CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbufdesc in smccdctxhandler When performing a stress test on SMC-R by rmmod mlx5ib driver during the wrk/nginx test, we found that there is a probability of triggering a panic while terminating all link groups...

CVE-2023-53103

In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...

CVE-2023-53063

Removed by vendor...

CVE-2023-53055

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after securitysbdelete fscryptdestroykeyring must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landloc...

CVE-2023-53049

CVE-2023-53049 – Linux kernel USB-C/UCSI pointer dereference . A NULL pointer dereference in ucsi_connector_change() could occur if ucsi_init() failed and an event arrives via ucsi_acpi, dereferencing unable ucsi->connector. The fix prevents ntfy from being set until ucsi_init() succeeds, so e...

CVE-2023-53049 usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()

In the Linux kernel, the following vulnerability has been resolved: usb: ucsi: Fix NULL pointer deref in ucsiconnectorchange When ucsiinit fails, ucsi-connector is NULL, yet in case of ucsiacpi we may still get events which cause the ucsacpi code to call ucsiconnectorchange, which then derefs the...

CVE-2023-53048

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discoveridentity message Since both source and sink device can send discoveridentity message in PD3, kernel may dump below warning: ------------ cut here ------------ WARNING: CPU: 0 PID:...

CVE-2023-53040 ca8210: fix mac_len negative array access

In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if ieee802154hdrpeekaddrs fails...

CVE-2025-32971

XWiki is a generic wiki platform. In versions starting from 4.5.1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the Solr script service doesn't take dropped programming rights into account. The Solr script service that is accessible in XWiki's...

CVE-2025-32973

XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, when a user with programming rights edits a document in XWiki that was last edited by a user without programming rights and...

CVE-2025-46342

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

CVE-2025-32970

XWiki is a generic wiki platform. In versions starting from 13.5-rc-1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0, an open redirect vulnerability in the HTML conversion request filter allows attackers to construct URLs on an XWiki instance that...

BIT-DISCOURSE-2025-32376 Discourse DM limits aren’t always properly enforced

Discourse is an open-source discussion platform. Prior to versions 3.4.3 on the stable branch and 3.5.0.beta3 on the beta branch, the users limit for a DM can be bypassed, thus giving the ability to potentially create a DM with every user from a site in it. This issue has been patched in stable...

PT-2025-18742 · WordPress · Otp-Less One Tap Sign In Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: OTP-less one tap Sign in plugin for WordPress versions 2.0.14 through 2.0.59 Description: The issue is due to the plugin not properly validating a user's identity prior to updating their details, like email. This makes it possible for...

PT-2025-18863 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.15.36 Description: A vulnerability in the Linux kernel has been resolved, where a sleepable memory allocation was made from an atomic context in the Xilinx firmware. The issue was discovered using lockdep and ...

WordPress WPML Multilingual CMS plugin 3.6.0-4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpml_language_switcher Shortcode

Authenticated Contributor+ Stored Cross-Site Scripting via wpmllanguageswitcher Shortcode vulnerability discovered by stealthcopter in WordPress Plugin Multilingual CMS versions 3.6.0-4.7.3...

CVE-2025-46344

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. Versions starting from 4.0.1 and prior to 4.5.1, do not invoke .setExpirationTime when generating a JWE token for the session. As a result, the JWE does not contain an internal expiration claim. While...

CVE-2025-46569 OPA server Data API HTTP path injection of Rego

Open Policy Agent OPA is an open source, general-purpose policy engine. Prior to version 1.4.0, when run as a server, OPA exposes an HTTP Data API for reading and writing documents. Requesting a virtual document through the Data API entails policy evaluation, where a Rego query containing a singl...

CVE-2025-46569

Summary: CVE-2025-46569 affects Open Policy Agent (OPA) prior to 1.4.0 when run as a server. A HTTP Data API path can be crafted to inject Rego code into the constructed query, enabling potential oracle attacks, incorrect policy decisions, and a DoS via expensive evaluation. Impact: high (policy ...

CVE-2025-46337

ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. Prior to version 5.22.9, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a PostgreSQL database and...