ReFuzz: Reusing Tests for Processor Fuzzing with Contextual Bandits

Processor designs rely on iterative modifications and reuse well-established designs. However, this reuse of prior designs also leads to similar vulnerabilities across multiple processors. As processors grow increasingly complex with iterative modifications, efficiently detecting vulnerabilities...

Denial Of Service (DoS)

org.keycloak, keycloak-quarkus-dist is vulnerable to a Denial of Service DoS. The vulnerability is due to the default JDK setting that permits client-initiated TLS 1.2 renegotiation, which allows an attacker to repeatedly trigger renegotiation requests to exhaust server CPU resources...

CVE-2025-20789

In GPU pdma, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS10117741; Issue ID: MSV-4538...

WordPress plugin Upload.am 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. An arbitrary option disclosure vulnerability exists in WordPress Upload.am, which stems from a lack of capability checking by the AJAX request processor, which can be...

DEBIAN-CVE-2025-49643

An authenticated Zabbix user including Guest is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service...

CVE-2025-8045 Mali GPU Kernel Driver allows improper GPU processing operations

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933.

Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.51.3-py3-none-any.whl which is vulnerable to CVE-2025-3933. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-3933 DESCRIPTION: A Regular Expression Deni...

OESA-2025-2765 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: A transient execution vulnerability in some AMD processors may allow an attacker to infer data in the L1D cache, potentially resulting in the leakage of sensitive information across privileged boundaries.CVE-2024-36357 In the Lin...

EUVD-2025-199836

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-66361

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

PT-2025-48285

An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load...

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

SUSE SLES12 Security Update : kernel (SUSE-SU-2025:4189-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4189-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-4460:...

CVE-2025-48507

The security state of the calling processor into Trusted Firmware TF-A is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC...

USN-7887-2: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

AMD CPU Entropy Mishandling Vulnerability

AMD CPUs are a family of CPUs from AMD. AMD CPUs suffer from an entropy mishandling vulnerability, no details of the vulnerability are provided at this time...

USN-7887-1: Linux kernel (Raspberry Pi Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2021-4460: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning bsc1250764. CVE-2022-48631: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 bsc1223475...

SUSE-SU-2025:4189-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2021-4460: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning bsc1250764. - CVE-2022-48631: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0...

SUSE-SU-2025:4188-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857. ...