Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : libpng vulnerabilities (USN-8251-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8251-1 advisory. It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricke...

CVE-2026-43266

A flaw was found in the Linux kernel's handling of Common Platform Error Records CPER for ARM processors. This vulnerability allows a local attacker or malicious firmware to provide a malformed CPER record with an excessively large section length. The kernel then attempts to read data beyond the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the error handling logic for ARM processors in APEI/GHES, where no checks are performed on memory...

CVE-2025-0647

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element PE may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by t...

CVE-2025-0647

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element PE may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by t...

CVE-2025-0647

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element PE may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by t...

CVE-2025-0647

In the provided documents, CVE-2025-0647 affects certain Arm CPUs where a CPP RCTX instruction executed on a Processing Element can prevent TLB invalidation from TLBI operations issued to the same PE or a peer in the shareability domain. This may allow the PE to retain stale TLB entries that shou...

EUVD-2017-15002

Malware in sbrugna...

EUVD-2016-0816

Malware in sbrugna...

EUVD-2022-28876

Malicious code in bioql PyPI...

Spectre-Branch Status Eviction (BSE) Vulnerability on ARM® Processors

AMD ID: AMD-SB-8007 Potential Impact: N/A Severity: N/A Summary According to the ARM® security team, Spectre-BSE exploits a microarchitectural mechanism that equips an adversary with a weak form of control over the victim’s branch history despite existing protections. This can lead to exploitativ...

ARM CPU 安全漏洞

ARM CPUs are a family of central processors from the British company ARM. The ARM CPUs suffer from a security vulnerability that stems from the fact that an unprivileged context can trigger a data memory-related prefetch engine to fetch the contents of a privileged location and use those contents...

CVE-2024-10929

CVE-2024-10929 affects ARM Cortex-A57, Cortex-A72 (revisions before r1p0), Cortex-A73 and Cortex-A75. The issue can allow a local attacker to gain a weak form of control over the victim’s branch history (Spectre-BSE style), with potential indirect-branch exploitation and limited impact to confide...

DEBIAN-CVE-2023-34321

Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes such as the ones during scrubbing have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the...

iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A- and M-Series CPUs

A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. "An attacker can induce Safari to render...

Ubuntu: Security Advisory (USN-6283-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3312

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service...

ASB-A-215557547

In specific ARM processors, there is a possible side-channel information leak due to a hardware flaw. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1934)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5362-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...