CVE-2026-0432

Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

SUSE CVE-2026-42557

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to 4.5.7, JupyterLab's HTML sanitizer allowlists data-commandlinker-command and data-commandlinker-args on button elements, while CommandLinker listens for all cli...

CVE-2025-29938

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...

CVE-2026-0432

Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

EUVD-2026-30497

Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

CVE-2026-0432

The CVE-2026-0432 issue relates to the AMD chipset driver. The root cause is incorrect default permissions in the installation directory, which could allow a local attacker to escalate privileges and achieve arbitrary code execution. Affected component is the AMD chipset driver and its installati...

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

CVE-2025-48512

CVE-2025-48512 affects the AMD GPIO installation directory where incorrect default permissions could enable local privilege escalation and arbitrary code execution. Root cause: improper default permissions. Impact: local attacker could escalate privileges; CVSS 4.0/7.0 high. Affected: AMD GPIO/in...

PT-2026-41228

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

WWW::Mechanize::Cached 代码问题漏洞

WWW::Mechanize::Cached is an open-source module developed by libwww-perl for the Perl language, serving as an extension to WWW::Mechanize. Versions of WWW::Mechanize::Cached prior to version 2.00 contained code vulnerabilities. These vulnerabilities stemmed from the ability to deserialize HTTP...

Adobe Substance 3D Designer <= 15.1.0 Multiple Vulnerabilities (APSB26-52)

The version of Adobe Substance 3D Designer installed on the remote host is prior or equal to 15.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-52 advisory. - Substance3D - Designer versions 15.1.0 and earlier are affected by a Server-Side Request Forgery...

Siemens Teamcenter PDF.js Arbitrary Code Execution (SSA-827383)

The version of Siemens Teamcenter installed on the remote host is affected by a vulnerability: - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. CVE-2024-4367 Note that Nessus has not tested for this issue but has...

PT-2026-41311

Name of the Vulnerable Software and Affected Versions Turborepo versions 1.1.0 through 2.9.13 Description Turborepo is a high-performance build system for JavaScript and TypeScript codebases. A flaw in package manager detection allows arbitrary code execution when the system is run in untrusted...

Radare2 资源管理错误漏洞

Radare2 is an open-source reverse framework for Unix-based geeks, developed by Radare. Version 6.1.5 of Radare2 contains a resource management vulnerability. This vulnerability stems from the use of the gdbrpidslist function in the GDB client core, which allows for double memory deallocation afte...

AMD Graphics Driver 数据伪造问题漏洞

AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. The AMD Graphics Driver has a vulnerability related to data manipulation, stemming from improper encryption signature verification. This vulnerability may allow malicious files placed in the...

AMD Chipset 安全漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities, which stem from incorrect default permissions in the installation directory. This could allow attackers to gain elevated privileges, leading to arbitrary code...

AMD Chipset 缓冲区错误漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains a buffer error vulnerability, which stems from out-of-bounds writing. This vulnerability could allow attackers to execute arbitrary code with elevated privileges, resulting in losses...

PT-2026-41314

Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-controlled values. The extension used string-based command execution for Turborepo daemon commands and...