CVE-2025-6948 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 17.11 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content...

CVE-2025-38348 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...

CVE-2025-38343

Mode C: CVE-2025-38343 is a Linux kernel WiFi fragmentation issue in mt76/mt7996 where multicast/broadcast RAs fragments are dropped since fragmentation applies only to unicast frames. Connected docs indicate affected packages (e.g., kernel versions

CVE-2025-38320 arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()

In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds read in regsgetkernelstacknth KASAN reports a stack-out-of-bounds read in regsgetkernelstacknth. Call Trace: 97.283505 BUG: KASAN: stack-out-of-bounds in regsgetkernelstacknth+0xa8/0xc8...

CVE-2025-38319

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pp: Fix potential NULL pointer dereference in atomctrlinitializemcregtable The function atomctrlinitializemcregtable and atomctrlinitializemcregtablev22 does not check the return value of smuatomgetdatatable. If...

CVE-2025-38318

In the Linux kernel, the following vulnerability has been resolved: perf: arm-ni: Fix missing platformsetdrvdata Add missing platformsetdrvdata in armniprobe, otherwise calling platformgetdrvdata in remove returns NULL...

CVE-2025-38310 seg6: Fix validation of nexthop addresses

In the Linux kernel, the following vulnerability has been resolved: seg6: Fix validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified length. This can lead to the kernel reading uninitialized memory if user space...

CVE-2025-38300

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce-cipher - fix error handling in sun8icecipherprepare Fix two DMA cleanup issues on the error path in sun8icecipherprepare: 1 If dmamapsg fails for areq-dst, the device driver would try to free DMA memory it has no...

CVE-2025-38274 fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt()

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

CVE-2025-20694

In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09752821; Issue ID: MSV-3342...

WordPress Event Manager plugin <= 7.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Events Manager versions = 6.6.4.4...

CLSA-2025-1752090493 Update of tzdata

Fix incorrect tzdb.dat by harding links...

CVE-2025-53536

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...

CVE-2025-53376

Dokploy is a self-hostable Platform as a Service PaaS that simplifies the deployment and management of applications and databases. An authenticated, low-privileged user can run arbitrary OS commands on the Dokploy host. The tRPC procedure docker.getContainersByAppNameMatch interpolates the...

CVE-2025-38260

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle csum tree error with rescue=ibadroots correctly BUG There is syzbot based reproducer that can crash the kernel, with the following call trace: With some debug output added DEBUG: rescue=ibadroots parsed BTRFS: devic...

CVE-2025-7209 9fans plan9port x509.c value_decode null pointer dereference

A vulnerability has been found in 9fans plan9port up to 9da5b44 and classified as problematic. Affected by this vulnerability is the function valuedecode in the library src/libsec/port/x509.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. Th...

Juniper Junos OS Vulnerability (JSA100091)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100091 advisory. - A Use of Incorrect Operator vulnerability in the Routing Engine firewall of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to bypass...

ALSA-2025:10670 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 kernel: Bluetooth: hcisync: Fix queuing commands when HCIUNREGISTER is...

PT-2025-28829 · WordPress · Ait Csv Import/Export

Name of the Vulnerable Software and Affected Versions: WordPress AIT CSV Import/Export plugin versions ≤ 3.0.3 Description: The issue allows for an unrestricted file upload, where an attacker can upload arbitrary files, including malicious PHP code, to the server via a multipart/form-data POST...

Helm vulnerable to Code Injection through malicious chart.yaml content

A Helm contributor discovered that a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Impact Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and thi...