144 matches found
CVE-2026-46059
A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine nSVM module. This vulnerability occurs when running nested virtual machines L2 guests with NRIPS Next Instruction Pointer Suppression disabled. After an L2 guest's initial run, the NextRIP value in vmcb02 may not be correctly...
CVE-2023-31316
Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...
PT-2026-27234
OpenClaw before 2026.2.22 contains an authorization bypass vulnerability in allowlist mode where allow-always persistence at wrapper-level enables approval-bypass execution of different payloads. Attackers can approve benign wrapped system.run commands to broaden trust boundaries and execute...
EUVD-2005-2828
Malware in sbrugna...
EUVD-2013-4634
Malware in sbrugna...
EUVD-2007-4641
Malware in sbrugna...
EUVD-2021-33191
Malicious code in bioql PyPI...
EUVD-2024-47866
Malicious code in bioql PyPI...
EUVD-2025-24813
Malicious code in bioql PyPI...
EUVD-2022-15432
Malicious code in bioql PyPI...
EUVD-2021-31329
Malicious code in bioql PyPI...
EUVD-2021-29046
Malicious code in bioql PyPI...
EUVD-2024-42800
Malicious code in bioql PyPI...
GHSA-XH92-RQRQ-227V Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure
The Mastra Docs MCP Server package @mastra/mcp-docs-server is a server designed to provide documentation context to AI agentic workflows, such as those used in AI-powered IDEs. Resources: Package URL: https://www.npmjs.com/package/@mastra/mcp-docs-server ----- Overview The @mastra/mcp-docs-server...
NVIDIA Megatron-LM Code Injection Vulnerability
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that originates in a tool component and can be exploited by an attacker to modify the...
CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability
A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...
CVE-2025-7353 Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability
A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...
NVIDIA Megatron-LM 代码注入漏洞
NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. NVIDIA Megatron-LM suffers from a code injection vulnerability that originates in a tool component and can be exploited by an attacker to modify the...
CVE-2021-42060
An issue was discovered in Insyde InsydeH2O Kernel 5.0 through 05.08.41, Kernel 5.1 through 05.16.41, Kernel 5.2 before 05.23.22, and Kernel 5.3 before 05.32.22. An Int15ServiceSmm SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management Mode...
CVE-2021-42113
An issue was discovered in StorageSecurityCommandDxe in Insyde InsydeH2O with Kernel 5.1 before 05.14.28, Kernel 5.2 before 05.24.28, and Kernel 5.3 before 05.32.25. An SMM callout vulnerability allows an attacker to hijack execution flow of code running in System Management Mode. Exploiting this...