| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Backup Bolt plugin for WordPress is vulnerable to arbitrary file downloads and backup location writes in all versions up to, and including, 1.4.1 via the process_backup_batch() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to download directories outside of the webroot and write backup zip files to arbitrary locations. |
| A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.1 ( 2025/07/09 ) and later |
| A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
and later |
| The Mobile Site Redirect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| A vulnerability in HCL HCL MyXalytics allows HTML InjectionThis issue affects HCL MyXalytics: 6.6. |
| An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.2 ( 2025/07/31 ) and later |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later |
| The Woo superb slideshow transition gallery with random effect plugin for WordPress is vulnerable to SQL Injection via the 'woo-superb-slideshow' shortcode in all versions up to, and including, 9.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. |
| The Restrict User Registration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the update() function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
| An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.0.1 ( 2025/07/09 ) and later |
| A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following versions:
QTS 5.2.6.3195 build 20250715 and later
QuTS hero h5.2.6.3195 build 20250715 and later |
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service. |
| A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. This affects an unknown part of the file /aloneReport/index.do/../../aloneReport/download.do;othersusrlogout.do. Performing manipulation of the argument fileName results in path traversal. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. |
| A vulnerability was determined in CmsEasy up to 7.7.7. This affects an unknown function in the library lib/inc/view.php of the component URL Handler. Executing manipulation of the argument PHP_SELF can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. |
| A vulnerability has been found in PHPGurukul Beauty Parlour Management System 1.1. The affected element is an unknown function of the file /admin/sales-reports-detail.php. Such manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. |
| In the Linux kernel, the following vulnerability has been resolved:
sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
With this refcnt added in sctp_stream_priorities, we don't need to
traverse all streams to check if the prio is used by other streams
when freeing one stream's prio in sctp_sched_prio_free_sid(). This
can avoid a nested loop (up to 65535 * 65535), which may cause a
stuck as Ying reported:
watchdog: BUG: soft lockup - CPU#23 stuck for 26s! [ksoftirqd/23:136]
Call Trace:
<TASK>
sctp_sched_prio_free_sid+0xab/0x100 [sctp]
sctp_stream_free_ext+0x64/0xa0 [sctp]
sctp_stream_free+0x31/0x50 [sctp]
sctp_association_free+0xa5/0x200 [sctp]
Note that it doesn't need to use refcount_t type for this counter,
as its accessing is always protected under the sock lock.
v1->v2:
- add a check in sctp_sched_prio_set to avoid the possible prio_head
refcnt overflow. |
| In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: mcs: Fix NULL pointer dereferences
When system is rebooted after creating macsec interface
below NULL pointer dereference crashes occurred. This
patch fixes those crashes by using correct order of teardown
[ 3324.406942] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
[ 3324.415726] Mem abort info:
[ 3324.418510] ESR = 0x96000006
[ 3324.421557] EC = 0x25: DABT (current EL), IL = 32 bits
[ 3324.426865] SET = 0, FnV = 0
[ 3324.429913] EA = 0, S1PTW = 0
[ 3324.433047] Data abort info:
[ 3324.435921] ISV = 0, ISS = 0x00000006
[ 3324.439748] CM = 0, WnR = 0
....
[ 3324.575915] Call trace:
[ 3324.578353] cn10k_mdo_del_secy+0x24/0x180
[ 3324.582440] macsec_common_dellink+0xec/0x120
[ 3324.586788] macsec_notify+0x17c/0x1c0
[ 3324.590529] raw_notifier_call_chain+0x50/0x70
[ 3324.594965] call_netdevice_notifiers_info+0x34/0x7c
[ 3324.599921] rollback_registered_many+0x354/0x5bc
[ 3324.604616] unregister_netdevice_queue+0x88/0x10c
[ 3324.609399] unregister_netdev+0x20/0x30
[ 3324.613313] otx2_remove+0x8c/0x310
[ 3324.616794] pci_device_shutdown+0x30/0x70
[ 3324.620882] device_shutdown+0x11c/0x204
[ 966.664930] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
[ 966.673712] Mem abort info:
[ 966.676497] ESR = 0x96000006
[ 966.679543] EC = 0x25: DABT (current EL), IL = 32 bits
[ 966.684848] SET = 0, FnV = 0
[ 966.687895] EA = 0, S1PTW = 0
[ 966.691028] Data abort info:
[ 966.693900] ISV = 0, ISS = 0x00000006
[ 966.697729] CM = 0, WnR = 0
[ 966.833467] Call trace:
[ 966.835904] cn10k_mdo_stop+0x20/0xa0
[ 966.839557] macsec_dev_stop+0xe8/0x11c
[ 966.843384] __dev_close_many+0xbc/0x140
[ 966.847298] dev_close_many+0x84/0x120
[ 966.851039] rollback_registered_many+0x114/0x5bc
[ 966.855735] unregister_netdevice_many.part.0+0x14/0xa0
[ 966.860952] unregister_netdevice_many+0x18/0x24
[ 966.865560] macsec_notify+0x1ac/0x1c0
[ 966.869303] raw_notifier_call_chain+0x50/0x70
[ 966.873738] call_netdevice_notifiers_info+0x34/0x7c
[ 966.878694] rollback_registered_many+0x354/0x5bc
[ 966.883390] unregister_netdevice_queue+0x88/0x10c
[ 966.888173] unregister_netdev+0x20/0x30
[ 966.892090] otx2_remove+0x8c/0x310
[ 966.895571] pci_device_shutdown+0x30/0x70
[ 966.899660] device_shutdown+0x11c/0x204
[ 966.903574] __do_sys_reboot+0x208/0x290
[ 966.907487] __arm64_sys_reboot+0x20/0x30
[ 966.911489] el0_svc_handler+0x80/0x1c0
[ 966.915316] el0_svc+0x8/0x180
[ 966.918362] Code: f9400000 f9400a64 91220014 f94b3403 (f9400060)
[ 966.924448] ---[ end trace 341778e799c3d8d7 ]--- |
