88 matches found
CVE-2026-41155 GPU DDK - SharedSecMem mapped into all GPU virtual address spaces
An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recover...
EUVD-2026-34160
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...
PT-2026-46046
Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.3.0 through 4.10.x Description A type confusion occurs in OP-TEE OS when processing an 'FFA MEM SHARE' request from the normal world. This issue specifically affects configurations where OP-TEE is set as a Secure Partition...
CVE-2025-71298
In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold reservation lock around madvise Acquire and release the GEM object's reservation lock around calls to the object's madvide operation. The tests use drmgemshmemmadviselocked, which led to errors such as show...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001759)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001759 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share. Verify the offset to prevent OOB access in the hypervisor. The FF-A buffer contains a value that is too large and potentially untrusted. U32MAX – sizeofstruct...
KVM: arm64: Check the untrusted offset in FF-A memory share
...
CVE-2025-40266
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
UBUNTU-CVE-2025-40266
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
EUVD-2023-59994
BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the /goform/webRead/open endpoint. The path parameter is not properly validated and is echoed into a shell context, allowing an attacker to inject and execute arbitrary shell commands on the device. Successfu...
EUVD-2009-1801
Malware in sbrugna...
EUVD-2019-15775
Malware in sbrugna...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414404)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414404 advisory. Linux disk/nic frontends data leaks This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...
EUVD-2022-45402
Malicious code in bioql PyPI...
EUVD-2022-36781
Malicious code in bioql PyPI...
EUVD-2022-36779
Malicious code in bioql PyPI...
EUVD-2022-36275
Malicious code in bioql PyPI...
EUVD-2022-28196
Malicious code in bioql PyPI...
BIT-LIBPHP-2021-21703 PHP-FPM memory access in root process leading to privilege escalation
In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to access memory shared with the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: xsk: fixed an integer overflow in xpcreateandassignumem Since the i and pool-chunksize variables are of type ‘u32’, their product can wrap around and then be cast to ‘u64’. This can result in two different XDP buffers pointing to...