Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992952)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992952 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock Why After ODM clock off, optc...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992765)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992765 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out...

Unity Linux 20.1070e Security Update: mod_security (UTSA-2025-993341)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993341 advisory. ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.8 to before 2.9.11, an empty XML tag can...

CVE-2025-64528 Users are able to find users by name even when `enable_names` is off

Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when enablenames is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix...

CVE-2025-64528 Users are able to find users by name even when `enable_names` is off

Discourse is an open source discussion platform. Prior to versions 3.5.3, 2025.11.1, and 2025.12.0, an attacker who knows part of a username can find the user and their full name via UI or API, even when enablenames is disabled. Versions 3.5.3, 2025.11.1, and 2025.12.0 contain a fix...

EUVD-2023-60419

In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...

UBUNTU-CVE-2023-54222

In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...

CVE-2023-54222

In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...

CVE-2023-54222

CVE-2023-54222 affects the Linux kernel: a bug in the Tegra hte map driver (hte: tegra-194: tegra_hte_map_to_line_id) allowed an out-of-bounds read due to an off-by-one in the size check. The root cause is that the code compared against the size of the m array with a ‘>’ and needed a ‘>=’ i...

CVE-2023-54222 hte: tegra-194: Fix off by one in tegra_hte_map_to_line_id()

In the Linux kernel, the following vulnerability has been resolved: hte: tegra-194: Fix off by one in tegrahtemaptolineid The "mapsz" is the number of elements in the "m" array so the comparison needs to be changed to = to prevent an out of bounds read...

EUVD-2025-205666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jakub Glos Off Page SEO allows Reflected XSS.This issue affects Off Page SEO: from n/a through 3.0.3...

CVE-2025-23554

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jakub Glos Off Page SEO off-page-seo allows Reflected XSS.This issue affects Off Page SEO: from n/a through = 3.0.3...

PT-2025-53957

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s jbd2 subsystem related to buffer head reference counting. Specifically, within the jbd2 fc wait bufs function, if a buffer is not up-to-date, the...

WordPress plugin Off Page SEO 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992617 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock Why After ODM clock off, optc...

CVE-2025-23554 WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jakub Glos Off Page SEO off-page-seo allows Reflected XSS.This issue affects Off Page SEO: from n/a through = 3.0.3...

CVE-2025-23554

CVE-2025-23554 affects the WordPress plugin “Off Page SEO” by Jakub Glos, with a Reflected Cross-Site Scripting (XSS) flaw in the web page generation input handling. Affected versions are up to 3.0.3. The issue enables a reflected XSS attack when malicious input is supplied and processed by the p...

CVE-2025-23554 WordPress Off Page SEO plugin <= 3.0.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jakub Glos Off Page SEO off-page-seo allows Reflected XSS.This issue affects Off Page SEO: from n/a through = 3.0.3...

CLSA-2025-1767026442 mod_md: Fix of CVE-2025-55753

CVE-2025-55753: fix exponential error retry back-off to prevent delay overflow...

PT-2025-53828

Name of the Vulnerable Software and Affected Versions Jakub Glos Off Page SEO versions through 3.0.3 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, leading to a potential Reflected Cross-Site Scripting XSS condition. This allo...