PT-2025-3972 · Unknown · Campcodes School Management

Name of the Vulnerable Software and Affected Versions: CampCodes School Management Software version 1.0 Description: A problematic issue has been found in the Chat History component of the software, specifically affecting an unknown part of the file /chat/group/send. The manipulation of the messa...

CVE-2025-23691

Cross-Site Request Forgery CSRF vulnerability in Braulio Aquino Send to Twitter send-to-twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through = 1.7.2...

CVE-2025-23691

Cross-Site Request Forgery CSRF vulnerability in Braulio Aquino Send to Twitter send-to-twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through = 1.7.2...

CVE-2025-23691 WordPress Send to Twitter plugin <= 1.7.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Braulio Aquino García Send to Twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through 1.7.2...

CVE-2025-23691

CVE-2025-23691 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin “Send to Twitter” by Braulio Aquino García that permits stored XSS. The entry states the flaw affects the plugin’s version range “from n/a through 1.7.2.” The Red Hat security entry reiterates the C...

CVE-2025-23691 WordPress Send to Twitter plugin <= 1.7.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Braulio Aquino Send to Twitter send-to-twitter allows Stored XSS.This issue affects Send to Twitter: from n/a through = 1.7.2...

WordPress Send to Twitter plugin <= 1.7.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Send to Twitter versions = 1.7.2...

WordPress Send to a Friend Addon plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Send to a Friend Addon versions = 1.4.1...

WordPress plugin Send to Twitter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2024-57802 netrom: check buffer length before accessing it

In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25cmp when sending raw message through ieee802154 implementation. ===================================================== BUG: KMSAN:...

CVE-2025-0403

A vulnerability, which was classified as problematic, has been found in 1902756969 reggie 1.0. Affected by this issue is some unknown functionality of the file /user/sendMsg of the component Phone Number Validation Handler. The manipulation of the argument code leads to information disclosure. Th...

SUSE CVE-2024-54193

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...

UBUNTU-CVE-2024-54193

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...

CVE-2024-54193

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix WARN in ivpuipcsendreceiveinternal Move pmruntimesetactive to ivpupminit so when ivpuipcsendreceiveinternal is executed before ivpupmenable it already has correct runtime state, even if last resume was not...

PT-2025-40087

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a flaw in the tcp bpf subsystem where sk msg free was not called when tcp bpf send verdict failed to allocate memory for psock-cork. This could lead to memory...

PT-2025-30872

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc6-syzkaller-00346-g5723cc3450bc Description A NULL pointer dereference issue exists in the vcc sendmsg function within the Linux kernel's atm subsystem. This occurs because atmarpd dev ops does not...

SUSE CVE-2024-56700

In the Linux kernel, the following vulnerability has been resolved: media: wl128x: Fix atomicity violation in fmcsendcmd Atomicity violation occurs when the fmcsendcmd function is executed simultaneously with the modification of the fmdev-respskb value. Consider a scenario where, after passing th...

AZL-55196 CVE-2024-56688 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...

UBUNTU-CVE-2024-56700

In the Linux kernel, the following vulnerability has been resolved: media: wl128x: Fix atomicity violation in fmcsendcmd Atomicity violation occurs when the fmcsendcmd function is executed simultaneously with the modification of the fmdev-respskb value. Consider a scenario where, after passing th...

DEBIAN-CVE-2024-56540

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose ivpusendreceiveinternal, which is...