CVE-2025-4317
published 2025-05-13CVE-2025-4317: The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all…
PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.05%
60.1th percentile
The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codexthemes | thegem | <= 5.10.3 | — |
| linux | linux_kernel | >= 6.13.0 < 6.18.3 | 6.18.3 |
| linux | linux_kernel | >= 6.8.0 < 6.12.64 | 6.12.64 |
| msrc | azl3_postgresql_16.1-1_on_azure_linux_3.0 | — | — |
| msrc | azl3_postgresql_16.3-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_postgresql_14.11-1_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5LOW
vendor_msrc4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
drm/xe: Limit num_syncs to prevent oversized allocations
osv·2026-01-13
CVE-2025-68802 drm/xe: Limit num_syncs to prevent oversized allocations
drm/xe: Limit num_syncs to prevent oversized allocations
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Limit num_syncs to prevent oversized allocations
The exec and vm_bind ioctl allow userspace to specify an arbitrary
num_syncs value. Without bounds checking, a very large num_syncs
can force an excessively large allocation, leading to kernel warnings
from the page allocator as below.
Introduce DRM_XE_MAX_SYNCS (set to 1024) and reject any request
exceeding this limit.
"
------------[ cut here ]------------
WARNING: CPU: 0 PID: 1217 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2f8/0x2180 mm/page_alloc.c:5124
...
Call Trace:
alloc_pages_mpol+0xe4/0x330 mm/mempolicy.c:2416
___kmalloc_large_node+0xd8/0x110 mm/slub.c:4317
__kmalloc_large_node_noprof
GHSA
GHSA-w36c-pjh8-xh3c: The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in al
ghsa_unreviewed·2025-05-13
CVE-2025-4317 [HIGH] CWE-434 GHSA-w36c-pjh8-xh3c: The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in al
The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Red Hat
kernel: drm/xe: Limit num_syncs to prevent oversized allocations
vendor_redhat·2026-01-13·CVSS 5.5
CVE-2025-68802 [LOW] CWE-1284 kernel: drm/xe: Limit num_syncs to prevent oversized allocations
kernel: drm/xe: Limit num_syncs to prevent oversized allocations
In the Linux kernel, the following vulnerability has been resolved:
drm/xe: Limit num_syncs to prevent oversized allocations
The exec and vm_bind ioctl allow userspace to specify an arbitrary
num_syncs value. Without bounds checking, a very large num_syncs
can force an excessively large allocation, leading to kernel warnings
from the page allocator as below.
Introduce DRM_XE_MAX_SYNCS (set to 1024) and reject any request
exceeding this limit.
"
------------[ cut here ]------------
WARNING: CPU: 0 PID: 1217 at mm/page_alloc.c:5124 __alloc_frozen_pages_noprof+0x2f8/0x2180 mm/page_alloc.c:5124
...
Call Trace:
alloc_pages_mpol+0xe4/0x330 mm/mempolicy.c:2416
___kmalloc_large_node+0xd8/0x110 mm/slub.c:4317
__kmalloc_large_node_no
Microsoft
PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
vendor_msrc·2024-05-14·CVSS 4.3
CVE-2024-4317 [LOW] CWE-862 PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
PostgreSQL pg_stats_ext and pg_stats_ext_exprs lack authorization checks
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
PostgreSQL: PostgreSQL
Customer Action Required: Yes
Remediation: CBL-Mariner Release
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-13
Published