Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention condition in the priotune function that could lead to a qlen underflow...

WordPress PowerPress Podcasting plugin <= 11.13.11 - Server Side Request Forgery (SSRF) Vulnerability

Server Side Request Forgery SSRF Vulnerability discovered by Anhchangmutrang in WordPress Plugin PowerPress Podcasting versions = 11.13.11...

WordPress Automatically Hierarchic Categories in Menu plugin <= 2.0.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Automatically Hierarchic Categories in Menu versions = 2.0.9...

WordPress Bluff Post plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Bluff Post versions = 1.1.1...

WordPress HUSKY plugin <= 1.3.7 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin HUSKY versions = 1.3.7...

SUSE CVE-2025-38039

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARNON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, leading to an...

WordPress Spark Multipurpose Theme <= 1.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Spark Multipurpose Type Theme Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-50030 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 093473ec2f16 Credits Peter Thaleikis Required privilege...

WordPress Bulk YouTube Post Creator plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Miki Iwamoto in WordPress Plugin Bulk YouTube Post Creator versions = 1.0...

CVE-2022-50177

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1 If nrcpus= maxcpus=, which means if the total number of CPUs is higher than those brought online at boot, then...

CVE-2022-50177

CVE-2022-50177 concerns the Linux kernel where rcutorture ksoftirqd boosting timing/iteration could fail, causing RCU priority boosting to break under certain CPU configurations. The documented root causes are: (1) when the total CPUs exceed booted online CPUs, leading to boosting not applying to...

CVE-2022-50177 rcutorture: Fix ksoftirqd boosting timing and iteration

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1 If nrcpus= maxcpus=, which means if the total number of CPUs is higher than those brought online at boot, then...

CVE-2022-50177 rcutorture: Fix ksoftirqd boosting timing and iteration

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fix ksoftirqd boosting timing and iteration The RCU priority boosting can fail in two situations: 1 If nrcpus= maxcpus=, which means if the total number of CPUs is higher than those brought online at boot, then...

DEBIAN-CVE-2025-38039

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARNON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, leading to an...

WordPress tarteaucitron.io plugin < 1.9.5 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Pierre Rudloff in WordPress Plugin tarteaucitron.js – Cookies legislation & GDPR versions 1.9.5...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the net/mlx5e driver not properly handling HTB offload cases when configuring MQPRIO, resulting in an unwant...

WordPress Rankie plugin < 1.8.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Anhchangmutrang in WordPress Plugin Rankie versions 1.8.2...

WordPress Ajax Load More plugin <= 7.4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Ajax Load More versions = 7.4.0.1...

WordPress Simple Logo Carousel plugin <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Simple Logo Carousel versions = 1.9.3...

WordPress Click to Chat plugin <= 4.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via data-no_number Parameter vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via data-nonumber Parameter vulnerability discovered by Asaf Mozes in WordPress Plugin Click to Chat versions = 4.22...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid issuing a WARNON when configuring MQPRIO with HTB offload enabled. When attempting to enable MQPRIO while HTB offload is already configured, the driver currently returns -EINVAL and triggers a WARNON, resulting i...