UBUNTU-CVE-2024-36347

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged...

CVE-2025-46707

Software installed and running inside a Guest VM may override Firmware's state and gain access to the GPU...

CVE-2024-11584

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands...

AZL-64371 CVE-2024-11584 affecting package cloud-init for versions less than 23.3-7

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands...

CVE-2024-11584

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands...

Allure Report 代码问题漏洞

Allure Report is a flexible, lightweight, multi-language test reporting tool from the Allure Framework open source. A code issue vulnerability exists in Allure Report 2 versions prior to 2.34.1, which stems from xunit-xml-plugin not securely configuring the XML parser, which could lead to XXE...

Vulnerability of the arm_smmu_iova_to_phys_hard() function in the driver/iommu/arm-smmu.c file – This is a Linux kernel IOMMU support driver that allows attackers to compromise the confidentiality and accessibility of protected information.

Vulnerability of the armsmmuiovatophyshard function in the driver/iommu/arm-smmu.c file – The Linux kernel’s IOMMU support driver is vulnerable to security-related errors. Exploiting this vulnerability could allow attackers to compromise the confidentiality and accessibility of protected...

SecONNds: Secure Outsourced Neural Network Inference on ImageNet

The widespread adoption of outsourced neural network inference presents significant privacy challenges, as sensitive user data is processed on untrusted remote servers. Secure inference offers a privacy-preserving solution, but existing frameworks suffer from high computational overhead and...

Leveraging GPT-4 for Vulnerability-Witnessing Unit Test Generation

In the life-cycle of software development, testing plays a crucial role in quality assurance. Proper testing not only increases code coverage and prevents regressions but it can also ensure that any potential vulnerabilities in the software are identified and effectively fixed. However, creating...

PT-2025-33563

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s drm/amdkfd subsystem where calling mmput from an MMU notifier callback can lead to a deadlock if the process is exiting. This deadlock can cause a...

AZL-72754 CVE-2025-38062 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: genirq/msi: Store the IOMMU IOVA directly in msidesc instead of iommucookie The IOMMU translation for MSI message addresses has been a 2-step process, separated in time: 1 iommudmapreparemsi: A cookie pointer containing the IOVA...

DEBIAN-CVE-2025-38041

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supports dynamic frequency configuration, so we must take extra care when changing the frequency. Currently any...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a genirq/msi lifecycle issue during the IOMMU conversion process...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not freeing gpumetricstable memory, which could lead to a memory leak...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the clk driver not properly re-parenting the H616 GPU clock frequency when it changes...

GHSA-WGC6-9F6W-H8HX Withdrawn Advisory: microlight allows a denial of service

Withdrawn Advisory This advisory has been withdrawn because the proof of concept does not demonstrate a practical security impact. This link is maintained to preserve external references. Original Description A denial of service DoS vulnerability has been identified in the JavaScript library...

Qualys TRU Uncovers Chained LPE: SUSE 15 PAM to Full Root via libblockdev/udisks

The Qualys Threat Research Unit TRU has discovered two linked local privilege escalation LPE flaws. The first CVE-2025-6018 resides in the PAM configuration of openSUSE Leap 15 and SUSE Linux Enterprise 15. Using this vulnerability, an unprivileged local attacker—for example, via SSH—can elevate ...

CVE-2025-44043

Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery SSRF in /KeyotiSearchEngineWebCommon/SearchService.svc/GetResults and /KeyotiSearchEngineWebCommon/SearchService.svc/GetLocationAndContentCategories. An attacker can specify their own SMB server as the indexDirectory...

Exploiting Inaccurate Branch History in Side-Channel Attacks

Modern out-of-order CPUs heavily rely on speculative execution for performance optimization, with branch prediction serving as a cornerstone to minimize stalls and maximize efficiency. Whenever shared branch prediction resources lack proper isolation and sanitization methods, they may originate...

SCGAgent: Recreating the Benefits of Reasoning Models for Secure Code Generation with Agentic Workflows

Large language models LLMs have seen widespread success in code generation tasks for different scenarios, both everyday and professional. However current LLMs, despite producing functional code, do not prioritize security and may generate code with exploitable vulnerabilities. In this work, we...