1841 matches found
SUSE CVE-2023-53494
In the Linux kernel, the following vulnerability has been resolved: crypto: xts - Handle EBUSY correctly As it is xts only handles the special return value of EINPROGRESS, which means that in all other cases it will free data related to the request. However, as the caller of xts may specify...
CVE-2025-9075 ZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & Patterns <= 2.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting
The ZoloBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple Gutenberg blocks in versions up to, and including, 2.3.10. This is due to insufficient input sanitization and output escaping on user-supplied attributes within multiple block components including Google...
CVE-2025-58246
Insertion of Sensitive Information Into Sent Data vulnerability in WordPress allows Retrieve Embedded Sensitive Data. The WordPress Core security team is aware of the issue and is already working on a fix. This is a low-severity vulnerability. Contributor-level privileges required in order to...
DEBIAN-CVE-2022-50379
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfsquotaenable, after committing the transaction, we change fsinfo-quotaroot to point to the quota root we created and set BTRFSFSQUOTAENABLED...
CVE-2023-53373 crypto: seqiv - Handle EBUSY correctly
In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...
CVE-2022-50379 btrfs: fix race between quota enable and quota rescan ioctl
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota enable and quota rescan ioctl When enabling quotas, at btrfsquotaenable, after committing the transaction, we change fsinfo-quotaroot to point to the quota root we created and set BTRFSFSQUOTAENABLED...
PT-2025-38327
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists within the Btrfs file system related to quota management. Specifically, the issue occurs when enabling quotas, where a transaction commit is followed by setting t...
CVE-2023-53187
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes unused before we finish its creation, at btrfscreatependingblockgroups, then when btrfsmarkbgunused ...
Fetch streams are great, but not for measuring upload/download progress
Part of my role at Mozilla is making sure we're focusing on the right features, and we got onto the topic of fetch upload streams. It's something Chrome has supported for a while, but it isn't yet supported in either Firefox or Safari. I asked folks on various social platforms what they thought o...
Progress Software OpenEdge 命令注入漏洞
Progress Software OpenEdge is a suite of integrated development environments IDEs from Progress Software, USA. A command injection vulnerability exists in Progress Software OpenEdge that stems from insufficient input validation of the Java RMI interface, which could lead to a remote command...
Malicious code in new-al-bum-av-ailable-progress-5zjb6-rbopge (npm)
The package new-al-bum-av-ailable-progress-5zjb6-rbopge was found to contain malicious code...
MAL-2025-26314 Malicious code in migration-progress-announce (npm)
The package migration-progress-announce was found to contain malicious code...
MAL-2025-27355 Malicious code in new-al-bum-av-ailable-progress-5zjb6-rbopge (npm)
The package new-al-bum-av-ailable-progress-5zjb6-rbopge was found to contain malicious code...
Malicious code in migration-progress-announce (npm)
The package migration-progress-announce was found to contain malicious code...
BIT-LIBPHP-2020-7062 Null Pointer Dereference in PHP Session Upload Progress
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.uploadprogress.cleanup is set to 0 disabled, and the file upload fails, the upload procedure would try to clean up data that does...
CVE-2025-6505
Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress Software's Hybrid Data Pipeline Server on Linux. This vulnerability allows attackers to combine credentials from different sources, potentially leading to client impersonation and unauthorized access. Whe...
Progress Hybrid Data Pipeline Server 安全漏洞
Progress Hybrid Data Pipeline Server is a data pipeline server from Progress USA. A security vulnerability exists in Progress Hybrid Data Pipeline Server versions prior to 4.6.2.2978, which stems from the possibility that the X-Forwarded-For header may be spoofed, potentially leading to...
Progress Hybrid Data Pipeline Server 安全漏洞
Progress Hybrid Data Pipeline Server is a data pipeline server from Progress USA. A security vulnerability exists in Progress Hybrid Data Pipeline Server version 4.6.2.3226 and prior versions that stems from accepting client credentials from a different source, which could lead to unauthorized...
SUSE CVE-2025-38411
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix double put of request If a netfs request finishes during the pause loop, it will have the ref that belongs to the INPROGRESS flag removed at that point - however, if it then goes to the final wait loop, that will also...
UBUNTU-CVE-2025-38411
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix double put of request If a netfs request finishes during the pause loop, it will have the ref that belongs to the INPROGRESS flag removed at that point - however, if it then goes to the final wait loop, that will also...