5.3
CVE-2025-10066 - itsourcecode POS Point of Sale System dymanic_table.php cross site scripting
A security vulnerability has been detected in itsourcecode POS Point of Sale System 1.0. The affected element is an unknown function of the file /inventory/main/vendors/datatables/unit_testing/templates/dymanic_table.php. Such manipulation of the argument scripts leads to cross site scripting. The β¦
5.1
CVE-2025-36100 - IBM MQ information disclosure
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0Β Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local useβ¦
5.3
CVE-2025-10065 - itsourcecode POS Point of Sale System dom_data_th.php cross site scripting
A weakness has been identified in itsourcecode POS Point of Sale System 1.0. Impacted is an unknown function of the file /inventory/main/vendors/datatables/unit_testing/templates/dom_data_th.php. This manipulation of the argument scripts causes cross site scripting. The attack is possible to be carβ¦
5.3
CVE-2025-10064 - itsourcecode POS Point of Sale System dom_data_two_headers.php cross site scripting
A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This issue affects some unknown processing of the file /inventory/main/vendors/datatables/unit_testing/templates/dom_data_two_headers.php. The manipulation of the argument scripts results in cross site scripting. The β¦
5.5
CVE-2025-39733 - team: replace team lock with rtnl lock
In the Linux kernel, the following vulnerability has been resolved: team: replace team lock with rtnl lock syszbot reports various ordering issues for lower instance locks and team lock. Switch to using rtnl lock for protecting team device, similar to bonding. Based on the patch by Tetsuo Handa.
5.5
CVE-2025-39729 - crypto: ccp - Fix dereferencing uninitialized error pointer
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix dereferencing uninitialized error pointer Fix below smatch warnings: drivers/crypto/ccp/sev-dev.c:1312 __sev_platform_init_locked() error: we previously assumed 'error' could be null
5.5
CVE-2025-39731 - f2fs: vm_unmap_ram() may be called from an invalid context
In the Linux kernel, the following vulnerability has been resolved: f2fs: vm_unmap_ram() may be called from an invalid context When testing F2FS with xfstests using UFS backed virtual disks the kernel complains sometimes that f2fs_release_decomp_mem() calls vm_unmap_ram() from an invalid context.β¦
7.8
CVE-2025-39730 - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() The function needs to check the minimal filehandle length before it can access the embedded filehandle.
7.8
CVE-2025-39727 - mm: swap: fix potential buffer overflow in setup_clusters()
In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setup_clusters() In setup_swap_map(), we only ensure badpages are in range (0, last_page]. As maxpages might be < last_page, setup_clusters() will encounter a buffer overflow when a badβ¦
5.5
CVE-2025-39734 - Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
In the Linux kernel, the following vulnerability has been resolved: Revert "fs/ntfs3: Replace inode_trylock with inode_lock" This reverts commit 69505fe98f198ee813898cbcaf6770949636430b. Initially, conditional lock acquisition was removed to fix an xfstest bug that was observed during internal tβ¦