CVE Brief Security Intelligence

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2

SIM-PKH 2

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler t7xx_port_enum_msg_handler() uses the modem-supplied port_count field as a loop bound over port_msg->data[] without checking that the message buffer contains sufficient data

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags when moving frags from source to destination

A race condition in the Linux kernel's Intel VT-d implementation during PASID entry replacement could lead to memory corruption or system instability.

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers hci_conn lookup and field access must be covered by hdev lock in hci_user_passkey_notify_evt() and hci_keypress_notify_evt(), otherwise the connection can be freed concurrently

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface is completely reset to non-MLD

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: drop stray 'static' from fast-RX rx_result ieee80211_invoke_fast_rx() is documented as safe for parallel RX, but its per-invocation rx_result is declared static

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211_dfs_cac_cancel can cause the iterated chanctx to be freed and removed from the list

A flaw in the AMD Zen2 op cache management allows for improper resource sharing, which may lead to instruction corruption.

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix integer overflow on buff_pos Fixing an integer overflow present in batadv_iv_ogm_send_to_if

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: prevent use-after-free when deleting claims When batadv_bla_del_backbone_claims() removes all claims for a backbone, it does this by dropping the link entry in the hash list

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neigh_node, but some paths also cache an originator pointer derived from a temporary lookup

A high-severity security vulnerability has been identified in the TRENDnet TEW-432BRP router, potentially exposing it to unauthorized access.

A security vulnerability has been identified in the TRENDnet TEW-432BRP router that may allow unauthorized system access.

A security flaw has been identified in the TRENDnet TEW-432BRP router, potentially allowing unauthorized actions on the device.

A vulnerability in the TRENDnet TEW-432BRP router could allow unauthorized access to the device.

A vulnerability in the TRENDnet TEW-432BRP router could allow unauthorized access to the device.

A high-severity vulnerability has been determined in Shibby Tomato firmware, potentially allowing unauthorized system access.

A high-severity vulnerability has been identified in the Edimax BR-6478AC router, potentially allowing unauthorized system access.

A buffer overflow vulnerability exists in the Edimax BR-6478AC router, allowing remote code execution via a crafted POST request.

A critical stack-based buffer overflow exists in the TRENDnet TEW-432BRP router, reachable via the /goform/formPortFw file.

A security weakness has been identified in the TRENDnet TEW-432BRP router, requiring further investigation into the specific exploitation vector.

A stack-based buffer overflow exists in the TRENDnet TEW-432BRP router, exploitable via the /goform/formSetEnableWizard file.

A stack-based buffer overflow vulnerability in the TRENDnet TEW-432BRP router allows remote code execution via the /goform/formResetStatistic file.

A flaw has been found in TRENDnet TEW-432BRP 3

A vulnerability has been found in Edimax BR-6478AC 1

A vulnerability was found in Edimax BR-6478AC 1

A vulnerability was identified in Edimax BR-6478AC 1