xorg: xwayland: Use-after-free in SyncInitTrigger()

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

xorg: xwayland: Use-after-free in SyncInitTrigger()

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

xorg: xwayland: Use-after-free in SyncInitTrigger()

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

CVE-2025-28892

Cross-Site Request Forgery CSRF vulnerability in a2rocklobster FTP Sync ftp-sync allows Stored XSS.This issue affects FTP Sync: from n/a through = 1.1.6...

QNAP Systems HBS 3 Hybrid Backup Sync Buffer Overflow Vulnerability

QNAP Systems HBS 3 Hybrid Backup Sync is a data management tool that integrates backup, restore and synchronization functions on Weilian's NAS devices, supporting local, remote and cloud storage backups and providing an efficient data protection solution. A buffer overflow vulnerability exists in...

CVE-2025-28892

Cross-Site Request Forgery CSRF vulnerability in a2rocklobster FTP Sync ftp-sync allows Stored XSS.This issue affects FTP Sync: from n/a through = 1.1.6...

CVE-2025-28892 WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in a2rocklobster FTP Sync ftp-sync allows Stored XSS.This issue affects FTP Sync: from n/a through = 1.1.6...

CVE-2025-28892 WordPress FTP Sync plugin <= 1.1.6 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in a2rocklobster FTP Sync ftp-sync allows Stored XSS.This issue affects FTP Sync: from n/a through = 1.1.6...

CVE-2025-28892

CVE-2025-28892 concerns the WordPress plugin FTP Sync (themes/plugins: FTP Sync – Theme, Media & Plugin Files) with a CSRF to Stored XSS vulnerability in versions up to 1.1.6. The entry states the flaw enables a stored cross‑site scripting via CSRF, affecting the plugin, and lists a CVSSv3.1 base...

WordPress plugin FTP Sync 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

xorg: xwayland: Use-after-free in SyncInitTrigger()

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

CVE-2024-53695

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

CVE-2024-53695

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

CVE-2024-53695

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

CVE-2024-53695 HBS 3 Hybrid Backup Sync

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

CVE-2024-53695 HBS 3 Hybrid Backup Sync

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup CVE-2024-39472 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...

CVE-2025-25119

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alejandro Aranda Woocommerce osCommerce Sync woo-oscommerce-sync allows Reflected XSS.This issue affects Woocommerce osCommerce Sync: from n/a through = 2.0.20...

Linux Distros Unpatched Vulnerability : CVE-2024-26758

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md: Don't ignore suspended array in mdcheckrecovery mddevsuspend never stop syncthread, hence it doesn't make sense to ignore suspended array in mdcheckrecover...

Linux Distros Unpatched Vulnerability : CVE-2024-26756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md: Don't register syncthread for reshape directly Currently, if reshape is interrupted, then reassemble the array will register syncthread directly from...