WordPress Team Section Block plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Social Network Link vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Social Network Link vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Team Section Block versions = 2.0.0...

CVE-2025-62612

FastGPT is an AI Agent building platform. Prior to version 4.11.1, in the workflow file reading node, the network link is not security-verified, posing a risk of SSRF attacks. This issue has been patched in version 4.11.1...

AZL-64604 CVE-2025-38149 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net: phy: clear phydev-devlink when the link is deleted There is a potential crash issue when disabling and re-enabling the network port. When disabling the network port, phydetach calls devicelinkdel to remove the device link, b...

CVE-2022-49776 macvlan: enforce a consistent minimal mtu

In the Linux kernel, the following vulnerability has been resolved: macvlan: enforce a consistent minimal mtu macvlan should enforce a minimal mtu of 68, even at link creation. This patch avoids the current behavior which could lead to crashes in ipv6 stack if the link is brought up $ ip link add...

CVE-2025-21717

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: add missing cputonode to kvzallocnode in mlx5eopenxdpredirectsq kvzallocnode is not doing a runtime check on the node argument allocpagesnodenoprof does have a VMBUGON, but it expands to nothing on !CONFIGDEBUGVM build...

CVE-2025-21717

CVE-2025-21717 affects the Linux kernel mlx5e path: kvzalloc_node lacks cpu_to_node conversion, allowing an out-of-bounds access when ethtool/netlink calls mlx5e_open on a CPU above MAX_NUMNODES, potentially panicking the kernel. The issue is fixed by adding a missing cpu_to_node conversion to ml...

Linux kernel buffer overflow vulnerability (CNVD-2021-19423)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 5.11.3 and earlier, which stems from the fact that drivers/scsi/scsitransportiscsi.c is adversely affected by the abilit...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated packages fix the following security issues : - the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously...

CentOS 4 : kernel (CESA-2008:0237)

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Debian DSA-1603-1 : bind9 - DNS cache poisoning

Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. This update changes Debian's BIND 9 packages to implement the recommended...

DSA-1603-1 bind9 - cache poisoning

Bulletin has no description...

RHEL 4 : kernel (RHSA-2008:0237)

Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

xscreensaver console access protection bypass

Application crashes on network link failure, if remote authentication is used. It makes it possible to access protected X session...