USN-7510-5 linux-azure-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Network block device...

AZL-70259 CVE-2025-37957 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Previously, commit ed129ec9057f "KVM: x86: forcibly leave nested mode on vCPU reset" addressed an issue where a triple fault occurring in nested mode could lead to...

Sei Giga

We introduce the Sei Giga, a multi-concurrent producer parallelized execution EVM layer one blockchain. In an internal testnet Giga has achieved 5 gigagas/sec throughput and sub 400ms finality. Giga uses Autobahn for consensus with separate DA and consensus layers requiring f+1 votes for a PoA on...

The vulnerability of the DIWEB virtual machine Dionis-NX allows a hacker to elevate their privileges to the root level and execute arbitrary code.

The vulnerability of the DIWEB virtual machine Dionis-NX relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to elevate their privileges to root level and execute arbitrary code by introducing special characters...

The vulnerability of the DIWEB virtual machine on the Dionis-NX system allows a hacker to elevate their privileges to the root level.

The vulnerability of the DIWEB virtual machine Dionis-NX relates to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to elevate their privileges to root level by executing a specially crafted command from an SSH client...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in the Imagination GPU Driver that originates from kernel software in the Guest VM that may take advantage of memory shared with the GPU firmware to read or write data outside of the Guest virtualized GP...

CVE-2025-47774

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, the slice builtin can elide side effects when the output length is 0, and the source bytestring is a builtin msg.data or .code. The reason is that for these source locations, the...

CVE-2025-47285 Vyper's `concat()` builtin may elide side-effects for zero-length arguments

Vyper is the Pythonic Programming Language for the Ethereum Virtual Machine. In versions up to and including 0.4.2rc1, concat may skip evaluation of side effects when the length of an argument is zero. This is due to a fastpath in the implementation which skips evaluation of argument expressions...

CVE-2025-29833

Time-of-check time-of-use toctou race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally...

CVE-2025-0134

A code injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to execute arbitrary code with root privileges on the host operating system running Broker VM...

Google ChromeOS Out-of-Bounds Read Vulnerability

Google ChromeOS is an operating system from the American company Google. Google ChromeOS suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a virtual machine to escape...

Palo Alto Networks Cortex XDR Broker VM 访问控制错误漏洞

Palo Alto Networks Cortex XDR Broker VM is a secure virtual machine from Palo Alto Networks, Inc. that integrates with Cortex XDR to bridge the network and Cortex XDR. A security vulnerability exists in the Palo Alto Networks Cortex XDR Broker VM that stems from a lack of authentication that coul...

Alibaba Cloud Linux 3 : 0076: open-vm-tools (ALINUX3-SA-2023:0076)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0076 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-20867: A fully compromised ESXi host can...

PT-2025-29029 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue within the drm/xe/vm subsystem. A flaw exists in the xe vm close and put function where xe svm fini can be called prematurely during virtual machine...

The vulnerability of the Microsoft Virtual Machine Bus (VMBus) component in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft Virtual Machine Bus VMBus component in Windows operating systems is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

SUSE CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

CVE-2025-29833

Time-of-check time-of-use toctou race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally...

CVE-2025-29833

Time-of-check time-of-use toctou race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally...

CVE-2025-29833

Technical details for CVE-2025-29833 are not provided in the connected documents. The EUVD and MSKB entries cover other issues and updates, but none specify affected product/version, root cause, impact, or remediation for this CVE. Monitor for updates.

CVE-2025-29833 Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

...