CVE-2023-20601

CVE-2023-20601 affects the RAS TA Driver. The issue is improper input validation that can allow a local attacker to read/write out-of-bounds memory, potentially causing a denial-of-service. Red Hat and NVD entries corroborate the vulnerability description; exploitation is local and implies elevat...

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-1998

A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name:...

Linux Distros Unpatched Vulnerability : CVE-2026-1998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory...

About Information Disclosure – Desktop Window Manager (CVE-2026-20805) vulnerability

About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...

MiracleLinux 8 : ncurses-6.1-9.20180224.el8.1 (AXSA:2023-6443:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6443:01 advisory. ncurses: Local users can trigger security-relevant memory corruption via malformed data CVE-2023-29491 Tenable has extracted the preceding description block...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000737 advisory. The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000848 advisory. The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a unam...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004277)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004277 advisory. A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impac...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002059)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002059 advisory. The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002452)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002452 advisory. The nrrecvmsg function in net/netrom/afnetrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure h...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002698 advisory. The vhcihcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successful exploitation...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002891)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002891 advisory. The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001873)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001873 advisory. The bcmcharioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002296 advisory. arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002853 advisory. arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service...

kernel: e1000e: fix heap overflow in e1000_set_eeprom

A heap‑overflow vulnerability was discovered in the linux kernel e1000e driver’s e1000seteeprom function, insufficient validation of the requested length for an EEPROM change could allow a local, low‑privilege user to trigger memory corruption heap overflow. A local unprivileged user with access ...

CVE-2025-42888

SAP GUI for Windows may allow a highly privileged user on the affected client PC to locally access sensitive information stored in process memory during runtime.This vulnerability has a high impact on confidentiality, with no impact on integrity and availability...

EUVD-2025-50796

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-21052

Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption...