5963 matches found
CVE-2025-40009
CVE-2025-40009 : In the Linux kernel, a null pointer dereference can occur in the PAGEMAP_SCAN path when vec_len = 0 is used. The root cause is an unchecked p->vec_buf in the PAGEMAP_SCAN flow, which leads to dereferencing NULL in pagemap_scan_backout_range(). The issue is fixed by explicitly ...
SUSE CVE-2025-39977
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...
CVE-2025-10056
The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...
SUSE-SU-2025:20851-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. - CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabl...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled...
EUVD-2025-34595
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...
CVE-2025-10056
The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...
CVE-2025-10056
CVE-2025-10056 concerns the WordPress Task Scheduler plugin. Wordfence reports a Server-Side Request Forgery (SSRF) in all versions up to and including 1.6.3, exploitable via the Check Website task. The vulnerability requires authenticated access at Administrator level or higher, and an attacker ...
CVE-2025-10056 Task Scheduler <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery
The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...
EUVD-2025-34539
The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...
CVE-2025-10056 Task Scheduler <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery
The Task Scheduler plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.3 via the “Check Website” task. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations...
CVE-2025-39977
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...
UBUNTU-CVE-2025-39977
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...
CVE-2025-39977
Summary (CVE-2025-39977): The Linux kernel fixes a race in futex_wait_requeue_pi that could enable a use-after-free of futex_q during requeue-PI wakeups. The issue arises when T1 is woken and the code path can leave futex_wait_requeue_pi() without using futex_q::lock_ptr for synchronization. The ...
CVE-2025-39977 futex: Prevent use-after-free during requeue-PI
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...
CVE-2025-39977 futex: Prevent use-after-free during requeue-PI
In the Linux kernel, the following vulnerability has been resolved: futex: Prevent use-after-free during requeue-PI syzbot managed to trigger the following race: T1 T2 futexwaitrequeuepi futexdowait schedule futexrequeue futexproxytrylockatomic futexrequeuepiprepare requeuepiwakefutex...
WordPress Task Scheduler plugin <= 1.6.3 - Authenticated (Admin+) Blind Server-Side Request Forgery vulnerability
Authenticated Admin+ Blind Server-Side Request Forgery vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Task Scheduler versions = 1.6.3...
WordPress plugin Task Scheduler 代码问题漏洞
WordPress Task Scheduler plugin is mainly used to manage and optimize the timed tasks in WordPress such as update checking, cache cleaning, etc., common plugins include WP-Crontrol and WPCron. WordPress Task Scheduler plugin has a server-side request forgery vulnerability, the vulnerability stems...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Revert "riscv: Define TASKSIZEMAX for accessok" This reverts commit ad5643cf2f69 "riscv: Define TASKSIZEMAX for accessok". This commit changes TASKSIZEMAX to be LONGMAX to optimize accessok, because the previous TASKSIZEMAX defau...
CVE-2025-11652
A vulnerability was found in UTT 进取 518G up to V3v3.2.7-210919-161313. This issue affects some unknown processing of the file /goform/formTaskEditap. The manipulation of the argument txtMin2 results in buffer overflow. The attack may be performed from remote. The exploit has been made public and...