6841 matches found
CVE-2025-40293
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...
DEBIAN-CVE-2025-40293
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...
UBUNTU-CVE-2025-40293
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...
CVE-2025-40293
CVE-2025-40293 : Linux kernel iommufd had a division-by-zero risk when calculating dirty-tracking bitmap indices if pgshift == 63, caused by an overflow in computing BITS_PER_TYPE(*bitmap->bitmap) * pgsize. The fix reorganizes the division to divide by shift instead of overflowing, preventing ...
CVE-2025-40293 iommufd: Don't overflow during division for dirty tracking
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...
CVE-2025-40293 iommufd: Don't overflow during division for dirty tracking
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...
CVE-2025-40293
In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...
PT-2025-49426
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s iommufd component related to handling dirty tracking. Specifically, a division by zero can occur when pgshift is 63, resulting from an integer overflo...
Privacy Practices of Browser Agents
This paper presents a systematic evaluation of the privacy behaviors and attributes of eight recent, popular browser agents. Browser agents are software that automate Web browsing using large language models and ancillary tooling. However, the automated capabilities that make browser agents...
CVE-2025-12133
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxeprolodeletetracking and wpajaxeprolosavetrackingdata AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for authenticated...
CVE-2025-12133
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxeprolodeletetracking and wpajaxeprolosavetrackingdata AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for authenticated...
EUVD-2025-201370
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxeprolodeletetracking and wpajaxeprolosavetrackingdata AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for authenticated...
CVE-2025-12133
CVE-2025-12133 affects the EPROLO Dropshipping plugin for WordPress (versions up to 2.3.1). The issue is a missing capability check on two AJAX endpoints (wp_ajax_eprolo_delete_tracking and wp_ajax_eprolo_save_tracking_data), allowing authenticated users with Subscriber+ privileges to modify or d...
CVE-2025-12133 EPROLO Dropshipping <= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) Tracking Data Modification
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxeprolodeletetracking and wpajaxeprolosavetrackingdata AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for authenticated...
CVE-2025-12133 EPROLO Dropshipping <= 2.3.1 - Missing Authorization to Authenticated (Subscriber+) Tracking Data Modification
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpajaxeprolodeletetracking and wpajaxeprolosavetrackingdata AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for authenticated...
WordPress plugin EPROLO Dropshipping 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2025-49201
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wp ajax eprolo delete tracking and wp ajax eprolo save tracking data AJAX endpoints in all versions up to, and including, 2.3.1. This makes it possible for...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65959 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65959 Source advisory: SNYK:PYTHON-OPENWEBUI-14189879...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65958 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65958 Source advisory: SNYK:PYTHON-OPENWEBUI-14190245...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65958 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65958 Source advisory: OSV:GHSA-C6XV-RCVW-V685...