101 matches found
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8 , that achieves arbitrary code execution inside the SecureROM of Apple's A12 and A13 chips. That code is burned into the silicon at manufacture. No software update can reach it. Affected devices will carry...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013270)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013270 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 tcp/udp: Fix memleaks of sk and zerocopy skb...
SUSE CVE-2026-23132
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dwdpbind Fix several issues in dwdpbind error handling: 1. Missing return after drmbridgeattach failure - the function continued execution instead of returning an error. 2. Resource...
CVE-2026-23132
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dwdpbind Fix several issues in dwdpbind error handling: 1. Missing return after drmbridgeattach failure - the function continued execution instead of returning an error. 2. Resource...
CVE-2026-23132
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dwdpbind Fix several issues in dwdpbind error handling: 1. Missing return after drmbridgeattach failure - the function continued execution instead of returning an error. 2. Resource...
CVE-2026-23132
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dwdpbind Fix several issues in dwdpbind error handling: 1. Missing return after drmbridgeattach failure - the function continued execution instead of returning an error. 2. Resource...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990312)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990312 advisory. In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventms...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989375)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989375 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the...
CVE-2023-53716 net: fix skb leak in __skb_tstamp_tx()
In the Linux kernel, the following vulnerability has been resolved: net: fix skb leak in skbtstamptx Commit 50749f2dd685 "tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp." added a call to skborphanfragsrx to fix leaks with zerocopy skbs. But it ended up adding a leak of its own...
EUVD-2020-0052
Malware in sbrugna...
EUVD-2023-0768
Malicious code in bioql PyPI...
EUVD-2024-16025
Malicious code in bioql PyPI...
EUVD-2023-0688
Malicious code in bioql PyPI...
CVE-2023-23850
A missing permission check in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2023-23847
A cross-site request forgery CSRF vulnerability in Synopsys Jenkins Coverity Plugin 3.0.2 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...
CVE-2020-27589
Synopsys hub-rest-api-python aka blackduck on PyPI version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases...
Linux Distros Unpatched Vulnerability : CVE-2022-49642
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with...
DEBIAN-CVE-2022-49642
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed 0. The problem occurs when the split header...
CVE-2022-49642
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwc-qos: Disable split header for Tegra194 There is a long-standing issue with the Synopsys DWC Ethernet driver for Tegra194 where random system crashes have been observed 0. The problem occurs when the split header...
AZL-48635 CVE-2024-44931 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...