13923 matches found
Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2023-4527)
A flaw was found in glibc. When the getaddrinfo function is called with the AFUNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data...
CVE-2025-9408
System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...
CVE-2025-40157 EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller
In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac driver on some Intel Granite Rapids servers, a call trace may appear as follows: UBSAN: shift-out-of-bounds in...
PT-2025-46720
Name of the Vulnerable Software and Affected Versions PyTorch versions 2.5 and 2.7.1 Description An issue exists where omitting profiler.stop can cause torch.profiler.profile PythonTracer to crash or hang during finalization, potentially leading to a Denial of Service DoS. Recommendations Ensure...
Linux Distros Unpatched Vulnerability : CVE-2025-40157
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller When loading the i10nmedac...
CVE-2025-9408
System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...
CVE-2025-9408
System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...
EUVD-2025-84338
System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...
CVE-2025-9408 Userspace privilege escalation vulnerability on Cortex M
System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...
CVE-2025-9408
CVE-2025-9408 describes a race condition in the system call entry path on Cortex-M ( Zephyr RTOS context in the provided docs ) that enables privilege escalation by malicious userspace processes. The available connected documents confirm the issue and its impact but do not specify concrete exploi...
CVE-2025-9408 Userspace privilege escalation vulnerability on Cortex M
System call entry on Cortex M and possibly R and A, but I think not has a race which allows very practical privilege escalation for malicious userspace processes...
kernel: rxrpc: Fix missing locking causing hanging calls
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...
kernel: acct: perform last write from workqueue
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
kernel: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smpprocessorid call trace for preemptible kernels Correct kernel call trace when calling smpprocessorid when called in preemptible kernels by using rawsmpprocessorid. smpprocessorid checks to see if preemption...
kernel: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smpprocessorid call trace for preemptible kernels Correct kernel call trace when calling smpprocessorid when called in preemptible kernels by using rawsmpprocessorid. smpprocessorid checks to see if preemption...
kernel: acct: perform last write from workqueue
In the Linux kernel, the following vulnerability has been resolved: acct: perform last write from workqueue In 1 it was reported that the acct2 system call can be used to trigger NULL deref in cases where it is set to write to a file that triggers an internal lookup. This can e.g., happen when...
kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl
In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpinfitctl Fix an issue detected by syzbot with KASAN: BUG: KASAN: vmalloc-out-of-bounds in cmdtofunc drivers/acpi/nfit/ core.c:416 inline BUG: KASAN: vmalloc-out-of-bounds in...
EUVD-2025-60969
The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action wpajaxnoprivcryptoconnectajaxprocess that allows calling the cryptodeletejson method with only a...
CVE-2025-12010 Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode
The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from AuthorsListShortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to ca...
EUVD-2025-60993
Due to missing authentication, SAP HANA 2.0 hdbrss allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. As a result, it has a low impact on the confidentiality but no impact on the integrity and availability of the system...