Latest CVE Feed
-
0.0
NACVE-2025-39958
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default ... Read more
Affected Products : linux_kernel- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Misconfiguration
-
9.8
CRITICALCVE-2025-10586
The Community Events plugin for WordPress is vulnerable to SQL Injection via the ‘event_venue’ parameter in all versions up to, and including, 1.5.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the exis... Read more
Affected Products : community_events- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Injection
-
0.0
NACVE-2025-39960
In the Linux kernel, the following vulnerability has been resolved: gpiolib: acpi: initialize acpi_gpio_info struct Since commit 7c010d463372 ("gpiolib: acpi: Make sure we fill struct acpi_gpio_info"), uninitialized acpi_gpio_info struct are passed to _... Read more
Affected Products : linux_kernel- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
-
5.4
MEDIUMCVE-2025-11166
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to, and including, 9.0.46. This is due to the plugin exposing state-changing REST actions through an AJAX bridge without pr... Read more
Affected Products : wp_go_maps- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Cross-Site Request Forgery
-
1.0
LOWCVE-2025-32916
Potential use of sensitive information in GET requests in Checkmk GmbH's Checkmk versions <2.4.0p13, <2.3.0p38, <2.2.0p46, and 2.1.0 (EOL) may cause sensitive form data to be included in URL query parameters, which may be logged in various places such as ... Read more
Affected Products : checkmk- Published: Oct. 09, 2025
- Modified: Oct. 09, 2025
- Vuln Type: Information Disclosure