DEBIAN-CVE-2025-21965

In the Linux kernel, the following vulnerability has been resolved: schedext: Validate prevcpu in scxbpfselectcpudfl If a BPF scheduler provides an invalid CPU outside the nrcpuids range as prevcpu to scxbpfselectcpudfl it can cause a kernel crash. To prevent this, validate prevcpu in...

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2025-27516: Fixed sandbox breakout through attr filter selecting format method bsc1238879. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

yimioa 安全漏洞

yimioa CloudNet OA is a locally deployed OA software by rabbit personal developer. A security vulnerability exists in yimioa versions prior to v2024.07.04, which stems from an SQL injection in the selectNoticeList method...

CVE-2025-28902

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

net/mlx5: Clear port select structure when fail to create

...

MAL-2025-2427 Malicious code in tsl-select-trigger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 072755e39bd14b6660b02fdc071fceedf4d4cf76f4f27561b12b19a8fa70f135 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in tsl-select-trigger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 072755e39bd14b6660b02fdc071fceedf4d4cf76f4f27561b12b19a8fa70f135 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Contact Form 7 Select Box Editor Button plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Contact Form 7 Select Box Editor Button versions = 0.6...

CVE-2025-28902

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

CVE-2025-28902 WordPress Contact Form 7 Select Box Editor Button plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

CVE-2025-28902

CVE-2025-28902 is a CSRF vulnerability in the WordPress plugin Contact Form 7 Select Box Editor Button , affecting versions up to 0.6. The connected details confirm a cross-site request forgery flaw in this plugin; no exploitation details or patch/remediation are provided in the sources. The entr...

CVE-2025-28902 WordPress Contact Form 7 Select Box Editor Button plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Benjamin Pick Contact Form 7 Select Box Editor Button contact-form-7-select-box-editor-button allows Cross Site Request Forgery.This issue affects Contact Form 7 Select Box Editor Button: from n/a through = 0.6...

WordPress plugin Contact Form 7 Select Box Editor Button 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

Google Chrome 安全漏洞

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from a security bypass vulnerability, which is caused due to improper implementation in Select. An attacker can exploit the vulnerability to bypass security restrictions...

CVE-2025-1940

A select option could partially obscure the confirmation prompt shown before launching external apps. This could be used to trick a user in to launching an external app unexpectedly. This issue only affects Android versions of Firefox. This vulnerability affects Firefox 136...

SUSE CVE-2025-24898

rust-openssl is a set of OpenSSL bindings for the Rust programming language. In affected versions ssl::selectnextproto can return a slice pointing into the server argument's buffer but with a lifetime bound to the client argument. In situations where the sever buffer's lifetime is shorter than th...

CVE-2025-1227

A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-1192 SourceCodester Multi Restaurant Table Reservation System select-menu.php sql injection

A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file select-menu.php. The manipulation of the argument table leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-1192 SourceCodester Multi Restaurant Table Reservation System select-menu.php sql injection

A vulnerability was found in SourceCodester Multi Restaurant Table Reservation System 1.0. It has been classified as critical. Affected is an unknown function of the file select-menu.php. The manipulation of the argument table leads to sql injection. It is possible to launch the attack remotely...

SourceCodester Multi Restaurant Table Reservation System 注入漏洞

SourceCodester Multi Restaurant Table Reservation System is a multi-restaurant table reservation system from SourceCodester, Inc. An injection vulnerability exists in version 1.0 of the SourceCodester Multi Restaurant Table Reservation System, which stems from an SQL injection vulnerability...