EUVD-2023-60325

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in hidpsessionthread that may lead to use-after-free. For instance, the timer is active while hidpdeltimer is called in hidpsessionthread. Aft...

CVE-2025-68570

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through = 3.2.2...

CVE-2023-54120

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in hidpsessionthread that may lead to use-after-free. For instance, the timer is active while hidpdeltimer is called in hidpsessionthread. Aft...

UBUNTU-CVE-2025-68748

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...

CVE-2025-68748

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...

CVE-2025-68570 WordPress Captivate Sync plugin <= 3.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through = 3.2.2...

CVE-2025-68570

Public technical details for CVE-2025-68570 are not provided in the supplied documents. No confirmed affected version, root cause, impact, or fix is disclosed here. Monitor vendor advisories and vulnerability databases for updates.

CVE-2025-68570 WordPress Captivate Sync plugin <= 3.2.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through = 3.2.2...

CVE-2023-54120

CVE-2023-54120 concerns a race condition in the Linux kernel Bluetooth HIDP subsystem, where the hidp_session_thread may delay timer deletion leading to a use-after-free if the session is freed during timer expiry. The described vulnerability manifests as a potential kernel panic when hidp_idle_t...

CVE-2025-68748 drm/panthor: Fix UAF race between device unplug and FW event processing

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...

CVE-2025-68748

CVE-2025-68748 concerns a Linux kernel UAF race in the DRM panthor component, where panthor_fw_unplug() frees FW memory while pending FW events may still be handled, leading to use-after-free. The fix, as described in the connected sources, is to call disable_work_sync() to drain and prevent furt...

WordPress plugin Captivate Sync 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...

PT-2025-53258

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in captivateaudio Captivate Sync captivatesync-trade allows Blind SQL Injection.This issue affects Captivate Sync: from n/a through = 3.2.2...

PT-2025-52925

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition existed between the host1x syncpt alloc and host1x syncpt put functions. The issue was addressed by utilizing kref put mutex instead of kref put combined with manual mut...

Linux Distros Unpatched Vulnerability : CVE-2025-68748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there...

WordPress Captivate Sync plugin <= 3.2.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by w41bu1 in WordPress Plugin Captivate Sync versions = 3.2.2...

UBUNTU-CVE-2025-68324

In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'immtq' is initialized in immattach and scheduled via immqueuecommand for processing SCSI commands. When the IMM parallel port SCSI host...

CVE-2025-68324

In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The delayed work item 'immtq' is initialized in immattach and scheduled via immqueuecommand for processing SCSI commands. When the IMM parallel port SCSI host...

Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgraded to 13.23: CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: Use...

SUSE-SU-2025:4486-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgraded to 13.23: - CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS bsc1253332 - CVE-2025-12818: Fixed integer overflow in allocation-size calculations within libpq bsc1253333 Other fixes: - Use...