Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the lack of null pointer checking in the ipisendverify function, which could lead to null pointer dereferencing...

Linux Distros Unpatched Vulnerability : CVE-2023-53218

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Make it so that a waiting process can be aborted When sendmsg creates an rxrpc call, it queues it to wait for a connection and channel to be assigned and...

AZL-71227 CVE-2023-53218 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Make it so that a waiting process can be aborted When sendmsg creates an rxrpc call, it queues it to wait for a connection and channel to be assigned and then waits before it can start shovelling data as the encrypted DATA...

UBUNTU-CVE-2023-53240

In the Linux kernel, the following vulnerability has been resolved: xsk: check IFFUP earlier in Tx path Xsk Tx can be triggered via either sendmsg or poll syscalls. These two paths share a call to common function xskxmit which has two sanity checks within. A pseudo code example to show the two...

UBUNTU-CVE-2023-53218

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Make it so that a waiting process can be aborted When sendmsg creates an rxrpc call, it queues it to wait for a connection and channel to be assigned and then waits before it can start shovelling data as the encrypted DATA...

CVE-2023-53240

The CVE-2023-53240 issue concerns the Linux kernel’s xsk path. If a napi id is marked on an interface not brought up, xsk_sendmsg /xsk_poll can call xsk_xmit(), which may dereference a NULL pointers to xs->dev when IFF_UP is not set, causing a kernel NULL pointer dereference. The fix restructu...

PT-2025-37681

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability exists in the Linux kernel related to the xsk socket kernel functionality. Specifically, the issue involves a potential NULL pointer dereference in the xsk transmit Tx pa...

PT-2025-37597

In the Linux kernel, the following vulnerability has been resolved: io uring/msg ring: Fix NULL pointer dereference in io msg send fd Syzkaller produced the below call trace: BUG: KASAN: null-ptr-deref in io msg ring+0x3cb/0x9f0 Write of size 8 at addr 0000000000000070 by task repro/16399 CPU: 0...

CVE-2025-8422

The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the sendemail function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which...

SUSE CVE-2025-39758

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siwtcpsendpages Ever since commit c2ff29e99a76 "siw: Inline dotcpsendpages", we have been doing this: static int siwtcpsendpagesstruct socket s, struct page page, int offset, sizet size ......

CVE-2025-8422

The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the sendemail function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which...

CVE-2025-8422 Propovoice <= 1.7.6.7 - Unauthenticated Arbitrary File Read

The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.7.6.7 via the sendemail function. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which...

WordPress plugin Propovoice 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates from an incorrect setting of the send size in the siwtcpsendpages function, which could result in incomplete...

Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks

Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241% from June to August 2025, dwarfin...

RockyLinux 8 : kernel (RLSA-2025:13589)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:13589 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. The kernel packages contain the Linux kernel, the core of any Linu...

CVE-2025-48539

In SendPacketToPeer of aclarbiter.cc, there is a possible out of bounds read due to a use after free. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2025-39704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in...

SUSE CVE-2025-39704

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

DEBIAN-CVE-2025-39704

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...