Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from incorrectly handling error code when allocating memory for a peripheral-less virtual machine, which could lead to memory corruption...

Implementation and Security Analysis of Cryptocurrencies Based on Ethereum

Blockchain technology has set off a wave of decentralization in the world since its birth. The trust system constructed by blockchain technology based on cryptography algorithm and computing power provides a practical and powerful solution to solve the trust problem in human society. In order to...

PT-2025-19862

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue involves memory corruption during memory assignment to a headless peripheral virtual machine due to incorrect error code handling. This can lead to potential security risks...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets, which stems from the fact that the value of a Guest VM-controlled buffer can be persistently modified while processing a message, potentially leading to...

KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()

...

SUSE CVE-2022-49932

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

DEBIAN-CVE-2022-49932

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Do all initialization before exposing /dev/kvm to userspace Call kvminit only after all setup is complete, as kvminit exposes /dev/kvm to userspace and thus allows userspace to create VMs and call other ioctls. E.g. KVM...

UBUNTU-CVE-2022-49884

In the Linux kernel, the following vulnerability has been resolved: KVM: Initialize gfntopfncache locks in dedicated helper Move the gfntopfncache lock initialization to another helper and call the new helper during VM/vCPU creation. There are race conditions possible due to kvmgfntopfncacheinit'...

kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost The Linux kernel CVE team has assigned CVE-2024-35944 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051920-CVE-2024-35944-a860@gregkh/T...

A Comprehensive Study of Exploitable Patterns in Smart Contracts: from Vulnerability to Defense

With the rapid advancement of blockchain technology, smart contracts have enabled the implementation of increasingly complex functionalities. However, ensuring the security of smart contracts remains a persistent challenge across the stages of development, compilation, and execution...

Exploit for Improper Authentication in Wpdeveloper Essential_Addons_For_Elementor

🔐 CVE-2023-32243 – Detection and Mitigation in WordPress 📘...

WhatsApp Launches Private Processing to Enable AI Features While Protecting Message Privacy

Popular messaging app WhatsApp on Tuesday unveiled a new technology called Private Processing to enable artificial intelligence AI capabilities in a privacy-preserving manner. "Private Processing will allow users to leverage powerful optional AI features – like summarizing unread messages or...

VApps: Verifiable Applications at Internet Scale

Blockchain technology promises a decentralized, trustless, and interoperable infrastructure. However, widespread adoption remains hindered by issues such as limited scalability, high transaction costs, and the complexity of maintaining coherent verification logic across different blockchain layer...

PT-2025-20537

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, related to KVM Kernel-based Virtual Machine on x86 systems. The issue arises when the new GSI route prevents posting the IRQ...

Important: Red Hat Security Advisory: virtuoso-opensource security update

An update for virtuoso-opensource is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 7 : virtuoso-opensource (RHSA-2025:4039)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4039 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains...

CVE-2025-0467

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2025-0467

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

CVE-2025-0467

CVE-2025-0467 affects Imagination Technologies PowerVR-GPU kernel code used inside a guest VM. The vulnerability arises when memory shared with the GPU firmware can be abused by the guest to write data outside the virtualized GPU memory, potentially impacting data integrity and isolation between ...

CVE-2025-0467 GPU DDK - rgxfw_hwperf_get_packet_buffer OOB write

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...