UBUNTU-CVE-2025-68177

In the Linux kernel, the following vulnerability has been resolved: cpufreq/longhaul: handle NULL policy in longhaulexit longhaulexit was calling cpufreqcpuget0 without checking for a NULL policy pointer. On some systems, this could lead to a NULL dereference and a kernel warning or panic. This...

EUVD-2025-94427

Malicious code in unlikelywildebeestz3n npm...

EUVD-2025-88196

Malicious code in unlikelyjunglefowlz3n npm...

EUVD-2025-77482

Malicious code in unlikelyantfuchsia-80 npm...

EUVD-2025-73126

Malicious code in unlikelyurialz3n npm...

EUVD-2025-73127

Malicious code in unlikelymitez3n npm...

EUVD-2025-73128

Malicious code in unlikelylynxz3n npm...

EUVD-2025-51325

Malicious code in unlikely-cyan-tiglon npm...

EUVD-2025-51324

Malicious code in unlikely-emerald-caribou npm...

EUVD-2025-51323

Malicious code in unlikely-plum-dingo npm...

EUVD-2025-51326

Malicious code in unlikely-coral-bird npm...

EUVD-2022-1773

Malicious code in bioql PyPI...

WordPress WS Theme Addons plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ws_weather Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wsweather Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin WS Theme Addons versions = 2.0.0...

WordPress ShortcodeHub plugin <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via author_link_target Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via authorlinktarget Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin ShortcodeHub - MultiPurpose Shortcode Builder versions = 1.7.1...

tomcat: Apache Tomcat denial of service

A denial of service flaw was found in Apache Tomcat. For some unlikely configurations of multipart upload, an integer overflow vulnerability may lead to a denial of service via bypassing size limits...

Linux Distros Unpatched Vulnerability : CVE-2022-24903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...

WordPress Modernize Theme <= 3.4.0 is vulnerable to Broken Access Control

Software Modernize Type Theme Vulnerable versions = 3.4.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2025-53343 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b7dbe31498eb Credits Ananda Dhakal Patchstack Required...

WordPress Wp chart generator plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpchart Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wpchart Shortcode vulnerability discovered by muhammad yudha in WordPress Plugin Wp chart generator versions = 1.0.4...

WordPress Save as PDF plugin by Pdfcrowd Plugin <= 4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Save as PDF plugin by Pdfcrowd Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10891 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bc2c8b0bae5b Credits Peter...

WordPress Kognetiks Chatbot for WordPress Plugin <= 2.1.7 is vulnerable to Broken Access Control

Software Kognetiks Chatbot for WordPress Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10530 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 918318d433d6 Credits Tieu Pham Tro...