8149 matches found
Red Hat build of Keycloak 安全漏洞
Red Hat build of Keycloak is a web application for single sign-on from Red Hat, Inc. A security vulnerability exists in Red Hat build of Keycloak version 26.4 that stems from debug mode insecurely binding the JDWP port to all network interfaces, which could lead to remote code execution...
Linux Distros Unpatched Vulnerability : CVE-2025-12910
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug...
DEBIAN-CVE-2025-40184
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
CVE-2025-40184
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
UBUNTU-CVE-2025-40184
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
CVE-2025-40184 KVM: arm64: Fix debug checking for np-guests using huge mappings
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
CVE-2025-40184
The CVE-2025-40184 entry documents a Linux kernel KVM/arm64 vulnerability: when using transparent huge pages with NVHE EL2 debug, the debug check in assert_host_shared_guest() may trigger a WARN_ON leading to a host panic. The issue arises because __pkvm_host_relax_perms_guest() assumes a single-...
CVE-2025-40184 KVM: arm64: Fix debug checking for np-guests using huge mappings
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix debug checking for np-guests using huge mappings When running with transparent huge pages and CONFIGNVHEEL2DEBUG then the debug checking in asserthostsharedguest fails on the launch of an np-guest. This WARNON...
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
EUVD-2025-124921
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL on memory allocation failure, but the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL check to...
CVE-2025-40162
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL on memory allocation failure, but the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL check to...
CVE-2025-40162
In CVE-2025-40162, the Linux kernel ASoC subsystem (amd/sdw_utils) had a NULL dereference risk when devm_kasprintf() fails. The code could dereference cpus->dai_name in a debug message before confirming devm_kasprintf() returned non-NULL. The patch moves the dev_dbg() call after the NULL check...
CVE-2025-40162 ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL on memory allocation failure, but the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL check to...
CVE-2025-40162 ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd/sdwutils: avoid NULL deref when devmkasprintf fails devmkasprintf may return NULL on memory allocation failure, but the debug message prints cpus-dainame before checking it. Move the devdbg call after the NULL check to...
CVE-2025-12910
Inappropriate implementation in Passkeys in Google Chrome allowed a local attacker to obtain potentially sensitive information via debug logs...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990744)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990744 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Remove the /proc/scsi/$procname directory earlier Remove the /proc/scsi/$procname...
Google Chrome Passkeys Improperly Implemented Vulnerability
Google Chrome is a free web browser developed by Google Inc. Google Chrome suffers from a Passkeys mal-implementation vulnerability, which can be exploited by an attacker to obtain sensitive information via debug logs...
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
CVE-2024-32008
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...
EUVD-2024-29846
A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application user...