-CVE-2025-39888

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

UBUNTU-CVE-2025-39888

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...