Latest CVE Feed
-
0.0
NACVE-2025-39956
In the Linux kernel, the following vulnerability has been resolved: igc: don't fail igc_probe() on LED setup error When igc_led_setup() fails, igc_probe() fails and triggers kernel panic in free_netdev() since unregister_netdev() is not called. [1] This... Read more
Affected Products : linux_kernel- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Misconfiguration
-
8.8
HIGHCVE-2025-10240
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.... Read more
Affected Products : flowmon- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Cross-Site Request Forgery
-
6.5
MEDIUMCVE-2025-10249
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions in all versions up to, and including, 6.7.37. This makes it possible for authenticated attacker... Read more
Affected Products : slider_revolution- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Authorization
-
7.2
HIGHCVE-2025-10239
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes... Read more
Affected Products : flowmon- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39958
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default ... Read more
Affected Products : linux_kernel- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39955
In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot reported the splat below where a socket had tcp_sk(sk)->fastopen_rsk in the TCP_ESTABLISHED state. [0] syzbot reused the... Read more
Affected Products : linux_kernel- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-39961
In the Linux kernel, the following vulnerability has been resolved: iommu/amd/pgtbl: Fix possible race while increase page table level The AMD IOMMU host page table implementation supports dynamic page table levels (up to 6 levels), starting with a 3-le... Read more
Affected Products : linux_kernel- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Race Condition
-
6.4
MEDIUMCVE-2025-9371
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘page_title’ parameter in all versions up to, and including, 28.1.6 due to insufficient input sanitization and output escaping of theme breadcrumbs. This makes it possibl... Read more
Affected Products : betheme- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Cross-Site Scripting
-
1.0
LOWCVE-2025-32916
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions <2.4.0p13, <2.3.0p38, <2.2.0p46, and 2.1.0 (EOL) may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as ... Read more
Affected Products : checkmk- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Information Disclosure