|
301
|
5.4 |
MEDIUM
Network
|
motopress
|
stratum
|
The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Hotspot widget in all versions up to, and including, 1.4.7 due to insufficient…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-13642
|
2025-02-5 01:00 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302
|
6.1 |
MEDIUM
Network
|
metagauss
|
registrationmagic
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss User Registration Forms RegistrationMagic allows Reflected XSS. This issue affects Regi…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2025-24686
|
2025-02-5 00:51 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vsock/virtio: discard packets if the transport changes
If the socket has been de-assigned or assigned to another transport,
we mu…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21669
|
2025-02-5 00:38 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
vsock/bpf: return early if transport is not assigned
Some of the core functions can only be called if the transport
has been assi…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21670
|
2025-02-5 00:37 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
zram: fix potential UAF of zram table
If zram_meta_alloc failed early, it frees allocated zram->table without
setting it NULL. W…
Update
|
CWE-416
Use After Free
|
CVE-2025-21671
|
2025-02-5 00:36 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix double free of TCP_Server_Info::hostname
When shutting down the server in cifs_put_tcp_session(), cifsd thread
m…
Update
|
CWE-415
Double Free
|
CVE-2025-21673
|
2025-02-5 00:33 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
Attempt to enable IPsec packet offload in tunnel mode in …
Update
|
CWE-667
Improper Locking
|
CVE-2025-21674
|
2025-02-5 00:31 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5: Clear port select structure when fail to create
Clear the port select structure on error so no stale values left after
…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21675
|
2025-02-5 00:30 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: fec: handle page_pool_dev_alloc_pages error
The fec_enet_update_cbd function calls page_pool_dev_alloc_pages but did
not han…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-21676
|
2025-02-5 00:29 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pktgen: Avoid out-of-bounds access in get_imix_entries
Passing a sufficient amount of imix entries leads to invalid access to the…
Update
|
CWE-129
Improper Validation of Array Index
|
CVE-2025-21680
|
2025-02-5 00:28 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
