ios-imessage-zero-click-exploit

CVE-2025-31200/31201 - iOS Zero-Click iMessage Exploit Chai...

CVE-2025-40335 drm/amdgpu: validate userq input args

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate userq input args This will help on validating the userq input args, and rejecting for the invalid userq request at the IOCTLs first place...

📄 Microsoft Windows 10.0.17763.5458 Kernel IOCTL Access Control

Microsoft Windows version 10.0.17763.5458 Kernel IOCTL access control proof of concept Metasploit module. ============================================================================================================================================= | Title : Windows 10.0.17763.5458 Kernel IOCTL...

CVE-2022-50564 s390/netiucv: Fix return type of netiucv_tx()

In the Linux kernel, the following vulnerability has been resolved: s390/netiucv: Fix return type of netiucvtx With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid...

EUVD-2014-9775

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-38481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct...

CVE-2025-38392

CVE-2025-38392 (Linux kernel) describes a concurrency issue in the idpf driver where a control queue mutex (cq_lock) is held across operations that may sleep, triggering warnings during module load when VIRTCHNL2_CAP_MACFILTER is ON. The fix converts cq_lock from a mutex to a spinlock to avoid sl...

CVE-2025-38047

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Fix system hang during S4 resume with FRED enabled Upon a wakeup from S4, the restore kernel starts and initializes the FRED MSRs as needed from its perspective. It then loads a hibernation image, including the image...

CVE-2022-48994

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

CVE-2022-48994

CVE-2022-48994 affects the Linux kernel ALSA sequencing path. The issue arises from a prototype mismatch: seq_copy_in_user() and seq_copy_in_kernel() did not match snd_seq_dump_func_t, leading to -Wcast-function-type-strict checks with Clang. The patch fixes the function prototypes and removes ca...

CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the fact that deleting kctl while disconnected can result in a deadlock...

kernel: Linux kernel: Denial of Service in s390/lcs network driver due to incompatible function pointer type

A flaw was found in the Linux kernel's s390/lcs network driver. An incorrect function pointer type in the lcsstartxmit function could lead to a system crash or termination of a process. This issue arises when Kernel Control Flow Integrity kCFI, a security feature designed to prevent certain types...

Apple macOS HighSierra 10.13 - ctl_ctloutput-leak Information Leak Exploit

Exploit for macOS platform in category local exploits / ctlctloutput-leak.c Brandon Azad CVE-2017-13868 While looking through the source code of XNU version 4570.1.46, I noticed that the function ctlctloutput in the file bsd/kern/kerncontrol.c does not check the return value of sooptcopyin, which...

Apple macOS High Sierra 10.13 - ctl_ctloutput-leak Information Leak

Apple macOS High Sierra 10.13 - ctlctloutput-leak Information Leak / ctlctloutput-leak.c Brandon Azad CVE-2017-13868 While looking through the source code of XNU version 4570.1.46, I noticed that the function ctlctloutput in the file bsd/kern/kerncontrol.c does not check the return value of...

Apple macOS High Sierra 10.13 - 'ctl_ctloutput-leak' Information Leak

/ ctlctloutput-leak.c Brandon Azad CVE-2017-13868 While looking through the source code of XNU version 4570.1.46, I noticed that the function ctlctloutput in the file bsd/kern/kerncontrol.c does not check the return value of sooptcopyin, which makes it possible to leak the uninitialized contents ...

CVE-2017-10919

Xen through 4.8.x mishandles virtual interrupt injection, which allows guest OS users to cause a denial of service hypervisor crash, aka XSA-223. Mitigation On systems where the guest kernel is controlled by the host rather than guest administrator, running only kernels which do not disable SGI a...

Google Android Nvidia and Qualcomm sound drivers have unspecified vulnerabilities

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, with Nvidia as the graphics driver and Qualcomm sound as the sound driver developed by Qualcomm. A security vulnerability exists in the Nvidia and Qualcomm sound drivers in Androi...