CVE-2026-31481

A flaw was found in the Linux kernel. A local user can exploit this vulnerability by providing specific kernel command line parameters during boot, which can lead to a NULL pointer dereference. This issue occurs due to improper handling of deferred trigger frees when kernel thread kthread creatio...

CVE-2026-23332

A flaw was found in the Linux kernel's intelpstate cpufreq driver. A local user can trigger a system crash, leading to a Denial of Service DoS, by attempting to disable the CPU turbo feature through the sysfs interface. This vulnerability occurs on systems booted with specific kernel arguments li...

EUVD-2022-54905

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-47134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. I...

Ensure That the Password Protection Is Configured for GRUB

GRUB is the default bootloader of Linux. The bootloader can set the startup mode of the system. By setting the GRUB password, you can prevent attackers from modifying the GRUB setting to enter the single-user mode. If the GRUB password is not set, attackers can easily access the GRUB editing menu...

CVE-2022-49322

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix sleeping function called from invalid context on RT kernel When setting bootparams="traceevent=initcall:initcallstart tpprintk=1" in the cmdline, the outputprintk was called, and the spinlockirqsave was called in the...

SUSE CVE-2021-47134

In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. If no valid fdt found then initialbootparams will be null. So we should stop further fdt processing here. I encountered this issue on risc...

DEBIAN-CVE-2021-47134

In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. If no valid fdt found then initialbootparams will be null. So we should stop further fdt processing here. I encountered this issue on risc...

UBUNTU-CVE-2021-47134

In the Linux kernel, the following vulnerability has been resolved: efi/fdt: fix panic when no valid fdt found setuparch would invoke efiinit-efigetfdtparams. If no valid fdt found then initialbootparams will be null. So we should stop further fdt processing here. I encountered this issue on risc...

Cisco IOS XR Software iPXE Boot Signature Bypass (cisco-sa-iosxr-ipxe-sigbypass-pymfyqgB)

According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

CVE-2023-20236

A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating...

Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit

Exploit Title: Linux Kernel 6.2 - Userspace Processes To Enable Mitigation Exploit Author: nu11secur1ty CVE ID: CVE-2023-1998 Description Summary The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as...

SUSE CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

Pulse Secure Pulse Connect Secure and Pulse Policy Secure Resource Management Error Vulnerability

Pulse Secure Pulse Connect Secure a.k.a. PCS, formerly known as Juniper Junos Pulse and Pulse Policy Secure are both products of Pulse Secure, Inc.Pulse Connect Secure is an SSL VPN solution. Pulse Connect Secure is an SSL VPN solution. Pulse Policy Secure is a network access control solution...

CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...

Xen: PyGrub missing support for password configuration command

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...