CVE-2025-9632 PhpList Subber <= 1.1 - Cross-Site Request Forgery

The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the bulkactionhandler function. This makes it possible for unauthenticated attackers to trigger bulk synchronizati...

SUSE CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table used in another process in...

PT-2025-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when...

UBUNTU-CVE-2025-39691

In the Linux kernel, the following vulnerability has been resolved: fs/buffer: fix use-after-free when call bhread helper There's issue as follows: BUG: KASAN: stack-out-of-bounds in endbufferreadsync+0xe3/0x110 Read of size 8 at addr ffffc9000168f7f8 by task swapper/3/0 CPU: 3 UID: 0 PID: 0 Comm...

MAL-2025-45727 Malicious code in quasarjet-gridsome-greatfilter-sync (npm)

The package quasarjet-gridsome-greatfilter-sync was found to contain malicious code...

MAL-2025-44709 Malicious code in iota-sync-json-andromeda (npm)

The package iota-sync-json-andromeda was found to contain malicious code...

MAL-2025-46242 Malicious code in taurus-babel-betelgeuse-sync (npm)

The package taurus-babel-betelgeuse-sync was found to contain malicious code...

MAL-2025-44128 Malicious code in element-ui-public-publish-sync (npm)

The package element-ui-public-publish-sync was found to contain malicious code...

MAL-2025-44171 Malicious code in eslint-plugin-gridsome-zenobia-sync (npm)

The package eslint-plugin-gridsome-zenobia-sync was found to contain malicious code...

Malicious code in hydra-gatsby-fomalhaut-sync (npm)

The package hydra-gatsby-fomalhaut-sync was found to contain malicious code...

Malicious code in taurus-babel-betelgeuse-sync (npm)

The package taurus-babel-betelgeuse-sync was found to contain malicious code...

Malicious code in element-ui-public-publish-sync (npm)

The package element-ui-public-publish-sync was found to contain malicious code...

Malicious code in quasarjet-gridsome-greatfilter-sync (npm)

The package quasarjet-gridsome-greatfilter-sync was found to contain malicious code...

MAL-2025-44754 Malicious code in janus-install-bunyan-sync (npm)

The package janus-install-bunyan-sync was found to contain malicious code...

Malicious code in eslint-plugin-gridsome-zenobia-sync (npm)

The package eslint-plugin-gridsome-zenobia-sync was found to contain malicious code...

Malicious code in spectron-webdriver-deimos-astro-sync (npm)

The package spectron-webdriver-deimos-astro-sync was found to contain malicious code...

MAL-2025-43978 Malicious code in despina-sync-forever-forever (npm)

The package despina-sync-forever-forever was found to contain malicious code...

Malicious code in despina-sync-forever-forever (npm)

The package despina-sync-forever-forever was found to contain malicious code...

Malicious code in iota-sync-json-andromeda (npm)

The package iota-sync-json-andromeda was found to contain malicious code...