CVE-2026-23236 fbdev: smscufx: properly copy ioctl memory to kernelspace

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...

KB5073696: Windows Server 2012 R2 Security Update (January 2026)

The remote Windows host is missing security update 5073696. It is, therefore, affected by multiple vulnerabilities - An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in...

KB5073698: Windows Server 2012 Security Update (January 2026)

The remote Windows host is missing security update 5073698. It is, therefore, affected by multiple vulnerabilities - An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in...

CVE-2025-57108

Kitware VTK Visualization Toolkit contains a heap use-after-free vulnerability in vtkGLTFDocumentLoader. The vulnerability manifests during mesh object copy operations where vector members are accessed after the underlying memory has been freed, specifically when handling GLTF files with corrupte...

CVE-2023-53434

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add custom memory copy implementation for i.MX DSP Cores The IRAM is part of the HiFi DSP. According to hardware specification only 32-bits write are allowed otherwise we get a Kernel panic. Therefore add...

Secure IVSHMEM: End-To-End Shared-Memory Protocol with Hypervisor-CA Handshake and In-Kernel Access Control

In-host shared memory IVSHMEM enables high-throughput, zero-copy communication between virtual machines, but today's implementations lack any security control, allowing any application to eavesdrop or tamper with the IVSHMEM region. This paper presents Secure IVSHMEM, a protocol that provides...

Linux Distros Unpatched Vulnerability : CVE-2022-49341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Clear prog-jitedlen along prog-jited syzbot reported an illegal copytouser attem...

SUSE CVE-2022-48839

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix slab-out-of-bounds access in packetrecvmsg syzbot found that when an AFPACKET socket is using PACKETCOPYTHRESH and mmap operations, tpacketrcv is queueing skbs with garbage in skb-cb, triggering a too big copy 1...

PT-2024-40683 · Libspdm · Libspdm

Name of the Vulnerable Software and Affected Versions: libspdm affected versions not specified Description: The issue is related to a heap-buffer-overflow read. Technical details about the crash include the libspdm copy mem function and the libspdm get response chunk send function. No information...

SUSE CVE-2023-40181

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the zgfxdecompresssegment function. In the context of CopyMemory, it's possible to read data beyond the...