CVE-2025-6026

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data...

EUVD-2025-34697

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

DEBIAN-CVE-2025-11568

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

CVE-2025-11568

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

CVE-2025-11568

CVE-2025-11568 affects the luksmeta utility when used with the LUKS1 partition format. The vulnerability allows a user with necessary permissions to write excessive metadata, and due to improper validation of available space, this metadata can overwrite and corrupt the encrypted data, potentially...

CVE-2025-6026

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data...

CVE-2025-6026

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data...

CVE-2025-6026

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data...

CVE-2025-6026

CVE-2025-6026 concerns Lenovo Universal Device Client (UDC). The issue is improper certificate validation that could allow an attacker capable of intercepting network traffic to access application metadata, including device information, geolocation, and telemetry data. The security details indica...

Lenovo Universal Device Client 安全漏洞

Lenovo Universal Device Client is a universal device client from Lenovo China. A security vulnerability exists in Lenovo Universal Device Client, which stems from improper certificate validation, and could allow a user who intercepts network traffic to obtain encrypted application metadata...

Red Hat Enterprise Linux 10 安全漏洞

Red Hat Enterprise Linux 10 is a suite of Linux operating systems for business users from Red Hat, an American company. A security vulnerability exists in Red Hat Enterprise Linux 10 that stems from not properly validating free space, which could result in user encrypted data being overwritten an...

PT-2025-42393

Name of the Vulnerable Software and Affected Versions luksmeta affected versions not specified Description A data corruption issue exists in the luksmeta utility when operating with the LUKS1 disk encryption format. An attacker possessing appropriate permissions can trigger this flaw by writing a...

DEBIAN-CVE-2025-0033

Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity...

CVE-2025-0033

Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity...

RMPocalypse: Single 8-Byte Write Shatters AMD's SEV-SNP Confidential Computing

Chipmaker AMD has released fixes to address a security flaw dubbed RMPocalypse that could be exploited to undermine confidential computing guarantees provided by Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP. The attack, per ETH Zürich researchers Benedict Schlüter and Shweta...

CVE-2025-40774

CVE-2025-40774 affects SiPass integrated prior to v3.0. The vulnerability stems from passwords stored in the server’s database with decryption keys accessible to administrators, enabling password recovery. Exploitation could allow an attacker with admin access to obtain and use valid user passwor...

PT-2025-41941

Name of the Vulnerable Software and Affected Versions FortiOS versions 7.4.0 through 7.4.3 and prior to 7.2.7 FortiProxy versions 7.4.0 through 7.4.3 and prior to 7.2.9 FortiPAM versions prior to 1.2.0 FortiSwitchManager versions 7.2.0 through 7.2.3 and 7.0.0 through 7.0.3 Description An improper...

PT-2025-41886

Name of the Vulnerable Software and Affected Versions SiPass integrated versions prior to 3.0 Description The software stores user passwords encrypted in its database. Decryption keys are accessible to users with administrative privileges, potentially allowing an attacker to recover passwords...

AMD CVE-2025-0033: RMP Corruption During SNP Initialization

Microsoft is aware of AMD-SB-3020 | CVE-2025-0033 disclosed by AMD on October 13, 2025. CVE-2025-0033 is a vulnerability in AMD EPYC processors using Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP. It involves a race condition during Reverse Map Table RMP initialization that could...

PT-2025-41795

Name of the Vulnerable Software and Affected Versions AMD EPYC and EPYC Embedded series processors versions prior to BIOS updates from OEM partners AMD EPYC processors using Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP affected versions not specified Description A critical issue...