138 matches found
EUVD-2025-197985
The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials...
EUVD-2020-19727
Malware in sbrugna...
EUVD-2020-18312
Malware in sbrugna...
EUVD-2020-26698
Malware in sbrugna...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-383340)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-383340 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions,...
EUVD-2025-18606
Malicious code in bioql PyPI...
EUVD-2024-38314
Malicious code in bioql PyPI...
EUVD-2024-38318
Malicious code in bioql PyPI...
EUVD-2025-19776
Malicious code in bioql PyPI...
EUVD-2025-27914
Malicious code in bioql PyPI...
EUVD-2023-54014
Malicious code in bioql PyPI...
CVE-2022-50354 drm/amdkfd: Fix kfd_process_device_init_vm error handling
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...
CVE-2025-38585
CVE-2025-38585 concerns Linux kernel staging/atomisp: a stack buffer overflow in gmin_get_var_int() triggered when gmin_get_config_var() calls EFI get_variable() with a larger-than-expected EFI variable. The bug stems from two issues: (1) gmin_get_config_var() returning a stale error code on EFI ...
Linux Distros Unpatched Vulnerability : CVE-2024-6564
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in rcardevinit due to using due to using untrusted data rcarimagenumber as a loop counter before verifying it against RCARMAXBL3XIMAGE. This cou...
Linux Distros Unpatched Vulnerability : CVE-2022-49818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mISDN: fix misuse of putdevice in mISDNregisterdevice We should not release reference by...
CVE-2025-38355
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt-wq that we use to complete asynchronous removal of some GGTT nodes, this happends as part of the managed-d...
CVE-2022-50058
In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...
CVE-2022-50058
CVE-2022-50058 affects the Linux kernel's vdpa_sim_blk: a missing initialization of nas and ngroups can cause a kernel NULL pointer dereference when creating a new vdpa_sim_blk device, leading to a panic in vhost_iotlb_add_range_ctx. The issue arises from commit changes adding nas/ngroups to vdpa...
CVE-2020-27208
The flash read-out protection RDP level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface...
CVE-2025-37971
In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2dev Commit 42a2f6664e18 "staging: vc04services: Move global gstate to vchiqstate" changed mmalinit to pass dev-v4l2dev.dev to vchiqmmalinit, however nothing iniitialised dev-v4l2dev,...