Lucene search
+L

289 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27914

Malicious code in bioql PyPI...

6.2AI score0.00191EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54268

Malicious code in bioql PyPI...

8.4CVSS6.5AI score0.00204EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25798

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00326EPSS
Exploits1References6
ubuntu
ubuntu
added 2025/10/01 2:52 p.m.6 views

USN-7790-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AMD CDX bus driver; - DP...

8.1CVSS7AI score0.00352EPSS
Exploits0
cvelist
cvelist
added 2025/10/01 11:42 a.m.8 views

CVE-2022-50433 efi: ssdt: Don't free memory if ACPI table was loaded successfully

In the Linux kernel, the following vulnerability has been resolved: efi: ssdt: Don't free memory if ACPI table was loaded successfully Amadeusz reports KASAN use-after-free errors introduced by commit 3881ee0b1edc "efi: avoid efivars layer when loading SSDTs from variables". The problem appears t...

0.00143EPSS
Exploits0References2
nvd
nvd
added 2025/09/16 2:15 p.m.10 views

CVE-2025-39836

In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setupmmhdr is later on passed to teeshmregisterkernelbuf. The latter expects those buffers to be contiguous pages, but setupmmhdr just uses...

7.8CVSS0.00142EPSS
Exploits0References3
cve
cve
added 2025/09/16 1:8 p.m.31 views

CVE-2025-39836

CVE-2025-39836 is a Linux kernel issue described as resolved: the EFI stmm path allocated a communication buffer with kmalloc(), while the consumer expects contiguous pages, risking corruptions/BUGs. The fix switches from kmalloc() to alloc_pages_exact() in setup_mm_hdr() so buffers passed to tee...

7.8CVSS6.3AI score0.00142EPSS
Exploits0References3Affected Software1
osv
osv
added 2025/09/15 3:15 p.m.4 views

DEBIAN-CVE-2023-53216

In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1,...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References1
cvelist
cvelist
added 2025/09/15 2:21 p.m.7 views

CVE-2023-53216 arm64: efi: Make efi_rt_lock a raw_spinlock

In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1,...

0.00153EPSS
Exploits0References5
mscve
mscve
added 2025/09/04 2:46 a.m.3 views

A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.

...

6.7CVSS7AI score0.00386EPSS
Exploits1
nvd
nvd
added 2025/08/26 3:15 p.m.13 views

CVE-2025-25734

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process...

6.8CVSS0.00326EPSS
Exploits1References6
cve
cve
added 2025/08/26 12:0 a.m.23 views

CVE-2025-25734

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) versions 3.2.0.829.23, 3.8.0.1119.42, and 4.6.0.1211.28 contain an unauthenticated EFI shell that can be leveraged to execute arbitrary code or escalate privileges during boot. Root cause is an EFI shell exposure in the RSU firmware; aff...

6.8CVSS8.7AI score0.00326EPSS
Exploits1References6Affected Software1
cvelist
cvelist
added 2025/08/26 12:0 a.m.15 views

CVE-2025-25734

Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units RSUs v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process...

0.00326EPSS
Exploits1References6
suse
suse
added 2025/08/25 6:22 a.m.12 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

8.7CVSS9AI score0.03133EPSS
Exploits11References1018
susecve
susecve
added 2025/08/19 11:23 p.m.8 views

SUSE CVE-2025-38585

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS7AI score0.00191EPSS
Exploits0References23
osv
osv
added 2025/08/19 5:15 p.m.14 views

UBUNTU-CVE-2025-38585

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

7.8CVSS6.8AI score0.00191EPSS
Exploits0References29
cvelist
cvelist
added 2025/08/19 5:3 p.m.18 views

CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()

In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow...

0.00191EPSS
Exploits0References5
cve
cve
added 2025/08/19 5:3 p.m.49 views

CVE-2025-38585

CVE-2025-38585 concerns Linux kernel staging/atomisp: a stack buffer overflow in gmin_get_var_int() triggered when gmin_get_config_var() calls EFI get_variable() with a larger-than-expected EFI variable. The bug stems from two issues: (1) gmin_get_config_var() returning a stale error code on EFI ...

7.8CVSS7.9AI score0.00191EPSS
Exploits0References5Affected Software1
suse
suse
added 2025/08/18 4:1 p.m.5 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

8.7CVSS8.3AI score0.03133EPSS
Exploits11References1136
osv
osv
added 2025/08/18 4:1 p.m.6 views

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

7.8CVSS8.7AI score0.03133EPSS
Exploits11References567
Rows per page
Query Builder