CVE-2025-38560

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

Linux Distros Unpatched Vulnerability : CVE-2024-7254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the...

CVE-2025-38506

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

CVE-2025-38508

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...

Denial Of Service (DoS)

MaterialX is vulnerable to Denial Of Service DoS. The vulnerability is due to stack exhaustion due to improper handling of multiple nested nodegraph implementations when parsing malicious MTLX files...

Linux Distros Unpatched Vulnerability : CVE-2021-45005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Artifex MuJS v1.1.3 was discovered to contain a heap buffer overflow which is caused by conflicting JumpList of nested try/finally statements. CVE-2021-45005 No...

Linux Distros Unpatched Vulnerability : CVE-2019-25001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the serdecbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. CVE-2019-2500...

Linux Distros Unpatched Vulnerability : CVE-2023-3436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Xpdf 4.04 will deadlock on a PDF object stream whose Length field is itself in another object stream. CVE-2023-3436 Note that Nessus relies on the presence of t...

CVE-2025-38508

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Use TSCFACTOR for Secure TSC frequency calculation When using Secure TSC, the GUESTTSCFREQ MSR reports a frequency based on the nominal P0 frequency, which deviates slightly typically 0.2% from the actual mean TSC...

CVE-2025-38506 KVM: Allow CPU to reschedule while setting per-page memory attributes

In the Linux kernel, the following vulnerability has been resolved: KVM: Allow CPU to reschedule while setting per-page memory attributes When running an SEV-SNP guest with a sufficiently large amount of memory 1TB+, the host can experience CPU soft lockups when running an operation in...

Linux Distros Unpatched Vulnerability : CVE-2025-37843

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug...

Linux Distros Unpatched Vulnerability : CVE-2021-3656

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided...

Malicious code in nested-dependencies (npm)

The package nested-dependencies was found to contain malicious code...

MAL-2025-27302 Malicious code in nested-dependencies (npm)

The package nested-dependencies was found to contain malicious code...

libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

CVE-2025-55157

A use-after-free vulnerability was found in Vim. This flaw allows an attacker who can trick a user into processing a specially crafted file to trigger the use-after-free, causing the application to crash. Mitigation Do not run untrusted Vim scripts as it's not recommended...

Heracles: Chosen Plaintext Attack on AMD SEV-SNP

A whitepaper discussing an attack on AMD SEV-SNP called Heracles that was able to leak kernel memory, crypto keys, and user passwords, as well as demonstrate web session hijacking...

SUSE CVE-2025-55157

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim's internal tuple reference management. Specifically, the tupleunref function may access alread...

SUSE CVE-2025-55158

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim's internal typed value typvalT management. Specifically, the cleartv...

AMD Server Vulnerabilities – August 2025

Summary Potential vulnerabilities in AMD EPYC™ Processor platforms that affect IOMMU, AMD Secure Encrypted Virtualization – Secure Nested Paging SEV-SNP and other platform components, were found during audits performed internally and by third parties. Mitigations have been provided in AMD EPYC™...