CVE-2025-23134

CVE-2025-23134 affects the Linux kernel ALSA timer code. The vulnerability stems from taking mmap_lock while inside a mutex-wrapped copy_from/to_user() via the pattern guard(mutex)(&register_mutex). This can lead to deadlocks when copy_from/to_user() is invoked under the register_mutex, particula...

CVE-2025-22114 btrfs: don't clobber ret in btrfs_validate_super()

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't clobber ret in btrfsvalidatesuper Commit 2a9bb78cfd36 "btrfs: validate system chunk array at btrfsvalidatesuper" introduces a call to validatesyschunkarray in btrfsvalidatesuper, which clobbers the value of ret set...

CVE-2025-22109 ax25: Remove broken autobind

In the Linux kernel, the following vulnerability has been resolved: ax25: Remove broken autobind Binding AX25 socket by using the autobind feature leads to memory leaks in ax25connect and also refcount leaks in ax25release. Memory leak was detected with kmemleak:...

CVE-2025-22063 netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets When calling netlblconnsetattr, addr-safamily is used to determine the function behavior. If sk is an IPv4 socket, but the connect function is called with an...

CVE-2025-22039

CVE-2025-22039 is a Linux kernel vulnerability in ksmbd where an overflow in the dacloffset bounds check could bypass the DACL checks, causing out-of-bounds access and a kernel crash when dereferencing a DACL pointer. The fix converts dacloffset from int to unsigned int and uses check_add_overflo...

WordPress ElementsReady Addons for Elementor plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin ElementsReady Addons for Elementor versions = 6.6.2...

WordPress Zephyr Project Manager plugin <= 3.3.200 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by stealthcopter in WordPress Plugin Zephyr Project Manager versions = 3.3.200...

CVE-2025-22023 usb: xhci: Don't skip on Stopped - Length Invalid

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 "usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped" in v6.11, the driver didn't skip missed isochronous TDs when handling...

CVE-2025-32433

Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protocol message handling, a malicious actor...

PT-2025-16911 · Hitachi Vantara · Analyzer +1

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, including 9.3.x and 8.3.x Description: The software does not properly neutralize user-controllable input before it is placed in output that is used as a web page,...

PT-2025-16827 · Unknown · Telecontrol Server Basic

Name of the Vulnerable Software and Affected Versions: TeleControl Server Basic versions prior to 3.1.2.2 Description: The issue allows an authenticated remote attacker to bypass authorization controls, read from and write to the application's database, and execute code with "NT...

Erlang -- Erlang/OTP SSH Vulnerable to Pre-Authentication RCE

[email protected] reports: Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution RCE. By exploiting a flaw in SSH protoc...

CVE-2025-32021

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

CVE-2025-32778 Web-Check allows command Injection via Unvalidated URL in Screenshot API

Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project Lissy93/web-check. The issue stems from user-controlled input url being passed unsanitized into a shell command using exec, allowing attackers t...

CVE-2025-32778

CVE-2025-32778 affects Web-Check’s /api/screenshot endpoint. A user-controlled url is passed to a shell command via exec(), enabling command injection that could lead to arbitrary commands on the host. The issue is mitigated by replacing exec() with execFile(), which avoids a shell and properly i...

CVE-2025-32012

Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jellyfin server. This endpoint is intended to be admins-only, but it also authorizes requests from any device in the same...

CVE-2025-32012 Jellyfin Vulnerable to Denial of Service (DoS) via IP Spoofing

Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jellyfin server. This endpoint is intended to be admins-only, but it also authorizes requests from any device in the same...

CVE-2025-32012 Jellyfin Vulnerable to Denial of Service (DoS) via IP Spoofing

Jellyfin is an open source self hosted media server. In versions 10.9.0 to before 10.10.7, the /System/Restart endpoint provides administrators the ability to restart their Jellyfin server. This endpoint is intended to be admins-only, but it also authorizes requests from any device in the same...

CVE-2025-31497 TEIGarage XML External Entity (XXE) Injection in Document Conversion Service

TEIGarage is a webservice and RESTful service to transform, convert and validate various formats, focussing on the TEI format. The Document Conversion Service contains a critical XML External Entity XXE Injection vulnerability in its document conversion functionality. The service processes XML...

CVE-2025-27791

Collabora Online is a collaborative online office suite based on LibreOffice technology. In versions prior to 24.04.12.4, 23.05.19, and 22.05.25, there is a path traversal flaw in handling the CheckFileInfo BaseFileName field returned from WOPI servers. This allows for a file to be written anywhe...