7634 matches found
CVE-2025-40245
CVE-2025-40245 (Linux kernel, nios2) : On nios2 with CONFIG_FLATMEM, memblock.current_limit was not initialized early enough, so memblock_get_current_limit() could miscompute limits for mem_map, letting max_low_pfn exceed max_pfn and expanding DRAM access beyond valid range. This could cause kern...
CVE-2025-40245 nios2: ensure that memblock.current_limit is set when setting pfn limits
In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...
CVE-2025-40245 nios2: ensure that memblock.current_limit is set when setting pfn limits
In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...
CVE-2025-40245
In the Linux kernel, the following vulnerability has been resolved: nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to determine the limits of memmap, in particular for maxlowpfn. Unfortunately,...
USN-7909-2 linux-intel-iot-realtime, linux-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S39...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from nios2 not setting memblock.currentlimit correctly, which could lead to memory mapping out-of-bounds...
Linux Distros Unpatched Vulnerability : CVE-2025-40245
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nios2: ensure that memblock.currentlimit is set when setting pfn limits On nios2, with CONFIGFLATMEM set, the kernel relies on memblockgetcurrentlimit to...
Linux Distros Unpatched Vulnerability : CVE-2025-66476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious...
Slackware Linux 15.0 / current httpd Multiple Vulnerabilities (SSA:2025-338-01)
The version of httpd installed on the remote host is prior to 2.4.66. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-338-01 advisory. New httpd packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...
📄 Microsoft Windows 11 Build 10.0.22631.6199 Registry Vulnerability Testing Tool
This is a C/C++ proof-of-concept PoC program designed to test for a specific vulnerability within the Windows Registry handling mechanism, often related to key duplication or improper permission checks during certain API calls like RegCopyTreeW...
CVE-2025-66476
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...
UBUNTU-CVE-2025-66476
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...
EUVD-2025-200373
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...
CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...
CVE-2025-66476 Vim for Windows Uncontrolled Search Path Element Remote Code Execution Vulnerability
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...
CVE-2025-66476
Vim is an open source, command line text editor. Prior to version 9.1.1947, an uncontrolled search path vulnerability on Windows allows Vim to execute malicious executables placed in the current working directory for the current edited file. On Windows, when using cmd.exe as a shell, Vim resolves...
PT-2025-48785
Name of the Vulnerable Software and Affected Versions Vim for Windows versions prior to 9.1.1947 Description Vim is a command line text editor. A flaw exists in Vim for Windows due to an uncontrolled search path issue. When using cmd.exe as a shell, Vim resolves external commands by searching the...
[slackware-security] libxslt
New libxslt packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxslt-1.1.44-i586-1slack15.0.txz: Upgraded. This update addresses some security issues: CVE-2025-9714 Fix: Was a false positive,...
Slackware: Security Advisory (SSA:2025-331-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] cups
New cups packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.15-i586-1slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: Fix various cupsd issues which caus...