SUSE CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

CVE-2026-43206

A flaw was found in the Linux kernel's drm/amdkfd component. An unprivileged local user can exploit an out-of-bounds write vulnerability in the kfdeventpageset function. This occurs because the function writes data without properly validating the buffer size, allowing a small buffer to trigger a...

EUVD-2026-27767

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

CVE-2026-43206 drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by the kfdeventpageset function not checking the buffer size properly. This vulnerability may lead to...

PT-2026-37546

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the kfd event page set function. The function uses memset to write KFD SIGNAL EVENT LIMIT 8 bytes without verifying the buffer size parameter. This allow...

Linux Distros Unpatched Vulnerability : CVE-2026-43206

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer si...

EUVD-2006-0188

Malware in sbrugna...

EUVD-2025-23463

Malicious code in bioql PyPI...

CVE-2025-52132

The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page...

PT-2025-31765 · Unknown · Mocca Calendar

Name of the Vulnerable Software and Affected Versions: Mocca Calendar versions prior to 2.15 Description: The Mocca Calendar application is susceptible to a cross-site scripting XSS issue. This issue occurs through manipulation of the title field when viewing an event page. Recommendations: Updat...

CVE-2025-52132

The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page...

CVE-2022-38878

School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit=...

CVE-2020-28070

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in viewevent.php via the 'id' parameter...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: Im speaking twice at RSA Conference 2024 in San Francisco. Ill be on a panel on software liability on May 6, 2024 at 8:30 AM, and Im giving a keynote on AI and democracy on May 7, 2024 at 2:25 PM. The list is maintained on this pag...

CVE-2022-38605

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/editevent.php...

Privilege escalation

Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manageevent.php...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking on "Securing a World of Physically Capable Computers" at Oxford University on Monday, June 17, 2019. The list is maintained on this page...