PT-2026-30464

🚨 LIVE HIJACK ALERT — CVE-2026-77777. CVSS 8.9. attacker feeds poisoned task output to CrewAI agent memory. future tasks execute attacker instructions as if they were original goals. investigating. 🧵...

EUVD-2014-9783

Malware in sbrugna...

CVE-2025-46733 REE userspace code can panic TAs, leading to fTPM PCR reset and data disclosure

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. In version 4.5.0, using a specially crafted tee-supplicant binary running in REE userspace, an attacker can trigger a panic in a TA that...

CVE-2024-43910

In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...

CVE-2024-43910

In the Linux kernel, the following vulnerability has been resolved: bpf: add missing checkfuncargregoff to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONSTPTRTODYNPTR to a global function as an argument. The adverse effects of this is that BPF helpers can...

CVE-2024-32922

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32899

In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32922

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32922

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-32899

CVE-2024-32899 relates to a race condition in the Pixel GPU power management path (gpu_pm_power_off_top_nolock in pixel_gpu_power.c) that could allow local escalation of privilege to the TEE by compromising protected memory. Exploitation is predicted to require with local access and no user inter...

CVE-2024-32899

In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-301669196

In gpupmpowerofftopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a race condition. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-301657544

In gpupmpowerontopnolock of pixelgpupower.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-25986

In ppmpunprotectbuf of drmfw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-25986

CVE-2024-25986 affects the drm_fw.c component’s ppmp_unprotect_buf logic, enabling possible protection-memory compromise and local escalation of privilege to TEE without extra execution privileges; user interaction is not required. No exploitation details or patch information are provided in the ...

PUB-A-297569957

In ppmpunprotectbuf of drmfw.c, there is a possible compromise of protected memory due to a logic error in the code. This could lead to local escalation of privilege to TEE with no additional execution privileges needed. User interaction is not needed for exploitation...

Out-of-bounds Read

libXpm is vulnerable to Out-of-bounds Read. The vulnerability is caused due to a boundary condition that can be exploited to read contents of memory of the system. An attacker can trigger this out-of-bounds read error compromising confidentiality of the system...

CVE-2021-22321

There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2021-1384)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Information disclosure

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...