CVE-2023-20548

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

CVE-2023-20548

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

CVE-2023-20548

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2023-31324

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to modify External Global Memory Interconnect Trusted Agent XGMI TA commands as they are processed potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2024-36320

CVE-2024-36320 describes an integer overflow in the Windows/AMD graphics driver component atihdwt6.sys that can allow a local attacker to perform out-of-bounds reads/writes, leading to potential loss of confidentiality, integrity, and availability. Connected sources corroborate a local-privilege-...

CVE-2024-36320

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability...

CVE-2024-36320

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability...

CVE-2024-36320

Integer Overflow within atihdwt6.sys can allow a local attacker to cause out of bound read/write potentially leading to loss of confidentiality, integrity and availability...

RLSA-2026:1241 Important: resource-agents security update

The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability HA environment. Security Fixes: urllib3: urllib3: Unbounded decompression chain leads to resource...

CVE-2026-23685

Due to a Deserialization vulnerability in SAP NetWeaver JMS service, an attacker authenticated as an administrator with local access could submit specially crafted content to the server. If processed by the application, this content could trigger unintended behavior during internal logic executio...

CVE-2026-23689

Due to an uncontrolled resource consumption Denial of Service vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-control parameter. This triggers prolonged loop execution th...

CVE-2026-0505

The BSP applications allow an unauthenticated user to manipulate user-controlled URL parameters that are not sufficiently validated. This could result in unvalidated redirection to attacker-controlled websites, leading to a low impact on confidentiality and integrity, and no impact on the...

CVE-2026-0490

SAP BusinessObjects BI Platform allows an unauthenticated attacker to craft a specific network request to the trusted endpoint that breaks the authentication, which prevents the legitimate users from accessing the platform. As a result, it has a high impact on the availability but no impact on th...

CVE-2026-0485

SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server CMS to crash and automatically restart. By repeatedly submitting these requests, the attacker could induce a persistent service disruption, renderin...

CVE-2026-0509

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated, low-privileged user to perform background Remote Function Calls without the required SRFC authorization in certain cases. This can result in a high impact on integrity and availability, and no impact on the...

PT-2026-7586

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

Huawei HarmonyOS Media Subsystem Out-of-Bounds Read Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds read vulnerability exists in the Huawei HarmonyOS media subsystem, which can be exploited by attackers to cause confidentiality and...

Huawei EMUI and Huawei HarmonyOS DFX Module Out-of-Bounds Write Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. An out-of-bounds write vulnerability exists in the Huawei EMUI and Huawei HarmonyOS DFX module, which can be...