CVE-2025-21662

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmdallocindex, fails cmdworkhandler needs to complete ent-slotted before returning early. Otherwise the task which issued the command may hang: mlx5core...

UBUNTU-CVE-2025-21662

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix variable not being completed when function returns When cmdallocindex, fails cmdworkhandler needs to complete ent-slotted before returning early. Otherwise the task which issued the command may hang: mlx5core...

CVE-2025-21662

CVE-2025-21662: In the Linux kernel, net/mlx5: Fix variable not being completed when function returns. The issue could cause a hang of the issuing task if cmd_alloc_index() fails and cmd_work_handler() does not complete ent->slotted before returning. Affected component is mlx5_core/mlx5e, with...

CVE-2025-21642

In the Linux kernel, the following vulnerability has been resolved: mptcp: sysctl: sched: avoid using current-nsproxy Using the 'net' structure via 'current' is not recommended for different reasons. First, if the goal is to use it to read or write per-netns data, this is inconsistent with how th...

CVE-2025-21651

In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: 16.324639 Call trace:...

CVE-2025-21633

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

UBUNTU-CVE-2025-21651

In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: 16.324639 Call trace:...

CVE-2025-21638 sctp: sysctl: auth_enable: avoid using current->nsproxy

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

CVE-2025-21633

...

PT-2025-4322 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the Linux kernel, specifically the mptcp subsystem and its handling of the blackhole timeout via sysctl. The problem arises from using the net structure via current,...

WordPress Accessibility Task Manager plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Accessibility Task Manager versions = 1.2.1...

PT-2025-3404 · 07Flycms · 07Flycms

Name of the Vulnerable Software and Affected Versions: 07FLYCMS version 1.3.9 Description: A Cross-Site Request Forgery CSRF issue was discovered in 07FLYCMS. The issue occurs via the "/erp.07fly.net:80/oa/OaTask/edit.html" API endpoint. Recommendations: For version 1.3.9, as a temporary...

DEBIAN-CVE-2024-57896

In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at closectree, we first stop the cleaner kthread, using kthreadstop which frees the associated taskstruct, and then stop...

PT-2025-7271 · Weeek · Weeek

Name of the Vulnerable Software and Affected Versions: WEEEK affected versions not specified Description: The issue is related to the lack of protection for the web page structure in the WEEEK task and project management service. This could allow a remote attacker to execute arbitrary JavaScript...

CVE-2025-0464

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be...

CVE-2025-0464

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be...

CVE-2025-0464 SourceCodester Task Reminder System Maintenance Section cross site scripting

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be...

CVE-2025-0464

SourceCodester Task Reminder System 1.0 is affected in the Maintenance Section. The vulnerability stems from the System Name parameter, enabling cross-site scripting (XSS). The attack can be launched remotely and the exploit has been disclosed publicly. Mitigation guidance available in connected ...

CVE-2025-0464 SourceCodester Task Reminder System Maintenance Section cross site scripting

A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Maintenance Section. The manipulation of the argument System Name leads to cross site scripting. The attack can be...

PT-2025-3900 · Sourcecodester · Sourcecodester Task Reminder System

Name of the Vulnerable Software and Affected Versions: SourceCodester Task Reminder System version 1.0 Description: A problem was found in the Maintenance Section component of the system, affecting an unknown functionality. The issue arises from the manipulation of the System Name argument, leadi...