KLA86591 PE vulnerability in Microsoft Open Source Software

An elevation of privilege vulnerability was found in Microsoft Open Source Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-53788 Related products Microsoft-Windows CVE list CVE-2025-53788 high Solution Install necessary updates from the KB...

PT-2025-32784 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows versions affected versions not specified Description: A heap-based buffer overflow exists in Windows Win32K - GRFX. This issue allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no...

PT-2025-32744

Name of the Vulnerable Software and Affected Versions: IntelR XeonR 6 processors affected versions not specified Description: An out-of-bounds write issue exists in the memory subsystem of certain IntelR XeonR 6 processors when utilizing IntelR SGX or IntelR TDX. A privileged user may be able to...

Linux Distros Unpatched Vulnerability : CVE-2022-50049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: DPCM: Don't pick up BE without substream When DPCM tries to add valid BE connections a...

Linux Distros Unpatched Vulnerability : CVE-2016-6787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain...

Linux Distros Unpatched Vulnerability : CVE-2016-6786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain...

Linux Distros Unpatched Vulnerability : CVE-2023-53078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: scsidhalua: Fix memleak for 'qdata' in aluaactivate If aluartpgqueue failed from aluaactivate, then 'qdata' is not freed, which will cause following...

Linux Distros Unpatched Vulnerability : CVE-2022-48716

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in...

Intel Xeon 6 Processor 缓冲区错误漏洞

Intel Xeon 6 Processor is a family of chips from Intel Corporation USA. The Intel Xeon 6 processor suffers from a buffer error vulnerability that originates from out-of-bounds writes to the memory subsystem, which could lead to elevation of privilege...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering It's possible to trigger use-after-free here by: a forcing rescanworkfunc to take a long time and b utilizing a pwrctrl driver that may be unloaded for some reason...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

CVE-2025-54997

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections...

Linux Distros Unpatched Vulnerability : CVE-2025-38288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smpprocessorid call trace for preemptible kernels Correct kernel call...

The vulnerability of the mlx5 driver for the RDMA subsystem of Linux operating systems allows a hacker to escalate their privileges, execute arbitrary code, or cause service failures.

The vulnerability of the mlx5 driver for the RDMA subsystem of Linux operating systems relates to the ability to access memory after it is freed. Exploiting this vulnerability can allow an attacker to enhance their privileges, execute arbitrary code, or cause service failures...

Linux Distros Unpatched Vulnerability : CVE-2021-47128

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a...

Linux Distros Unpatched Vulnerability : CVE-2025-38309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xesvminit earlier In xevmcloseandput we need to be able to call xesvmfini,...

Linux Distros Unpatched Vulnerability : CVE-2021-47511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative value as an error, but the code there assumes...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the audit subsystem when manipulating log prefixes. An attacker can execute unauthorized code and gain network access by bypassing intended restrictions on privileged API operators. Note: This is exploitable...