Exploit for Protection Mechanism Failure in 7-Zip

CVE-2025-0411 — 7-Zip Mark-of-the-Web MoTW Bypass 🚨 ---...

CVE-2025-53006

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like "socketfactory" and "socketfactoryarg", there are also "sslfactory" and "sslfactoryarg" with similar functionality. The difference li...

OESA-2025-1735 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: Sudo before 1.9.17p1, when used with a sudoers file that...

CVE-2025-49588

Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. In version 2.10.2, the server accepts links of format file:///etc/passwd and doesn't do any validation before sending them to parsers and playwright, this can result in leak of other...

CVE-2025-38221

In the Linux kernel, the following vulnerability has been resolved: ext4: fix out of bounds punch offset Punching a hole with a start offset that exceeds maxend is not permitted and will result in a negative length in the truncateinodepartialfolio function while truncating the page cache,...

DEBIAN-CVE-2025-38193

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

CVE-2025-38223

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUGON for the case of encrypted inode with unaligned file size for example, 33K or 1K: 877.737811 run fstests generic/397 at 2025-01-...

CVE-2025-38205

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 Why If the dummy values in populatedummydmlsurfacecfg aren't updated then they can lead to a divide by zero in downstream callers like CalculateVMAndRowBytes...

CVE-2025-38182

In the Linux kernel, the following vulnerability has been resolved: ublk: santizize the arguments from userspace when adding a device Sanity check the values for queue depth and number of queues we get from userspace when adding a device...

CVE-2025-38175

In the Linux kernel, the following vulnerability has been resolved: binder: fix yet another UAF in binderdevices Commit e77aff5528a18 "binderfs: fix use-after-free in binderdevices" addressed a use-after-free where devices could be released without first being removed from the binderdevices list...

CVE-2025-6238 AI Engine 2.8.4 - Insecure OAuth Implementation

The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirecturi' parameter is missing validation during the authorization flow. This makes it possible for unauthenticated attackers to intercept the...

PT-2025-27841 · WordPress · Wp Firebase Push Notification

Name of the Vulnerable Software and Affected Versions: WP Firebase Push Notification plugin for WordPress versions prior to 1.2.1 Description: The issue is due to missing or incorrect nonce validation on the wfpn brodcast notification message function, making it possible for unauthenticated...

PT-2025-27845 · WordPress · Processingjs

Name of the Vulnerable Software and Affected Versions: ProcessingJS for WordPress versions 1.2.2 and earlier Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the pjs4wp shortcode. This allows authenticated attackers with...

PT-2025-27976

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the netfilter component, where the maximum map bucket size was not properly clamped to INT MAX. This could lead t...

WordPress Premium Addons for Elementor plugin <= 4.10.69 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Premium Addons for Elementor versions = 4.10.69...

WordPress Shortcodes Ultimate plugin <= 7.4.0 - Authenticted (Contributor+) Stored Cross-Site Scripting via 'data-url' Attribute vulnerability

Authenticted Contributor+ Stored Cross-Site Scripting via 'data-url' Attribute vulnerability discovered by Asaf Mozes in WordPress Plugin Shortcodes Ultimate versions = 7.4.0...

WordPress Migration, Backup, Staging – WPvivid Backup & Migration plugin <= 0.9.116 - Authenticated (Administrator+) Arbitrary File Upload vulnerability

Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by Ryan Kozak in WordPress Plugin WPvivid Backup and Migration versions = 0.9.116...

CVE-2025-49826 Next.js DoS vulnerability via cache poisoning

Next.js is a React framework for building full-stack web applications. From versions 15.0.4-canary.51 to before 15.1.8, a cache poisoning bug leading to a Denial of Service DoS condition was found in Next.js. This issue does not impact customers hosted on Vercel. Under certain conditions, this...

CVE-2025-53370

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, short descriptions set via the ShortDescription extension are inserted as raw HTML by the Citizen skin, allowing any user to insert arbitrary HTML into the DOM by editing a page...

CVE-2025-53368 Citizen is vulnerable to stored XSS attack in the legacy search bar

Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. From versions 1.9.4 to before 3.4.0, page descriptions are inserted into raw HTML without proper sanitization by the Citizen skin when using the old search bar. Any user with page editing privileges can insert...