EUVD-2025-31841

The RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 6.0.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

Linux Distros Unpatched Vulnerability : CVE-2025-39910

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory usin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987141 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-404638)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-404638 advisory. In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpinfitctl Fix an issue detected by syzbot with KASAN:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986731)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986731 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Use VMMAP instead of VMALLOC for ringbuf After commit 2fd3fb0be1d1 kasan, vmalloc: unpoison...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987370)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987370 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int,...

PT-2025-49436

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's fbdev component related to insufficient bounds checking within the bit putcs function. This can lead to out-of-bounds writes when rendering text near...

EUVD-2025-22620

Malicious code in bioql PyPI...

EUVD-2022-55408

Malicious code in bioql PyPI...

EUVD-2025-26784

Malicious code in bioql PyPI...

CVE-2025-39891

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized in mwifiexinitchannelscangap with vmalloc, which doesn't zero out memory. The array is filled in mwifiexupdatechanstatistics and the...

CVE-2025-39910

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory using the hardcoded GFPKERNEL flag. This makes them inconsistent with...

mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()

...

PT-2025-47718

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s Network File System daemon NFSD related to the handling of NFSv4 COMPOUND operations. Specifically, a previous change removed a limit on the number of...

SUSE CVE-2025-39910

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory using the hardcoded GFPKERNEL flag. This makes them inconsistent with...

CVE-2025-39910

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory using the hardcoded GFPKERNEL flag. This makes them inconsistent with...

AZL-75122 CVE-2025-39891 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Initialize the chanstats array to zero The adapter-chanstats array is initialized in mwifiexinitchannelscangap with vmalloc, which doesn't zero out memory. The array is filled in mwifiexupdatechanstatistics and the...

UBUNTU-CVE-2025-39910

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory using the hardcoded GFPKERNEL flag. This makes them inconsistent with...

CVE-2025-39910 mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc, mm/kasan: respect gfp mask in kasanpopulatevmalloc kasanpopulatevmalloc and its helpers ignore the caller's gfpmask and always allocate memory using the hardcoded GFPKERNEL flag. This makes them inconsistent with...

CVE-2025-39910

CVE-2025-39910 affects the Linux kernel (mm/vmalloc, mm/kasan) where kasan_populate_vmalloc() and helpers ignore the caller’s GFP mask and always allocate with GFP_KERNEL, diverging from vmalloc() which supports GFP_NOFS/GFP_NOIO. Page table allocations during shadow population also ignore the ex...