PT-2025-39122

Name of the Vulnerable Software and Affected Versions code-projects Online Bidding System version 1.0 Description A flaw exists in code-projects Online Bidding System that allows for SQL injection. The issue is located in the file /administrator/wew.php and involves manipulation of the ID argumen...

WordPress HT Mega – Absolute Addons for WPBakery Page Builder Plugin <= 1.0.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin HT Mega – Absolute Addons for WPBakery Page Builder versions = 1.0.9...

WordPress Developer Plugin <= 1.2.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Developer versions = 1.2.6...

WordPress Ultimate Watermark Plugin <= 1.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin Ultimate Watermark versions = 1.1...

WordPress Mail Subscribe List Plugin <= 2.1.10 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Mail Subscribe List versions = 2.1.10...

WordPress Sitekit Plugin <= 2.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Sitekit versions = 2.0...

WordPress Last Updated Shortcode Plugin <= 1.0.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Last Updated Shortcode versions = 1.0.1...

Linux Distros Unpatched Vulnerability : CVE-2023-53393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx5: Fix mlx5ibgethwstats when used for device Currently, when mlx5ibgethwstats is used for device portnum = 0, there is a special handling in order to us...

Linux Distros Unpatched Vulnerability : CVE-2023-53302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: iwl4965: Add missing check for createsinglethreadworkqueue Add the check for the return value of the createsinglethreadworkqueue in order to avoid NULL...

SUSE CVE-2025-58430

listmonk is a standalone, self-hosted, newsletter and mailing list manager. In versions up to and including 1.1.0, every http request in addition to the session cookie session there included nonce. The value is not checked and validated by the backend, removing nonce allows the requests to be...

Linux Distros Unpatched Vulnerability : CVE-2023-53384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mwifiex: avoid possible NULL skb pointer dereference In 'mwifiexhandleuaprxforward', always check the value returned by 'skbcopy' to avoid potential NULL...

Linux Distros Unpatched Vulnerability : CVE-2025-30187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a...

Linux Distros Unpatched Vulnerability : CVE-2025-39853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if the list is empty, it still returns a pointer to an invalid...

PT-2025-38454

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the error handling path of the cas init one function within the Cassini component. The cas saturn firmware init function allocates memory using vmalloc, which is...

PT-2025-38360

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the nfsd4 ssc umount item component within the kernel's NFS daemon NFSD. Specifically, the reference count is not decremented under error conditions,...

Linux Distros Unpatched Vulnerability : CVE-2022-50291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: kcm: annotate data-races around kcm-rxpsock kcm-rxpsock can be read locklessly in kcmrfree...

Linux Distros Unpatched Vulnerability : CVE-2022-50342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: floppy: Fix memory leak in dofloppyinit A memory leak was reported when floppyallocdisk fail...

Linux Distros Unpatched Vulnerability : CVE-2022-50300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix extent map use-after-free when handling missing device in readonechunk Store the error code before freeing the extentmap. Though it's reference count...

Linux Distros Unpatched Vulnerability : CVE-2025-39809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel-quicki2c: Fix ACPI dsd ICRS/ISUB length The QuickI2C ACPI DSD...

Linux Distros Unpatched Vulnerability : CVE-2023-53328

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Enhance sanity check while generating attrlist nicreateattrlist uses WARNON to catch error cases while generating attribute list, which only prints ou...