MiracleLinux 7 : nss-3.79.0-5.el7 (AXSA:2023-5233:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5233:03 advisory. nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : nss-3.79.0-11.el8 (AXSA:2023-5224:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5224:01 advisory. nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : kernel-4.18.0-240.el8 (AXSA:2021-1489:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1489:04 advisory. kernel: use after free in the video driver leads to local privilege escalation CVE-2019-9458 kernel: use-after-free in drivers/bluetooth/hcildisc.c...

MiracleLinux 7 : binutils-2.27-34.base.el7 (AXSA:2018-3397:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3397:04 advisory. binutils: Improper bounds check in coffgen.c:coffpointerizeaux allows for denial of service when parsing a crafted COFF file CVE-2018-7208 binutils:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001255)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001255 advisory. A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003699)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003699 advisory. In the hidpprocessreport in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003853 advisory. In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003996)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003996 advisory. An out-of-bounds memory write flaw was found in how the Linux kernels Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. Th...

MiracleLinux 7 : kernel-3.10.0-1062.4.3.el7 (AXSA:2019-4398:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4398:06 advisory. hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write CVE-2019-0155 Tenable has extracted the preceding description block directly...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

MiracleLinux 4 : kernel-2.6.32-220.4.1.el6 (AXSA:2012-228:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-228:02 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-53470

Summary: CVE-2025-53470 affects Apache NimBLE’s HCI H4 driver. An out-of-bounds read can be triggered by a specially crafted HCI event, leading to an invalid memory read.affected software: Apache NimBLE up to version 1.8 (inclusive); advisory recommends upgrading to version 1.9 which contains the...

CVE-2018-9368

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-22327

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186C10E7R5P1,...

CVE-2021-22345

There is an Input Verification Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause out-of-bounds memory write...

CVE-2019-2250

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130...

CVE-2022-23431

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-23428

An improper boundary check in edenruntime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2026-21869

A flaw was found in llama.cpp. A remote attacker can exploit an input validation vulnerability in the server's completion endpoints. By supplying a negative value for the ndiscard parameter in JSON input, an attacker can cause out-of-bounds memory writes. This can lead to a process crash or enabl...