CVE-2011-10025

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

CVE-2011-10025 Subtitle Processor 7.7.1 .m3u SEH Unicode Buffer Overflow

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structur...

SourceForge Subtitle Processor 安全漏洞

SourceForge Subtitle Processor is an open source movie subtitle processing software from SourceForge. A security vulnerability exists in SourceForge Subtitle Processor version 7.7.1, which originates from a buffer overflow when parsing .m3u files and could lead to the execution of arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2017-6272

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where a value passed from a user to the driver is not correctly validated an...

openSUSE Security Advisory (SUSE-SU-2025:02915-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Intel Xeon Processors Denial of Service Vulnerability

Intel Xeon Processors is a family of processors launched by Intel for the enterprise-class server, workstation, and high-performance computing HPC markets, mainly serving data centers, cloud computing, artificial intelligence, and other areas. A denial of service vulnerability exists in Intel Xeo...

Linux Distros Unpatched Vulnerability : CVE-2025-38297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in emcomputecosts When the device is of a non-C...

SUSE CVE-2025-38560

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Evict cache lines during SNP memory validation An SNP cache coherency vulnerability requires a cache line eviction mitigation when validating memory after a page state change to private. The specific mitigation is to tou...

CVE-2025-38610

In the Linux kernel, the following vulnerability has been resolved: powercap: dtpmcpu: Fix NULL pointer dereference in getpdpoweruw The getpdpoweruw function can crash with a NULL pointer dereference when emcpuget returns NULL. This occurs when a CPU becomes impossible during runtime, causing...

CVE-2025-38597

CVE-2025-38597 (Linux kernel, drm/rockchip): A vulnerability in vop2 binding for video-ports could dereference a null primary plane. The code binding a vop2 to a window searches for a primary-plane usable by the target port, but no check ensured a primary-plane was found before calling drm_crtc_i...

CVE-2025-38581

CVE-2025-38581 affects the Linux kernel crypto CCP driver. When CONFIG_CRYPTO_DEV_CCP_DEBUGFS is enabled, rebinding the CCP device could crash the kernel due to a NULL-dereference in debugfs setup. The connected Unity Linux/UTSA advisory notes a patch that fixes this by setting ccp_debugfs_dir to...

CVE-2025-38581 crypto: ccp - Fix crash when rebind ccp device for ccp.ko

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix crash when rebind ccp device for ccp.ko When CONFIGCRYPTODEVCCPDEBUGFS is enabled, rebinding the ccp device causes the following crash: $ echo '0000:0a:00.2' /sys/bus/pci/drivers/ccp/unbind $ echo '0000:0a:00.2'...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

CVE-2025-50897

A vulnerability exists in riscv-boom SonicBOOM 1.2 BOOMv1.2 processor implementation, where valid virtual-to-physical address translations configured with write permissions PTEW in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions sd. This occurs despite the...

CVE-2025-50897

The CVE-2025-50897 entry concerns riscv-boom SonicBOOM 1.2 (BOOMv1.2). It describes a flaw in the MMU/PMP/memory enforcement where valid virtual-to-physical translations with write permissions in SV39 can trigger a Store/AMO access fault during sd store operations, despite valid PTEs. The fault o...

SUSE SLES15 Security Update : kernel (SUSE-SU-2025:02853-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02853-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

SUSE-SU-2025:02853-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-36028: mm/hugetlb: fix DEBUGLOCKSWARNON1 when dissolvefreehugetlbfolio bsc1225707. - CVE-2024-36348, CVE-2024-36349, CVE-2024-36350, CVE-2024-36357:...

CVE-2025-38518

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Disable INVLPGB on Zen2 AMD Cyan Skillfish Family 17h, Model 47h, Stepping 0h has an issue that causes system oopses and panics when performing TLB flush using INVLPGB. However, the problem is that that machine has...

Linux Distros Unpatched Vulnerability : CVE-2023-46673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate...