PT-2025-8210 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the f2fs file system. The issue is caused by a loop condition in the f2fs quota sync function, where the cnt variable...

WordPress plugin Post Sync 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

DEBIAN-CVE-2025-26601

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

AZL-57295 CVE-2025-26601 affecting package xorg-x11-server 1.20.10-6

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

CVE-2025-26601 Xorg: xwayland: use-after-free in syncinittrigger()

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

CVE-2025-26601

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

UBUNTU-CVE-2025-26601

A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger is called. If one of the changes triggers an error, the function will return...

Vulnerabilities of components of the Linux operating system’s kernel, which allow a hacker to cause a service failure

The vulnerability of the Linux operating system’s kernel components relates to the absence of memory release after the effective service life in the function ssamrequestsync. Exploiting this vulnerability can allow an attacker to cause a service failure...

IBM Security Verify Bridge和IBM Security Verify Gateway 日志信息泄露漏洞

IBM Security Verify Bridge and IBM Security Verify Gateway are both products of International Business Machines IBM, U.S.A. IBM Security Verify Bridge is an IBM application component. Provides IBM Cloud access to user attributes and authentication that are controlled by the customer's local LDAP ...

IBM Security Verify Bridge和IBM Security Verify Gateway 安全漏洞

IBM Security Verify Bridge and IBM Security Verify Gateway are both products of International Business Machines IBM, U.S.A. IBM Security Verify Bridge is an IBM application component. It provides IBM Cloud access to user attributes and authentication that are controlled by the customer's local LD...

PT-2025-7418 · Ibm · Ibm Security Verify Gateway For Windows Login +2

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Bridge Directory Sync versions 1.0.1 through 1.0.12 IBM Security Verify Gateway for Windows Login versions 1.0.1 through 1.0.10 IBM Security Verify Gateway for Radius versions 1.0.1 through 1.0.11 Description: The issue...

Netscaler VPX : NTP_Sync Failing even after ntp process restart

Netscaler VPX is configured with NTP sync to pool.ntp.org or any NTP server, but the NTP sync does not work even after disabling and enabling NTP sync and also restarting the NTP process...

CVE-2024-13535 Actionwear products sync <= 2.3.2 - Unauthenticated Full Patch Disclosure

The Actionwear products sync plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.3.2. This is due the composer-setup.php file being publicly accessible with 'displayerrors' set to true. This makes it possible for unauthenticated attackers to retrieve...

WordPress plugin Actionwear products sync 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-6562 · WordPress · Actionwear Products Sync Plugin

Name of the Vulnerable Software and Affected Versions: Actionwear products sync plugin for WordPress versions up to, and including, 2.3.0 Description: The issue is due to the composer-setup.php file being publicly accessible with display errors set to true, allowing unauthenticated attackers to...

WordPress Actionwear products sync plugin <= 2.3.0 - Unauthenticated Full Patch Disclosure vulnerability

Unauthenticated Full Patch Disclosure vulnerability discovered by stealthcopter in WordPress Plugin Actionwear products sync versions = 2.3.0...

CVE-2025-24903

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

CVE-2025-24903

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

CVE-2025-24903 libsignal-service-rs Doesn't Check Origin of Sync Messages

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...

CVE-2025-24903 libsignal-service-rs Doesn't Check Origin of Sync Messages

libsignal-service-rs is a Rust version of the libsignal-service-java library which implements the core functionality to communicate with Signal servers. Prior to commit 82d70f6720e762898f34ae76b0894b0297d9b2f8, any contact may forge a sync message, impersonating another device of the local user...