Lucene search
+L

485 matches found

Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.8 views

PT-2025-37981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the communication buffer allocated by setup mm hdr was not contiguous, despite being expected to be by tee shm register kernel buf. This could le...

7.8CVSS7.2AI score0.00142EPSS
Exploits0
CVE
CVE
added 2025/08/26 12:0 a.m.24 views

CVE-2025-25734

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 contain an unauthenticated EFI shell that can be leveraged to execute arbitrary code or escalate privileges during boot. Root cause is an EFI shell exposure in the RSU firmware; aff...

6.8CVSS8.7AI score0.00326EPSS
Exploits1References6Affected Software1
SUSE Linux
SUSE Linux
added 2025/08/25 6:22 a.m.12 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

8.7CVSS9AI score0.03133EPSS
Exploits11References1018
SUSE CVE
SUSE CVE
added 2025/08/19 11:23 p.m.8 views

SUSE CVE-2025-38585

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS7AI score0.00191EPSS
Exploits0References23
OSV
OSV
added 2025/08/19 5:15 p.m.14 views

UBUNTU-CVE-2025-38585

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS6.8AI score0.00191EPSS
Exploits0References29
Cvelist
Cvelist
added 2025/08/19 5:3 p.m.20 views

CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

0.00191EPSS
Exploits0References5
OSV
OSV
added 2025/08/19 5:3 p.m.9 views

CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS6.6AI score0.00191EPSS
Exploits0References8
CVE
CVE
added 2025/08/19 5:3 p.m.50 views

CVE-2025-38585

CVE-2025-38585 concerns Linux kernel staging/atomisp: a stack buffer overflow in gmin_get_var_int() triggered when gmin_get_config_var() calls EFI get_variable() with a larger-than-expected EFI variable. The bug stems from two issues: (1) gmin_get_config_var() returning a stale error code on EFI ...

7.8CVSS7.9AI score0.00191EPSS
Exploits0References5Affected Software1
SUSE Linux
SUSE Linux
added 2025/08/18 4:1 p.m.5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

8.7CVSS8.3AI score0.03133EPSS
Exploits11References1136
OSV
OSV
added 2025/08/18 4:1 p.m.6 views

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

7.8CVSS8.7AI score0.03133EPSS
Exploits11References567
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-39950

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and...

6.1CVSS6.3AI score0.00388EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-38315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btinteldsbr i...

5.5CVSS6.3AI score0.00135EPSS
Exploits0References3
CERT
CERT
added 2025/08/15 12:0 a.m.10 views

SMM Memory Corruption Vulnerability in the AMI Aptio's SMM Module Across Multiple Devices

Overview System Management Mode SMM memory corruption vulnerabilities have been identified in UEFI modules present in AMI Aptio UEFI firmware. An attacker could exploit this vulnerability to elevate privileges and execute arbitrary code in the highly privileged SMM environment. Users should apply...

6.1CVSS8.1AI score0.00174EPSS
Exploits0References12
Cvelist
Cvelist
added 2025/08/12 2:13 p.m.12 views

CVE-2024-38805 iSCSI Remote Memory Corruption and Denial of Service

EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...

6.3CVSS0.00207EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/12 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2021-47134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. I...

5.5CVSS5.6AI score0.00232EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.11 views

The vulnerability of the UEFI Management mode of the microprogramming software in embedded platforms for artificial intelligence NVIDIA Jetson Orin Series, NVIDIA Xavier Series, and IGX Orin allows a perpetrator to execute arbitrary code, gain unauthorized access to read and modify protected information, or cause system failures.

The vulnerability of the UEFI Management mode of microprogramming software in embedded platforms for artificial intelligence, such as NVIDIA Jetson Orin Series, NVIDIA Xavier Series, and IGX Orin, is related to the improper generation of fault reports. Exploiting this vulnerability can allow...

7.1CVSS5.8AI score0.00186EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-46951

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpmreadlogefi is called...

5.5CVSS6.4AI score0.00235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-50226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp - Use kzalloc for sev ioctl interfaces to prevent kernel memory leak For some sev ioctl interfaces, input may be passed that is less than or equal t...

5.5CVSS6.6AI score0.00193EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-46868

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefiacquire If the qcuefi pointer is not set,...

5.5CVSS5.6AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2025/08/07 1:15 a.m.3 views

UBUNTU-CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

7CVSS7.4AI score0.0015EPSS
Exploits0References4
Rows per page
Query Builder