Lucene search
K

54 matches found

CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-53047

CVE-2026-53047 affects the Linux kernel’s efi/capsule-loader. The vulnerability arises from a mis-sized allocation in __efi_capsule_setup_info(): the krealloc() for cap_info->phys uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t). This can produce an undersized allocation, inconsistent...

6AI score0.00195EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: erofs: Fixed invalid cases for encoded extents. Robert recently reported two corrupted images that can cause system crashes. These issues are related to the new encoded extents introduced in Linux 6.15: - The first image has...

5.8AI score0.00161EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ACPI: Tables: FPDT: Do not call acpiosmapmemory on an invalid physical address. On a Packard Bell Dot SC Intel Atom N2600 model, there is an FPDT table containing invalid physical addresses, with high bits set that fall outside t...

7.8CVSS6.6AI score0.00153EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect conversion of physical addresses during the putfolios cleanup process in memfdluo,...

5.8AI score0.00107EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detection when STB is unavailable. Loading the amdpmc module with the option amdpmc enablestb=1 may result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff...

5.5CVSS6.2AI score0.00238EPSS
Exploits0References2
OSV
OSV
added 2026/02/04 5:16 p.m.2 views

UBUNTU-CVE-2026-23085

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References29
CVE
CVE
added 2026/02/04 4:8 p.m.24 views

CVE-2026-23085

CVE-2026-23085 affects the Linux kernel irqchip/gic-v3-its on 32-bit ARM with CONFIG_ARM_LPAE, where lowmem allocations could be backed by physical memory above 4 GB. The ITS driver stored a 32-bit address in an unsigned long, triggering truncation. The fix changes the itt_addr and related physic...

5.5CVSS5.1AI score0.00123EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002273)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002273 advisory. The pagemapopen function in fs/proc/taskmmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive...

4CVSS6.8AI score0.00305EPSS
Exploits0References9
NVD
NVD
added 2025/12/12 12:15 p.m.5 views

CVE-2025-14159

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS0.00137EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/12 11:15 a.m.28 views

CVE-2025-14159 Secure Copy Content Protection and Content Locking <= 4.9.2 - Cross-Site Request Forgery to Data Export

The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.9.2. This is due to missing nonce validation on the 'ayssccpresultsexportfile' AJAX action. This makes it possible for unauthenticated...

4.3CVSS0.00137EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/11/27 3:3 p.m.8 views

CVE-2025-48511

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service...

5.5CVSS6.4AI score0.00097EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/24 9:31 p.m.6 views

EUVD-2025-198997

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service...

5.5CVSS6AI score0.00097EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/24 9:0 p.m.4 views

CVE-2025-48511

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service...

5.5CVSS6.2AI score0.00097EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-28593

Malware in sbrugna...

7.6CVSS7.5AI score0.00258EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/09/15 11:29 p.m.2 views

SUSE CVE-2022-50320

In the Linux kernel, the following vulnerability has been resolved: ACPI: tables: FPDT: Don't call acpiosmapmemory on invalid phys address On a Packard Bell Dot SC Intel Atom N2600 model there is a FPDT table which contains invalid physical addresses, with high bits set which fall outside the ran...

7CVSS6.3AI score0.00153EPSS
Exploits0References8
CVE
CVE
added 2025/09/15 2:48 p.m.18 views

CVE-2022-50320

The CVE-2022-50320 issue is a Linux kernel ACPI FPDT FPDT table bug where invalid physical addresses trigger ioremap warnings and an oops. The root cause is calling acpi_os_map_memory() on an invalid phys address; a fix adds a validation step to prevent mapping invalid addresses. The description ...

7.8CVSS5.9AI score0.00153EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-28039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0...

6.5CVSS6.8AI score0.00424EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 3:8 p.m.10 views

CVE-2020-11230

Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile...

6.4CVSS7.4AI score0.00136EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2024/08/16 6:31 p.m.10 views

The Slow-Burn Nightmare of the National Public Data Breach

Social Security numbers, physical addresses, and more—all available online. After months of confusion, leaked information from a background-check firm underscores the long-term risks of data breaches...

6.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/05/21 2:20 p.m.20 views

CVE-2021-47277 kvm: avoid speculation-based attacks from out-of-range memslot accesses

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physical address gpa to a host virtual address using the right-shifted gpa also known as gfn an...

6.5AI score0.00259EPSS
Exploits0References8
Rows per page
Query Builder