CVE-2025-48060 AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...

CVE-2025-48060 AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)

jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function jvstringvfmt in the jqfuzzexecute harness from oss-fuzz. This crash happens on file jv.c, line 1456 void p = mallocsz;. As of time of publication, no patched versions are...

CVE-2025-27891

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets...

CVE-2024-55569

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes...

PT-2025-21181 · Samsung · Exynos

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980 through 9825, versions 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description: An issue...

2025.1 IPU -Intel® Processor Advisory

Summary: A potential security vulnerability in some Intel® Processors may allow information disclosure. Intel is releasing microcode updates and prescriptive guidance to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-28956 Description: Exposure of Sensitive...

IBM POWER systems FSP 安全漏洞

IBM POWER systems FSP is a power systems flexible services processor from International Business Machines IBM. A security vulnerability exists in IBM POWER systems FSP versions V10.2.1030.0 and V10.3.1050.0, which stems from excessive privileges when executing commands, which could cause a local...

The vulnerability of the software URL processor for Cisco Webex App allows a perpetrator to execute arbitrary commands.

The vulnerability of the software URL processor for Cisco Webex App relates to the ability to download files from untrusted sources. Exploiting this vulnerability could allow a malicious actor to execute arbitrary commands when a user accesses a specially crafted link...

The vulnerability of the System Management Mode (SMM) mode of AMD microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the System Management Mode SMM mode of AMD microprogramming processors is related to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

AMD Processors 安全漏洞

AMD Processors is a processor from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Processors that stems from a microcode signature verification bypass that could lead to an attacker elevating privileges...

CVE-2024-52924

An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. Lack of boundary check during the decoding of Registration...

The vulnerability of the AmdPlatformRasSspSmm driver of AMD’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the AmdPlatformRasSspSmm microprogramming software driver for AMD processors is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

ROS-20250214-05

Intel Xeon processors vulnerability is related to a data protection mechanism violation. Exploitation of the vulnerability could allow an attacker to escalate privileges Vulnerability in SMI transfer monitor STM hypervisor of Intel processors firmware is related to to an improper workflow...

SUSE CVE-2024-37020

Sequence of processor instructions leads to unexpected behavior in the IntelR DSA V1.0 for some IntelR XeonR Processors may allow an authenticated user to potentially enable denial of service via local access...

Intel 2024.4 IPU - Processor February 2025 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Processors, which might allow denial of service. Intel is releasing microcode updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has identified affected...

AMD Server Processor 输入验证错误漏洞

AMD Server Processor is a processor product from UltraMicro Semiconductor AMD for the server market, which is primarily used in data centers, cloud computing, and high performance computing. AMD Server Processor suffers from an input validation error vulnerability that stems from incorrect input...

CVE-2024-10929 Spectre-BSE

In certain circumstances, an issue in Arm Cortex-A57, Cortex-A72 revisions before r1p0, Cortex-A73 and Cortex-A75 may allow an adversary to gain a weak form of control over the victim's branch history...

CVE-2024-46920

An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, 980, 990, 850, 1080, 2100, and 1280. Lack of a length check leads to a stack out-of-bounds write at loadInputBuffers...

CVE-2024-5660

Use of Hardware Page Aggregation HPA and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1, Cortex-X1C, Cortex-X2, Cortex-X3, Cortex-X4, Cortex-X925, Neoverse V1, Neoverse V2, Neoverse V3, Neoverse V3AE, Neoverse N2 may permit bypass o...

The vulnerability of the Software Guard eXtensions (SGX) processor implementation allows a hacker to disclose protected information.

The vulnerability of the Software Guard eXtensions SGX processor implementation is related to the checking of incorrect conditions. Exploiting this vulnerability can allow an attacker to disclose protected information...