CVE-2025-4810

A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboottime leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-4810

A vulnerability was found in Tenda AC7 15.03.06.44. It has been declared as critical. Affected by this vulnerability is the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument reboottime leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-4810

CVE-2025-4810 affects Tenda AC7 (firmware 15.03.06.44) with the vulnerability in the function formSetRebootTimer in /goform/SetRebootTimer. The argument reboot_time can overflow a stack-based buffer, enabling a remote attack. Public exploit disclosure is indicated. Documentation consistently spec...

USN-7510-1 linux, linux-gkeop, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

Tenda AC7 安全漏洞

Tenda AC7 is a wireless router from Tenda, a Chinese company. The Tenda AC7 suffers from a buffer overflow vulnerability, which originates from the parameter reboottime in the file /goform/SetRebootTimer that fails to correctly validate the length of the input data, and can be exploited by an...

CVE-2024-10631

The Countdown Timer for WordPress Block Editor WordPress plugin through 1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2024-10631

The Countdown Timer for WordPress Block Editor WordPress plugin through 1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2024-10631 Countdown Timer <= 1.0.5 - Contributor+ Stored XSS

The Countdown Timer for WordPress Block Editor WordPress plugin through 1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

CVE-2024-10631 Countdown Timer <= 1.0.5 - Contributor+ Stored XSS

The Countdown Timer for WordPress Block Editor WordPress plugin through 1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site...

WordPress plugin Countdown Timer for WordPress Block Editor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2025-21405 · WordPress · Countdown Timer For Wordpress Block Editor

Name of the Vulnerable Software and Affected Versions: Countdown Timer for WordPress Block Editor version 1.0.5 Description: The issue concerns the Countdown Timer for WordPress Block Editor plugin, which does not validate and escape some of its block options before outputting them back in a page...

kernel: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu

In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in modtimer / kvfreecallrcu KCSAN reports a data race when access the krcp-monitorwork.timer.expires variable in the scheduledelayedmonitorwork function: BUG: KCSAN: data-race in modtimer / kvfreecallrcu...

kernel: fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF

In the Linux kernel, the following vulnerability has been resolved: fscache: delete fscachecookielrutimer when fscache exits to avoid UAF The fscachecookielrutimer is initialized when the fscache module is inserted, but is not deleted when the fscache module is removed. If timerreduce is called...

kernel: ext4: fix timer use-after-free on failed mount

In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper The deltimersync function cancels the serrreport timer, which reminds about filesystem errors daily. We should guarantee the timer is ...

USN-7489-2 linux-realtime vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; CVE-2025-21813...

USN-7489-2: Linux kernel (Real-time) vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; CVE-2025-21813...

USN-7499-1: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter MANA driver; - Timer subsystem; CVE-2025-21813, CVE-2025-21953...

USN-7499-1 linux-azure, linux-azure-6.11 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter MANA driver; - Timer subsystem; CVE-2025-21813, CVE-2025-21953...

Ubuntu 24.04 LTS / 24.10 : Linux kernel (Azure) vulnerabilities (USN-7499-1)

The remote Ubuntu 24.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7499-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects...

USN-7491-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - USB Type-C Connector System Software Interface driver; - Timer subsystem; CVE-2025-21902, CVE-2025-21813...