Release Information for Veeam Backup for Microsoft 365 8.2 and Cumulative Patches

More Recent Version Available Please find the latest version of Veeam Backup for Microsoft 365 here: Veeam Downloads - Latest Version Build Numbers and Versions of Veeam Backup for Microsoft 365 Requirements This release can be used to: update manually from a previous Veeam Backup for Microsoft 3...

EUVD-2023-60025

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... 6.120512 UBSAN: shift-out-of-bounds in...

UBUNTU-CVE-2023-53697

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attrgroups in unregisternvdimmpmu Memory pointed by 'ndpmu-pmu.attrgroups' is allocated in function 'registernvdimmpmu' and is lost after 'kfreendpmu' call in function 'unregisternvdimmpmu'...

Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues: Security issues fixed: CVE-2025-5455: processing of malformed data in qDecodeDataUrl can trigger assertion and cause a crash bsc1243958. CVE-2025-30348: complex algorithm used in encodeText in QDom when processing XML data can cause low...

CVE-2025-60933

Multiple stored cross-site scripting XSS vulnerabilities in the Future Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...

CVE-2025-60934

Multiple stored cross-site scripting XSS vulnerabilities in the index.php component of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee Notes, title, or description parameters. The patched...

Sensing Security in Near-Field ISAC: Exploiting Scatterers for Eavesdropper Deception

In this paper, we explore sensing security in near-field NF integrated sensing and communication ISAC scenarios by exploiting known scatterers in the sensing scene. We propose a location deception LD scheme where scatterers are deliberately illuminated with probing power that is higher than that...

CVE-2025-53050

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Performance Monitor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2025-53050

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Performance Monitor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

EUVD-2025-35284

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Performance Monitor. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2025-60932

Multiple stored cross-site scripting XSS vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...

CVE-2025-60934

Multiple stored cross-site scripting XSS vulnerabilities in the index.php component of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee Notes, title, or description parameters. The patched...

CVE-2025-60933

Multiple stored cross-site scripting XSS vulnerabilities in the Future Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...

CVE-2025-60934

Multiple stored cross-site scripting XSS vulnerabilities in the index.php component of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee Notes, title, or description parameters. The patched...

CVE-2025-60933

Multiple stored cross-site scripting XSS vulnerabilities in the Future Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...

CVE-2025-60932

Multiple stored cross-site scripting XSS vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...

CVE-2025-60934

Multiple stored cross-site scripting XSS vulnerabilities in the index.php component of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee Notes, title, or description parameters. The patched...

HR Performance Solutions Performance Pro 安全漏洞

HR Performance Solutions Performance Pro is an employee performance management platform from HR Performance USA. A security vulnerability exists in Performance Pro version v3.19.17, which stems from improper handling of the Goal Name, Goal Notes, Action Step Name, Action Step Description, Note...

CVE-2025-60933

CVE-2025-60933 affects HR Performance Solutions Performance Pro v3.19.17. The vulnerability is stored XSS in the Future Goals function, allowing an attacker to inject arbitrary web scripts/HTML via crafted payloads into Goal Name, Goal Notes, Action Step Name, Action Step Description, Note Name, ...

EUVD-2025-35170

Multiple stored cross-site scripting XSS vulnerabilities in the Current Goals function of HR Performance Solutions Performance Pro v3.19.17 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Goal Name, Goal Notes, Action Step Name, Action Step...