In the Linux kernel, the following vulnerability has been resolved: mptcp: fix TCP options overflow. Syzbot reported the following splat: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 1 UID: 0 PID: 5836 Comm: sshd Not tainted 6.13.0-rc3-syzkaller #0 Hardware name: Google […]
Malafide e-mail maakt remote code execution via Microsoft Outlook mogelijk Een kritieke kwetsbaarheid in Windows maakt remote code execution mogelijk als Outlook-gebruikers een speciaal geprepareerde e-mail openen of wanneer het bericht via de previewfunctie wordt weergegeve … Read more Published Date: Jan 15, 2025 (1 hour, 18 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-21298
Google Chrome fixes 16 flaws with the latest version Google has released version 132.0.6834.83/84 of its Chrome browser on January 14, 2025. This update addresses several critical security vulnerabilities to enhance the browser’s security and stability. … Read more Published Date: Jan 15, 2025 (1 hour, 36 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2025-0448 […]
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool Vulnerability / Software Update As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute a … Read more Published Date: Jan 15, 2025 (2 hours, 21 minutes ago) Vulnerabilities has been […]
CVE ID : CVE-2024-11851 Published : Jan. 15, 2025, 12:15 p.m. | 31 minutes ago Description : The NitroPack plugin for WordPress is vulnerable to unauthorized arbitrary transient update due to a missing capability check on the nitropack_rml_notification function in all versions up to, and including, 1.17.0. This makes it possible for authenticated attackers, with subscriber […]
CVE ID : CVE-2024-12593 Published : Jan. 15, 2025, 12:15 p.m. | 31 minutes ago Description : The PDF for WPForms + Drag and Drop Template Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s yeepdf_dotab shortcode in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output […]
CVE ID : CVE-2024-11848 Published : Jan. 15, 2025, 12:15 p.m. | 31 minutes ago Description : The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘nitropack_dismiss_notice_forever’ AJAX action in all versions up to, and including, 1.17.0. This makes it possible for authenticated attackers, with […]
The following table lists the changes that have been made to the CVE-2025-0448 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 15, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-0446 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 15, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-0443 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 15, 2025 Action […]
