CVE-2025-38119 scsi: core: ufs: Fix a hang in the error handler

In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...

CVE-2025-52886

CVE-2025-52886 – Poppler : In Poppler versions prior to 25.06.0, reference counting uses 32-bit std::atomic_int, which can overflow and cause a use-after-free. The issue is fixed in version 25.06.0 (upgrade to >=25.06.0). No exploitation details are provided beyond that, and the documents do n...

CVE-2025-53100 RestDB's Codehooks.io MCP Server Vulnerable to Command Injection

RestDB's Codehooks.io MCP Server is an MCP server on the Codehooks.io platform. Prior to version 0.2.2, the MCP server is written in a way that is vulnerable to command injection attacks as part of some of its MCP Server tools definition and implementation. This could result in a user initiated...

WordPress CMSMasters Content Composer plugin < 2.5.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin CMSMasters Content Composer versions 2.5.7...

CVE-2024-46993 Electron Vulnerable to Heap Buffer Overflow in NativeImage::CreateFromPath

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath and nativeImage.createFromBuffer functions call a function downstream that is vulnerable to a heap...

CVE-2025-53095 Sunshine application-wide CSRF in the UI leads to command injection as Administrator

Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery CSRF attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can...

CVE-2025-52901 File Browser allows sensitive data to be transferred in URL

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.33.9, access tokens are used as GET parameters. The JSON Web Token JWT which is used as a session identifier will get leaked to...

PT-2025-27288 · WordPress · Pt Project Notebooks

Name of the Vulnerable Software and Affected Versions: PT Project Notebooks plugin for WordPress versions 1.0.0 through 1.1.3 Description: The issue is related to missing authorization in the wpnb pto new users add function, which allows unauthenticated attackers to elevate their privileges to th...

HKUDS LightRAG allows Path Traversal via function upload_to_input_dir

A vulnerability was found in HKUDS LightRAG up to 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadtoinputdir of the file lightrag/api/routers/documentroutes.py of the component File Upload. The manipulation of the argument file.filename leads to path...

GHSA-5VJ6-WJR7-5V9F n8n allows open redirects via the /signin endpoint

Impact This is an Open Redirect CWE-601 vulnerability in the login flow of n8n. Authenticated users can be redirected to untrusted, attacker-controlled domains after logging in, by crafting malicious URLs with a misleading redirect query parameter. This may lead to: - Phishing attacks by...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses serialize-javascript-4.0.0.tgz which is vulnerable to CVE-2024-47554

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses serialize-javascript-4.0.0.tgz which is vulnerable to CVE-2024-47554. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-11831 DESCRIPTION: A flaw was...

Ubuntu: Security Advisory (USN-7594-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress DWT - Directory & Listing Theme <= 3.3.6 is vulnerable to Privilege Escalation

Software DWT - Directory & Listing Type Theme Vulnerable versions = 3.3.6 Fixed in 3.3.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2024-12827 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID c0ebe5820838 Credit...

WordPress TimeZoneCalculator plugin <= 3.37 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin TimeZoneCalculator versions = 3.37...

GHSA-65GG-3W2W-HR4H Podman Improper Certificate Validation; machine missing TLS verification

Impact The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry which it does by default since 5.0.0 allowing a possible Man In The Middle attack. Patches...

Podman Improper Certificate Validation; machine missing TLS verification

Impact The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry which it does by default since 5.0.0 allowing a possible Man In The Middle attack. Patches...

CVE-2025-52894 OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 allowed an attacker to perform unauthenticated, unaudited cancellation of root rekey and recovery rekey operations, effecting a denial of...

CVE-2025-52894

CVE-2025-52894 affects OpenBao prior to v2.3.0, where an unauthenticated, unaudited cancellation of root rekey and recovery rekey operations could cause a denial of service. In OpenBao v2.2.0 and later, operators can disable the unauthed rekey endpoints on global listeners by setting disable_unau...

PT-2025-26876 · Totolink · Totolink Ca300-Poe

Name of the Vulnerable Software and Affected Versions: TOTOLINK CA300-PoE version 6.2c.884 Description: A critical issue affects the setUpgradeUboot function of the upgrade.so file, allowing os command injection through the manipulation of the FileName argument. This can be exploited remotely...

CVE-2025-49147 Umbraco.Cms Vulnerable to Disclosure of Configured Password Requirements

Umbraco, a free and open source .NET content management system, has a vulnerability in versions 10.0.0 through 10.8.10 and 13.0.0 through 13.9.1. Via a request to an anonymously authenticated endpoint it's possible to retrieve information about the configured password requirements. The informatio...