3223 matches found
CVE-2025-27466
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. There are multiple issues related to the handling and accessing of guest memory pages in the viridian code: 1. A NULL pointer dereference in the updating of the reference...
CVE-2025-8445
The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'countdownlabel' Parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
CVE-2025-8445 Countdown Timer for Elementor <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'countdown_label'
The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'countdownlabel' Parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-8445
CVE-2025-8445 concerns the Countdown Timer for Elementor plugin (WordPress). The vulnerability is a Stored Cross-Site Scripting flaw exploitable via the countdown_label parameter in all versions up to and including 1.3.9. It requires authenticated access at Contributor level or higher and could a...
CVE-2025-8445 Countdown Timer for Elementor <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'countdown_label'
The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'countdownlabel' Parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
WordPress Countdown Timer for Elementor plugin <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'countdown_label' vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'countdownlabel' vulnerability discovered by zer0gh0st in WordPress Plugin Countdown Timer for Elementor versions = 1.3.9...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
PT-2025-37223
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.15.8 Description: A flaw exists in the Linux kernel's ALSA timer functionality. Specifically, within the snd utimer create function, a potential issue arises if the kasprintf function returns NULL. This can le...
PT-2025-37131
The Countdown Timer for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'countdown label' Parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Countdown Timer for Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Xen 安全漏洞
Xen is an open source virtual machine monitor product from Xen Open Source. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. A security vulnerability exists in Xen that stems from...
RHEL 9 : kernel (RHSA-2025:15661)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15661 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...
kernel: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handleposixcputimers may run concurrently with posixcputimerdel on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their...