Tagged: Cybersecurity Alert

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix dual-divider clock rate readback When dual-divider clock support was introduced, the P divider offset was left out of the .recalc_rate...

The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.1.3. This is due to insufficient escaping...

The Search & Go – Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover in all versions up to, and including, 2.7. This is due to insufficient user validation...

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an...

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.6.7 via the mode parameter. This...

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to arbitrary file deletion (via renaming) due to insufficient file path validation in the set_user_profile_image function in...

Memory corruption while processing an escape call. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Memory corruption while processing user buffers. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Memory corruption while allocating buffers in DSP service. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Memory corruption while invoking remote procedure IOCTL calls. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

The Lisfinity Core – Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is...

memory corruption while processing an image encoding completion event. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Transient DOS may occur when multi-profile concurrency arises with QHS enabled. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html

Memory corruption while processing control commands in the virtual memory management interface. More information : https://docs.qualcomm.com/product/publicresources/securitybulletin/october-2025-bulletin.html