CVE-2023-34397

Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed...

CVE-2023-34398

Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Some values of this table are serialized archive according boost library. The boost library contains a vulnerability/null pointer dereference...

CVE-2023-34397

Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB. During parsing you can trigger that the service will be crashed...

CVE-2023-34400

Summary (CVE-2023-34400): Mercedes-Benz head-unit NTG6 has a vulnerability in its USB-based import/export of profile settings. The parser may attempt to convert a header inside the imported file to a null-terminated string, and if a required character is missing, a null pointer is returned, poten...

CVE-2023-34404

CVE-2023-34404 affects the Mercedes‑Benz head‑unit NTG6. Public analyses describe an attack surface exposed by internal network access (Ethernet test pins on the Base Board) enabling a crafted port call to registered services in the router, which can lead to command injection via the GCF/MoCCA/Ne...

PT-2025-6486 · Mercedes Benz · Mercedes-Benz Head-Unit Ntg6

Name of the Vulnerable Software and Affected Versions: Mercedes-Benz head-unit NTG6 affected versions not specified Description: The issue concerns the Mercedes-Benz head-unit NTG6, which has functions to import or export profile settings over USB. When parsing a file, the service attempts to...

A Hacker Group Within Russia’s Notorious Sandworm Unit Is Breaching Western Networks

A team Microsoft calls BadPilot is acting as Sandworm's “initial access operation,” the company says. And over the last year it's trained its sights on the US, the UK, Canada, and Australia...

AMD Server Processor 安全漏洞

AMD Server Processor is a processor product for the server market from UltraMicro Semiconductor AMD that is primarily used in data centers, cloud computing, and high performance computing. A security vulnerability exists in AMD Server Processor that stems from incorrect access control in the IOMM...

PT-2025-6394 · Iommu · Iommu

Name of the Vulnerable Software and Affected Versions: IOMMU affected versions not specified Description: The issue is related to improper access control in the IOMMU, which may allow a privileged attacker to bypass RMP checks. This could potentially lead to a loss of guest memory integrity...

NVIDIA GPU Display Driver - January 2025 - Lenovo Support US

No description provided...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel that stems from not properly synchronizing the release of resources during CPU hotplugging...

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU...

SUSE CVE-2024-56161

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP...

CVE-2024-28115

FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affe...

CVE-2025-0015

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48...

Security update for qemu

This update for qemu fixes the following issues: Update to version 8.2.5: target/loongarch: fix a wrong print in cpu dump ui/sdl2: Allow host to power down screen target/i386: fix SSE and SSE2 feature check target/i386: fix xsave.flat from kvm-unit-tests disas/riscv: Decode all of the pmpcfg and...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets that stems from a memory corruption when processing IOCTL from user space to handle GPU AHB bus errors...

PT-2025-2779 · Imagination Technologies · Graphics Ddk

Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue allows software installed and run as a non-privileged user to conduct improper GPU system calls, triggering use-after-free kernel exceptions. Recommendations: At the moment, ther...

Cianet ONU GW24AC 代码注入漏洞

The Cianet ONU GW24AC is a network device from Cianet. A code injection vulnerability exists in the Cianet ONU GW24AC version 20250127 and prior versions, which stems from the fact that incorrect operation of the parameter browserLang can lead to cross-site scripting attacks...

mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device

...