Lucene search
K

10471 matches found

Cvelist
Cvelist
added 2025/12/18 5:29 a.m.32 views

CVE-2025-47372 Buffer Copy Without Checking Size of Input in Boot

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication...

9CVSS0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/18 5:29 a.m.6 views

CVE-2025-47372 Buffer Copy Without Checking Size of Input in Boot

Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication...

9CVSS6.8AI score0.00101EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/18 3:38 a.m.5 views

CVE-2025-14303

Certain motherboard models developed by MSI has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are...

7CVSS6.8AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/18 3:38 a.m.4 views

CVE-2025-14302

Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security feature...

7CVSS6.8AI score0.00314EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/18 12:0 a.m.4 views

PT-2025-52342

Name of the Vulnerable Software and Affected Versions BullWall versions 4.6.0.0 through 4.6.1.4 Description BullWall Server Intrusion Protection services start after login services. An attacker who is already authenticated and has administrative privileges can log in following a system boot,...

7.5CVSS6.7AI score0.00281EPSS
Exploits0References6
Spring Security Advisories
Spring Security Advisories
added 2025/12/18 12:0 a.m.6 views

Next level Kotlin support in Spring Boot 4

Following the announcement of the strategic partnership between JetBrains and Spring in May, I would like to share a global update on various Kotlin-related features and documentation enhancements we have made recently, with the goal of making Spring Boot 4 the best framework to develop backend...

7AI score
Exploits0
Oracle linux
Oracle linux
added 2025/12/18 12:0 a.m.9 views

kernel security update

5.14.0-611.16.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

8.8AI score0.00166EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.2 views

openSUSE 16 Security Update : grub2 (openSUSE-SU-2025:20163-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20163-1 advisory. Changes in grub2: - CVE-2025-54771: Fixed grubfileclose does not properly controls the fs refcount bsc1252931 - CVE-2025-54770: Fixed missing...

7.8CVSS6.9AI score0.00386EPSS
Exploits0References28
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.37 views

December 18, 2025—KB5074975 (OS Build 17763.8148) Out-of-band

December 18, 2025—KB5074975 OS Build 17763.8148 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devic...

5.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.12 views

December 18, 2025—KB5074978 (Monthly Rollup) Out-of-band

December 18, 2025—KB5074978 Monthly Rollup Out-of-band Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012 R2. For a successful installation, please make sure all Subset of endpoin...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.35 views

December 18, 2025—KB5074977 (Monthly Rollup) Out-of-band

December 18, 2025—KB5074977 Monthly Rollup Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices fo...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.24 views

December 18, 2025—KB5074976 (OS Builds 19044.6693 and 19045.6693) Out-of-band

December 18, 2025—KB5074976 OS Builds 19044.6693 and 19045.6693 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-manage...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.8 views

December 18, 2025—KB5074979 (Monthly Rollup) Out-of-band

December 18, 2025—KB5074979 Monthly Rollup Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices fo...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.13 views

December 18, 2025—KB5074980 (Monthly Rollup) Out-of-band

December 18, 2025—KB5074980 Monthly Rollup Out-of-band Important The installation of this Extended Security Update ESU might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints...

5.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2025/12/18 12:0 a.m.50 views

December 18, 2025—KB5074974 (OS Build 14393.8692) Out-of-band

December 18, 2025—KB5074974 OS Build 14393.8692 Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devic...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/17 10:2 a.m.5 views

CVE-2025-62862

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

4.6CVSS6.8AI score0.00105EPSS
Exploits0References1
OSV
OSV
added 2025/12/17 9:7 a.m.5 views

RLSA-2025:23210 Important: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration CVE-2025-13609 For more details about the security issues, including the impact, a CVSS...

8.2CVSS7AI score0.0038EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/12/17 9:5 a.m.8 views

Un-verified kernel bypass Secure Boot mechanism in direct boot mode

...

8.4CVSS7AI score0.00704EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/12/17 9:3 a.m.6 views

nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot

...

7.1CVSS6.7AI score0.00156EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/12/17 3:23 a.m.3 views

CVE-2025-14304 ASRock, ASRockRack, ASRockInd|Motherboard - Protection Mechanism Failure

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory...

7CVSS6.4AI score0.00311EPSS
Exploits0References4
Rows per page
Query Builder