CVE-2025-0647

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element PE may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by t...

CVE-2025-0647

In the provided documents, CVE-2025-0647 affects certain Arm CPUs where a CPP RCTX instruction executed on a Processing Element can prevent TLB invalidation from TLBI operations issued to the same PE or a peer in the shareability domain. This may allow the PE to retain stale TLB entries that shou...

SUSE CVE-2025-71101

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...

PT-2026-2850

In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element PE may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by t...

Linux Distros Unpatched Vulnerability : CVE-2026-22853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR's NDR array reader does not perform bounds checking on the onwire eleme...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001703)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001703 advisory. An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to...

CVE-2025-71101 platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...

CVE-2025-71101

CVE-2025-71101 stems from the Linux kernel HP-BIOSCFG driver’s ACPI package parsing: hp_populate_*_elements_from_package() reads multi-element fields (PREREQUISITES, ENUM_POSSIBLE_VALUES) using offsets like enum_obj[elem + reqs] or enum_obj[elem + pos_values], but the bounds check only validated ...

CVE-2025-71101 platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing The hppopulateelementsfrompackage functions in the hp-bioscfg driver contain out-of-bounds array access vulnerabilities. These functions parse ACPI...

CLSA-2026-1768300005 php: Fix of CVE-2025-14178

CVE-2025-14178: fix integer overflow in the precomputation of element counts using zendhashnumelements...

CLSA-2026-1768299147 Fix CVE(s): CVE-2025-14178

SECURITY UPDATE: heap buffer overflow in arraymerge - debian/patches/CVE-2025-14178.patch: fix integer overflow in the precomputation of element counts using zendhashnumelements - CVE-2025-14178...

CVE-2018-19048

Simditor through 2.3.21 allows DOM XSS via an onload attribute within a malformed SVG element...

CVE-2019-2327

Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650,...

CVE-2011-0500

Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project .visprj file containing a valitem element with a long "value" attribute, as demonstrat...

CVE-2023-43520

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE...

CVE-2023-43552

Memory corruption while processing MBSSID beacon containing several subelement IE...

CVE-2023-29012

Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...

UBUNTU-CVE-2025-69194

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

CVE-2025-69194 Wget2: arbitrary file write via metalink path traversal in gnu wget2

A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2026 Release 1 prior to Release 1, which stems from an improperly exported Andro...