WordPress Watu Quiz plugin <= 3.4.4 - Unauthenticated Stored Cross-Site Scripting via HTTP Referer vulnerability

Unauthenticated Stored Cross-Site Scripting via HTTP Referer vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Watu Quiz versions = 3.4.4...

Exploit for HTTP Request Smuggling in Microsoft

CVE-2025-55315 Vulnerability Scanner and TLS Proxy This repos...

EUVD-2025-35832

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...

AZL-68769 CVE-2025-40018 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...

CVE-2025-40018

The CVE-2025-40018 issue in the Linux kernel’s ipvs code (ip_vs_ftp) arose from unregistering ip_vs_ftp during netns cleanup before flushing connections, which could lead to use-after-free. The fix introduces a global exiting_module flag: ip_vs_ftp_exit() sets it true before unregistering the per...

CVE-2025-40018 ipvs: Defer ip_vs_ftp unregister during netns cleanup

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...

CVE-2025-40018

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers are flushed, leading to a use-after-free. Fix this by introducing a...

Juniper Junos OS Vulnerability (JSA103167)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103167 advisory. - An Authentication Bypass by Primary Weakness in the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write...

EUVD-2025-35671

An error-handling issue in the Moodle router r.php could cause the application to display internal directory listings when specific HTTP headers were not properly configured...

DEBIAN-CVE-2025-12105

A flaw was found in the asynchronous message queue handling of the libsoup library, widely used by GNOME and WebKit-based applications to manage HTTP/2 communications. When network operations are aborted at specific timing intervals, an internal message queue item may be freed twice due to missin...

Improper Input Validation

Hono is vulnerable to improper input validation. The vulnerability is due to a flaw in the bodyLimit middleware that prioritized the Content-Length header over Transfer-Encoding: chunked, which allows an attacker to bypass the configured request body size limit and potentially cause a denial of...

Ubuntu: Security Advisory (USN-7831-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2022-55052

In the Linux kernel, the following vulnerability has been resolved: spi: fsi: Implement a timeout for polling status The data transfer routines must poll the status register to determine when more data can be shifted in or out. If the hardware gets into a bad state, these polling loops may never...

USN-7835-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

USN-7835-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

Security Bulletin: Multiple vulnerabilities in IBM Aspera High-Speed Transfer Server, IBM Aspera High-Speed Transfer Endpoint and IBM Aspera Desktop Client.

Summary Multiple vulnerabilities were addressed in IBM Aspera High-Speed Transfer Server v4.4.7, IBM Aspera High-Speed Transfer Endpoint v4.4.7 and IBM Aspera Desktop Client v4.4.7. Vulnerability Details CVEID:CVE-2025-46818 DESCRIPTION: Redis is an open source, in-memory database that persists o...

CVE-2025-62525

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...

UBUNTU-CVE-2025-62525

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. This only effects the lantiq target supporting...

CVE-2025-60332

A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

USN-7835-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...