CVE-2026-39418 MaxKB: SSRF via sandbox network hook bypass

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSGFASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002563 advisory. The acpinsterminate function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which...

Un-verified kernel bypass Secure Boot mechanism in direct boot mode

...

CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities

Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...

CVE-2025-2296

CVE-2025-2296 affects EDK2 BIOS/edk2 components. The connected docs indicate a vulnerability in improper input validation that could allow arbitrary command execution and impact confidentiality, integrity, and availability, with local access required. Mitigations shown include patch/updated packa...

CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

CVE-2025-2296 Un-verified kernel bypass Secure Boot mechanism in direct boot mode

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

CVE-2025-48510

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability...

EUVD-2021-20421

Malware in sbrugna...

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write...

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue...

Apple iOS and iPadOS Security Vulnerabilities

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in Apple iOS version 17.4 and iPadOS version 17.4, which originates from an...

Code injection

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. An attacker that has already achieved kernel code execution may be able to bypass...

Windows Kernel Security Feature Bypass Vulnerability

...

SUSE CVE-2018-7755

An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discove...

Huawei EMUI 安全漏洞

Huawei EMUI is an Android-based mobile operating system developed by Chinese company Huawei Huawei. A security vulnerability exists in Huawei EMUI 12.0.0, which originates from a kernel space transfer data check bypass in the HIPP module, and can be exploited by an attacker to cause out-of-bounds...

BSA-2022-2013

Security Advisory ID : BSA-2022-2013 Component : RETBLEED Revision : 1.0: Final A research team in Switzerland has found a new variant of the speculative execution vulnerabilities that affect some Intel and AMD chips aka RETBLEED. Retbleed CVE-2022-29900 and CVE-2022-29901 is the new addition to...

PT-2022-9728 · Amd +4 · Amd Cpus +4

Name of the Vulnerable Software and Affected Versions: AMD CPUs affected versions not specified Description: The issue is related to speculative execution in AMD CPUs, which may allow data leakage by transiently executing beyond unconditional direct branches. This could potentially lead to the...

AMD Graphics Driver 资源管理错误漏洞

AMD Graphics Driver is an integrated graphics driver from AMD, Inc. AMD Graphics Driver is vulnerable to a resource management error that could be exploited by attackers to cause a KASLR bypass or information disclosure...

CVE-2017-18676

An issue was discovered on Samsung mobile devices with N7.0 Qualcomm chipsets software. There is an RKP kernel protection bypass in which unwanted memory mappings may occur because of a lack of MSR trapping. The Samsung ID is SVE-2016-7901 April 2017...