86 matches found
EUVD-2026-34160
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...
PT-2026-46046
Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.3.0 through 4.10.x Description A type confusion occurs in OP-TEE OS when processing an 'FFA MEM SHARE' request from the normal world. This issue specifically affects configurations where OP-TEE is set as a Secure Partition...
CVE-2025-71298
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the object's madvide operation. The tests use drmgemshmemmadviselocked, which led to errors such as show...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointing to the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001759)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001759 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
KVM: arm64: Check the untrusted offset in FF-A memory share
...
CVE-2025-40266
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
UBUNTU-CVE-2025-40266
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
EUVD-2023-59994
BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The path parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject and execute arbitrary shell commands on the device. Successfu...
EUVD-2009-1801
Malware in sbrugna...
EUVD-2019-15775
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414404)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414404 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...
EUVD-2022-36781
Malicious code in bioql PyPI...
EUVD-2022-28196
Malicious code in bioql PyPI...
EUVD-2022-45402
Malicious code in bioql PyPI...
EUVD-2022-36275
Malicious code in bioql PyPI...
EUVD-2022-36779
Malicious code in bioql PyPI...
BIT-LIBPHP-2021-21703 PHP-FPM memory access in root process leading to privilege escalation
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the...
CVE-2022-42327
x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...