CVE-2025-38637 net_sched: skbprio: Remove overly strict queue assertions

In the Linux kernel, the following vulnerability has been resolved: netsched: skbprio: Remove overly strict queue assertions In the current implementation, skbprio enqueue/dequeue contains an assertion that fails under certain conditions when SKBPRIO is used as a child qdisc under TBF with specif...

CVE-2025-38104

Technical details about CVE-2025-38104 (affected products, versions, exploit information, or fixes) are not provided in the supplied documents; monitor for updates.

CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB...

CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV RLCG Register Access is a way for virtual functions to safely access GPU registers in a virtualized environment., including TLB...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of mutual exclusion locks instead of spin locks for RLCG register accesses, which could lead to...

PT-2025-17271

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0 Description The issue is related to the use of a mutex for RLCG register access in the Linux kernel's amdgpu driver, which can lead to priority inversion in SRIOV environments. This occurs when a...

WordPress WPAMS plugin <= 44.0 (17-08-2023) - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WPAMS versions = 44.0 17-08-2023...

WordPress WPAMS plugin <= 44.0 (17-08-2023) - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin WPAMS versions = 44.0 17-08-2023...

WordPress JetBlocks For Elementor plugin <= 1.3.16 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetBlocks For Elementor versions = 1.3.16...

WordPress FluentCommunity plugin <= 1.2.15 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin FluentCommunity versions = 1.2.15...

WordPress StoreContrl Woocommerce plugin <= 4.1.3 - Arbitrary File Download Vulnerability

Arbitrary File Download Vulnerability discovered by astra.r3verii in WordPress Plugin StoreContrl Woocommerce versions = 4.1.3...

WordPress Advanced Google Maps plugin <= 5.8.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Anhchangmutrang Patchstack Alliance in WordPress Plugin Advanced Google Maps versions = 5.8.4...

WordPress Hotel Booking Plugin <= 3.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Hotel Booking versions = 3.6...

WordPress Bulk Page Stub Creator plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Bulk Page Stub Creator versions = 1.1...

WordPress Forminator plugin <= 1.42.0 - Order Replay vulnerability

Order Replay vulnerability discovered by Asaf Mozes in WordPress Plugin Forminator versions = 1.42.0...

WordPress Ultimate Member plugin <= 2.10.1 - Unauthenticated Blind SQL Injection vulnerability

Unauthenticated Blind SQL Injection vulnerability discovered by Muhamad Visat in WordPress Plugin Ultimate Member versions = 2.10.1...

WordPress Ivy School Theme <= 1.6.0 is vulnerable to Local File Inclusion

Software Ivy School Type Theme Vulnerable versions = 1.6.0 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39470 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2982cc652634 Credits Bonds Required privilege Unauthenticated...

WordPress Foton Theme <= 2.5.2 is vulnerable to Local File Inclusion

Software Foton Type Theme Vulnerable versions = 2.5.2 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39458 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID e548d81179ab Credits Bonds Required privilege Unauthenticated Published ...

WordPress Dessau Theme < 1.9 is vulnerable to Local File Inclusion

Software Dessau Type Theme Vulnerable versions 1.9 Fixed in 1.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39463 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 0679c8533d71 Credits Bonds Required privilege Unauthenticated Published 17...

WordPress Form Maker by 10Web plugin < 1.15.32 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Form Maker by 10Web versions 1.15.32...