CVE-2026-35345 uutils coreutils tail Privileged Information Disclosure via Symlink Replacement Race

A vulnerability in the tail utility of uutils coreutils allows for the exfiltration of sensitive file contents when using the --follow=name option. Unlike GNU tail, the uutils implementation continues to monitor a path after it has been replaced by a symbolic link, subsequently outputting the...

CVE-2025-20067

CVE-2025-20067 describes an observable timing discrepancy in firmware for Intel® CSME and Intel® SPS that may allow a privileged local attacker to disclose information. Connected sources confirm this as a firmware-level issue affecting Intel CSME/SPS (and related components in the Intel security ...

CVE-2023-23573

Improper access control in the IntelR UniteR android application before Release 17 may allow a privileged user to potentially enable information disclosure via local access...

AZL-27637 CVE-2023-33951 affecting package hyperv-daemons for versions less than 5.15.158.1-1

A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...

CVE-2023-25175

Improper input validation in some IntelR Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access...

SUSE CVE-2020-8695

Observable discrepancy in the RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access...

CVE-2021-23179

Out of bounds read in firmware for some IntelR Wireless BluetoothR and KillerTM BluetoothR products before version 22.120 may allow a privileged user to potentially enable information disclosure via local access...

apusys 缓冲区错误漏洞

MediaTek Apusys is a chipset from the Chinese company MediaTek. A security vulnerability exists in apusys, which originates from an out-of-bounds read that may occur in apusys due to incorrect boundary checking. This could result in the disclosure of local information that requires system executi...

CVE-2021-26585

A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which could lead to a local disclosure of privileged information. HPE has provided an update to OneView Global Dashboard. The issue is resolved in 2.32...

CVE-2021-26579

A security vulnerability in HPE Unified Data Management UDM could allow the local disclosure of privileged information CWE-321: Use of Hard-coded Cryptographic Key in a product. HPE has provided updates to versions 1.2009.0 and 1.2101.0 of HPE Unified Data Management UDM. Version 1.2103.0 of HPE...

CVE-2018-7112

The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system ROM updates which...