WordPress Vitepos plugin <= 3.1.4 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Phat RiO - Fore-Z co.ltd in WordPress Plugin Vitepos versions = 3.1.4...

WordPress Real Estate 7 Theme <= 3.5.4 is vulnerable to Arbitrary File Upload

Software Real Estate 7 Type Theme Vulnerable versions = 3.5.4 Fixed in 3.5.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2025-2891 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 22e03f3e7c10 Credits Foxyyy Required privilege Seller...

tough terminating targets role delegations are not respected

Summary Delegations are a mechanism defined by the TUF specification that allow multiple different identities to provide and sign content within a single repository. Terminating delegations and delegation priority give a TUF repository unambiguous control over how overlapping delegations are...

SUSE CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

DEBIAN-CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

UBUNTU-CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

CVE-2023-52987 ASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write()

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible array underflow in the sofipc4prioritymaskdfswrite function of the ASoC SOF component...

AZL-58493 CVE-2025-21859 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

AZL-58572 CVE-2025-21859 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

DEBIAN-CVE-2025-21859

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

UBUNTU-CVE-2025-21859

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

CVE-2025-21859 USB: gadget: f_midi: f_midi_complete to call queue_work

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: fmidi: fmidicomplete to call queuework When using USB MIDI, a lock is attempted to be acquired twice through a re-entrant call to fmiditransmit, causing a deadlock. Fix it by using queuework to schedule the inner...

CVE-2025-21859

CVE-2025-21859 affects the Linux kernel USB gadget f_midi path; a deadlock occurs when a lock is acquired twice in a re-entrant f_midi_transmit. The fix is to schedule the inner f_midi_transmit via a high-priority work queue using queue_work() from the completion handler. Patched commits are refe...

Linux Distros Unpatched Vulnerability : CVE-2016-4020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The patchinstruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensiti...

SUSE CVE-2025-21770

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopfqueueremovedevice The iopfqueueremovedevice helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an...

SUSE CVE-2022-49326

In the Linux kernel, the following vulnerability has been resolved: rtl818x: Prevent using not initialized queues Using not existing queues can panic the kernel with rtl8180/rtl8185 cards. Ignore the skb priority for those cards, they only have one tx queue. Pierre Asselin [email protected] reported t...

SUSE CVE-2022-49603

In the Linux kernel, the following vulnerability has been resolved: ip: Fix data-races around sysctlipfwdupdatepriority. While reading sysctlipfwdupdatepriority, it can be changed concurrently. Thus, we need to add READONCE to its readers...

CVE-2025-21770 iommu: Fix potential memory leak in iopf_queue_remove_device()

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix potential memory leak in iopfqueueremovedevice The iopfqueueremovedevice helper removes a device from the per-iommu iopf queue when PRI is disabled on the device. It responds to all outstanding iopf's with an...

AZL-58356 CVE-2022-49636 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: vlan: fix memory leak in vlannewlink Blamed commit added back a bug I fixed in commit 9bbd917e0bec "vlan: fix memory leak in vlandevsetegresspriority" If a memory allocation fails in vlanchangelink after other allocations...