kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

A null pointer dereference exists in the linux kernel such that in objstockflushrequired:stock-cachedobjcg can be reset between the check and dereference, resulting in damage to the availability of the system...

CVE-2025-13441

The Hide Category by User Role for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.3.1. This is due to a missing capability check on the admininit hook that executes wpcacheflush. This makes it possible for unauthenticated attackers ...

CVE-2025-13441

CVE-2025-13441 refers to the WordPress plugin Hide Category by User Role for WooCommerce (WordPress plugin); affected versions include all up to 2.3.1. The vulnerability is described as Missing Authorization on the admin_init hook that executes wp_cache_flush(), allowing unauthenticated users to ...

kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

A null pointer dereference exists in the linux kernel such that in objstockflushrequired:stock-cachedobjcg can be reset between the check and dereference, resulting in damage to the availability of the system...

EUVD-2020-3414

Malware in sbrugna...

EUVD-1999-1254

Malware in sbrugna...

HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference

...

Malicious code in object-cache-dog-test-byte (npm)

The package object-cache-dog-test-byte was found to contain malicious code...

MAL-2025-28042 Malicious code in object-cache-dog-test-byte (npm)

The package object-cache-dog-test-byte was found to contain malicious code...

Mageia: Security Advisory (MGASA-2021-0207)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 30 : wordpress (2020-fa71ca92f8)

WordPress 5.4.1 Security Updates Seven security issues affect WordPress versions 5.4 and earlier. If you havent yet updated to 5.4, all WordPress versions since 3.7 have also been updated to fix the following security issues : - Props to Muaz Bin Abdus Sattar and Jannes who both independently...

Fedora 31 : wordpress (2020-7701f49327)

WordPress 5.4.1 Security Updates Seven security issues affect WordPress versions 5.4 and earlier. If you havent yet updated to 5.4, all WordPress versions since 3.7 have also been updated to fix the following security issues : - Props to Muaz Bin Abdus Sattar and Jannes who both independently...

WordPress Cross-Site Scripting Vulnerability (CNVD-2020-27081)

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the 'stats' method of the class-wp-object-cache.php file in...

WordPress Multiple Vulnerabilities (May 2020) - Windows

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

DEBIAN-CVE-2020-11029

In affected versions of WordPress, a vulnerability in the stats method of class-wp-object-cache.php can be exploited to execute cross-site scripting XSS attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release 5.3.3, 5.2.6, 5.1.5, 5.0.9,...

UBUNTU-CVE-2020-11029

In affected versions of WordPress, a vulnerability in the stats method of class-wp-object-cache.php can be exploited to execute cross-site scripting XSS attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release 5.3.3, 5.2.6, 5.1.5, 5.0.9,...

CVE-2020-11029

In affected versions of WordPress, a vulnerability in the stats method of class-wp-object-cache.php can be exploited to execute cross-site scripting XSS attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release 5.3.3, 5.2.6, 5.1.5, 5.0.9,...

WordPress < 5.4.1 - Cross-Site Scripting (XSS) in wp-object-cache

Description WordPress' Object Cache that caches data from the database did not validate or encode the cache key. If an attacker managed to inject a malicious cache key that was then output in a third party plugin, it could lead to XSS...

PT-2020-3604 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.4.1 WordPress versions 5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33 Description: A vulnerability in the stats method of...

HDF5 Memory Leak Vulnerability

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A memory leak vulnerability exists in the 'H5Ochunkdeserialize' function of the H5Ocache.c file in HDF5 1.10.3 and earlier...