61 matches found
CVE-2026-50350
CVE-2026-50350 concerns an information-disclosure vulnerability in Windows’ Trusted Runtime Interface Driver. An authenticated local attacker may disclose sensitive information due to an underlying flaw in the driver, with CVSSv3.1 metrics indicating Local attack vector, Low attack complexity, Lo...
CVE-2026-50350 Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
...
CVE-2026-50350 Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
...
Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally...
PT-2026-58199
Name of the Vulnerable Software and Affected Versions Windows Trusted Runtime Interface Driver affected versions not specified Description An authorized attacker can locally disclose sensitive information due to an exposure of sensitive data within the Windows Trusted Runtime Interface Driver...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb – revert the use of devmkzalloc in btusb This change reverts to the behavior described in commit 98921dbd00c4e “Bluetooth: Use devmkzalloc in btusb.c file”. In btusbprobe, we use devmkzalloc to allocate the btusb...
CVE-2026-46261
A flaw was found in the Linux kernel. A null pointer dereference in the wpcm-fiu Serial Peripheral Interface SPI driver, specifically when platformgetresourcebyname returns a null value, could lead to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...
CVE-2026-46108
A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI System Interface SI driver. This vulnerability occurs when the driver fails to return to a normal operational state after a message allocation failure. This improper state handling can lead to the driver not...
PT-2026-44300
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The ipmi driver fails to implement limits on event and receive message requests, continuing to fetch data until the Baseboar...
USN-8184-1: Linux kernel (Real-time) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by a unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
An Out-of-Bounds Read vulnerability exists in the ASUS Business System Control Interface driver. This vulnerability can be triggered by an unprivileged local user sending a specially crafted IOCTL request, potentially leading to a disclosure of kernel information or a system crash. Refer to the...
CVE-2025-15038
The CVE-2025-15038 affected component is the ASUS Business System Control Interface driver. A vulnerability described as Out-of-Bounds allows a local, unprivileged user to craft an IOCTL request that can trigger kernel information disclosure or cause a system crash. The exposure is linked to loca...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of lock protection for the currxfer field in the tegra210-quad SPI driver. This...
SUSE CVE-2025-68755
In the Linux kernel, the following vulnerability has been resolved: staging: most: remove broken i2c driver The MOST I2C driver has been completely broken for five years without anyone noticing so remove the driver from staging. Specifically, commit 723de0f9171e "staging: most: remove device from...
CVE-2023-54054 scsi: qla2xxx: Fix buffer overrun
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix buffer overrun Klocwork warning: Buffer Overflow - Array Index Out of Bounds Driver uses fcelsflogi to calculate size of buffer. The actual buffer is nested inside of fcelsflogi which is smaller. Replace...
EUVD-2025-14435
Malicious code in bioql PyPI...
Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel (IBM) vulnerabilities (USN-7779-1)
"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7779-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...
USN-7766-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...