Linux Distros Unpatched Vulnerability : CVE-2018-6063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect use of mojo::WrapSharedMemoryHandle in Mojo in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process...

Linux Distros Unpatched Vulnerability : CVE-2016-4565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The InfiniBand aka IB stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2018-6062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap overflow write in Skia in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Oracle Linux 10 : openjpeg2 (ELSA-2025-13944)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13944 advisory. 2.5.2-4.1 - fix OpenJPEG OOB heap memory write CVE-2025-54874 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Linux Distros Unpatched Vulnerability : CVE-2018-6149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Linux Distros Unpatched Vulnerability : CVE-2021-32027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values,...

ALSA-2025:13944 Important: openjpeg2 security update

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fixes: openjpeg: OpenJPEG OOB heap memory write CVE-2025-54874 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer ...

CVE-2025-4277

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4276

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4277

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4276

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4277 Tcg2Smm: improper input validation may lead to arbitrary code execution

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4277

CVE-2025-4277 is described across multiple sources as a vulnerability in InsydeH2O firmware (Tcg2Smm) that can write arbitrary memory inside SMRAM and execute arbitrary code at the SMM level. The root cause indicated in CVE records is improper input handling/execution flow that enables arbitrary ...

CVE-2025-4276

CVE-2025-4276 affects UsbCoreDxe (EFI/UEFI) and related InsydeH2O implementations. The vulnerability stems from an ability to write to arbitrary memory in SMRAM, enabling arbitrary code execution at System Management Mode (SMM). Reported impact is execution of code with SMM privileges and potenti...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O that originates from the ability to write to arbitrary memory in SMRAM and execute arbitrary code at th...

InsydeH2O 安全漏洞

InsydeH2O is a customizable firmware codebase from China Insyde Insyde. A security vulnerability exists in InsydeH2O, which can be exploited to write to arbitrary memory in SMRAM and execute arbitrary code at the SMM level...

CVE-2025-26403

Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

ALPINE-CVE-2025-26403

Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

Linux Distros Unpatched Vulnerability : CVE-2025-37947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: prevent out-of-bounds stream writes by validating pos ksmbdvfsstreamwrite did not validate whether the write offset pos was within the bounds of the...

Linux Distros Unpatched Vulnerability : CVE-2020-0009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privileg...