PT-2025-45093

Name of the Vulnerable Software and Affected Versions KiotViet Sync plugin for WordPress versions up to and including 1.8.5 Description The KiotViet Sync plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check within the saveConfig function...

WordPress plugin KiotViet Sync 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blogging sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

WordPress plugin KiotViet Sync 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blogging sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989879)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989879 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520wdt: Fix possible use-after-free in wdtturnoff This module's remove path calls...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988987 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf/syncfile: Don't leak fences on merge failure Each addfence call does a dmafenceget on the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989139)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989139 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer lis...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989320)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989320 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciqca: Use deltimersync before freeing While looking at a crash report on a timer lis...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989298)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989298 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling deltimersync This driver's remove path calls...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989949)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989949 advisory. In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: avoid null dereference in deinit If venusprobe fails at pmruntimeputsync the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989053)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989053 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: quota: fix loop condition at f2fsquotasync cnt should be passed to sbhasquotaactive instead...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988826)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988826 advisory. In the Linux kernel, the following vulnerability has been resolved: ath11k: mhi: use mhisyncpowerup If amss.bin was missing ath11k would crash during 'rmmod...

PT-2025-45094

Name of the Vulnerable Software and Affected Versions KiotViet Sync plugin for WordPress versions up to and including 1.8.5 Description The KiotViet Sync plugin for WordPress is susceptible to authorization bypass. This is caused by the use of a hardcoded password for authentication within the...

WordPress plugin KiotViet Sync 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin KiotViet Sync, which ste...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988909 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: usb: host: Fix deadlock in oxubussuspend There is a deadlock in oxubussuspend, which is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989610 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix null ptr deref on hcisyncconncompleteevt This event is just specified for SCO and...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989755 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADFDEVRESETSYNC memory leak Using completiondone to determine whether the calle...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989127)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989127 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: nicstar: Fix possible use-after-free in nicstarcleanup This module's remove path calls...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989206)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989206 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix race at SNDCTLDSPSYNC There is a small race window at sndpcmosssync that is...

WordPress plugin KiotViet Sync 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin ... A code issue...

PT-2025-45092

Name of the Vulnerable Software and Affected Versions KiotViet Sync plugin for WordPress versions up to and including 1.8.5 Description The KiotViet Sync plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation within the create media function. This...