Fedora 44 : xen (2026-8b2957222f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-8b2957222f advisory. x86: CPU Opcode Cache corruption XSA-490,CVE-2025-54518 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

The vulnerability was exploited in AMD processors

AMD has addressed a vulnerability in certain processor models through a mitigation measure included in the Windows update of May 2026. This vulnerability affects certain AMD processors. A local malicious actor could exploit this vulnerability to execute arbitrary code on the system. The mitigatio...

EUVD-2023-35628

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

2026.2 IPU - Intel® Processor Firmware Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-35979 Description: Exposure of sensitive information caused by shared...

Linux Distros Unpatched Vulnerability : CVE-2026-41257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - jq is a command-line JSON processor. In 1.8.1 and earlier, the jq bytecode VM's data stack tracks its allocation size in a signed int. When the stack grows beyo...

Astra Linux - уязвимость в intel-microcode

Improper isolation of shared resources in some IntelR processors when using IntelR Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local access...

Dynamic-Datasource has an Injection vulnerability

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2026-1610)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the...

Intel Processors 输入验证错误漏洞

Intel Processors are a series of processors developed by the American company Intel. Intel Processors have a vulnerability related to input validation, which stems from improper input validation and may lead to privilege escalation. System software attackers with privileged access can potentially...

SUSE SLES11 Security Update : ucode-intel (SUSE-SU-2026:0670-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0670-1 advisory. - Intel CPU Microcode was updated to the 20260210 release bsc1258046 - CVE-2024-24853: Updated fix for incorrect behavior order in transition...

USN-8028-7 linux-nvidia-lowlatency vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt...

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There is a security vulnerability in AMD Processors, which stems from type confusion. This vulnerability may allow attackers to send malformed parameters to external global memory interconnection trusted...

MiracleLinux 8 : microcode_ctl-20210216-1.20210525.1.el8 (AXSA:2021-2200:09)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2200:09 advisory. hw: vt-d related privilege escalation CVE-2020-24489 hw: improper isolation of shared resources in some Intel Processors CVE-2020-24511 hw: observab...

MiracleLinux 8 : microcode_ctl-20190618-1.20191115.3.el8 (AXEA:2020-144:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXEA:2020-144:03 advisory. - Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR...

K000158881: Intel Xeon processor vulnerability CVE-2025-20053

Security Advisory Description Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-20053 Impact There is no impact; F5 products are not affected by this...

📄 Adobe DNG SDK RefBaselineABCDtoRGB Out-Of-Bounds Read / Information Disclosure

This work presents a technical, research‑grade proof of concept demonstrating CVE‑2025‑64893, an out of bounds read vulnerability in Adobe DNG SDK versions prior to 1.7.1.2410. The vulnerability is caused by a logic flaw in the rendering pipeline where a crafted but specification‑compliant DNG fi...

CVE-2025-53965

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking...

AMD CPU Entropy Mishandling Vulnerability

AMD CPUs are a family of CPUs from AMD. AMD CPUs suffer from an entropy mishandling vulnerability, no details of the vulnerability are provided at this time...

CVE-2025-58410 GPU DDK - Multiple calls into PhysmemGEMPrimeExport can inherit write access permission for an existing read-only dma_buf import PMR

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource...

CVE-2025-27374

CVE-2025-27374 affects Samsung’s Secure Boot component on Exynos Mobile/Wearable Processors (models listed in the document). The issue is a missing length check that can lead to out-of-bounds writes. The connected records repeatedly describe the same flaw but do not provide concrete exploit detai...