Qualcomm Chipsets code-related vulnerabilities

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have code-related vulnerabilities; these vulnerabilities arise from heap memory exhaustion during secure data initialization, leading to memory corruption when writing to invalid memory locations...

SUSE CVE-2025-71114

In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...

Denial Of Service (DoS)

libtpms.so is vulnerable to denial of service. Decrypting data using RSA causes a SIGBUS bad memory access and termination of swtpm in CryptRsaDecrypt in src/tpm2/crypto/openssl/CryptRsa.c...

AMD ARM Intel - Speculative Execution Variant 4 Speculative Store Bypass

AMD ARM Intel - Speculative Execution Variant 4 Speculative Store Bypass / ======== Intro / Overview ======== After Michael Schwarz made some interesting observations, we started looking into variants other than the three already-known ones. I noticed that Intel's Optimization Manual says in...

shopify-scripts: Segmentation fault due to bad memory access in kh_get_mt

Crash file is: values=0,0,0,0 unusedbutneeded= Hash= values.each do values.each do values & values.each do values.each do % 0=nil end end end end $ ./dev/bin/mruby crash.rb Segmentation fault: 11 $ lldb ./dev/bin/mruby crash.rb lldb target create "./dev/bin/mruby" Current executable set to...

Google Chrome < 8.0.552.237 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 8.0.552.237. Such versions are reportedly affected by multiple vulnerabilities : - A browser crash exists in extensions notification handling. Issue 58053 - Bad pointer handling exists in node iteration. Issue 65764 -...

RHEL 5 : kernel (RHSA-2010:0610)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0610 advisory. - kernel: bluetooth: potential bad memory access with sysfs files CVE-2010-1084 - kernel: ext4: Make sure the MOVEEXT ioctl can't overwrite...

Debian DSA-1987-1 : lighttpd - denial of service

Li Ming discovered that lighttpd, a small and fast webserver with minimal memory footprint, is vulnerable to a denial of service attack due to bad memory handling. Slowly sending very small chunks of request data causes lighttpd to allocate new buffers for each read instead of appending to old...