CVE-2025-10451 H19Int15CallbackSmm: SMM memory corruption vulnerability in combined DXE/SMM (SMRAM write)

Unchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM memory corruption...

EUVD-2025-12899

Malicious code in bioql PyPI...

CVE-2022-49883 KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format On 64 bit host, if the guest doesn't have X86FEATURELM, KVM will access 16 gprs to 32-bit smram image, causing out-ouf-bound ram access. On 32 bit host,...

PT-2025-18600 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the KVM Kernel-based Virtual Machine on x86 systems, specifically with the SMRAM System Management RAM image. On a 64-bit host, if the guest does not have the X...

CVE-2024-30212 Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command

If a SCSI READ10 command is initiated via USB using the largest LBA 0xFFFFFFFF with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works to wri...

CVE-2024-30212 Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command

If a SCSI READ10 command is initiated via USB using the largest LBA 0xFFFFFFFF with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works to wri...

Default credentials

Due to usernames/passwords being stored in plaintext in Random Access Memory RAM, a local, authenticated attacker could gain access to certain credentials, including Windows Logon credentials...

Qemu: exec: oob access during dma operation

Quick Emulator QEMU, compiled with qemumapramptr to access guests' RAM block area, is vulnerable to an OOB r/w access issue. The crash can occur if a privileged user inside a guest conducts certain DMA operations, resulting in a DoS...

server: patch operation should use patched object to check admission control

An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to gain additional access to resources such as RAM and disk space...

[Pac4Mac] Forensics Framework for Mac OS X

Pac4Mac Plug And Check for Mac OS X is a portable Forensics framework to launch from USB storage allowing extraction and analysis session informations in highlighting the real risks in term of information leak history, passwords, technical secrets, business secrets, .... Pac4Mac can be used to...

CentOS 4 : kernel (CESA-2009:0014)

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...