CVE-2018-20598

UCMS 1.4.7 has ?do=useraddpost CSRF...

AMD Radeon Graphics Kernel Driver Privilege Management Vulnerability - Lenovo Support US

No description provided...

Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

As many as 34 unique vulnerable Windows Driver Model WDM and Windows Driver Frameworks WDF drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attacker without privilege...

CVE-2023-20598

An improper privilege management flaw was found in the AMD RadeonTM Graphics driver. This issue may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses, resulting in potential arbitrary code execution...

CVE-2023-20598

creationtimestamp| type| source ---|---|--- 2023-10-17 18:33:10+00:00| seen| https://t.me/cibsecurity/72437 2025-08-04 15:16:55+00:00| published-proof-of-concept| https://t.me/ptescalator/438...

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution...

CVE-2023-20598

An improper privilege management in the AMD Radeon™ Graphics driver may allow an authenticated attacker to craft an IOCTL request to gain I/O control over arbitrary hardware ports or physical addresses resulting in a potential arbitrary code execution...

CVE-2023-20598

The CVE concerns the AMD Radeon graphics driver where improper privilege management (insufficient access control) in IOCTL handling could allow an authenticated attacker to craft IOCTLs to access arbitrary hardware ports or physical addresses, potentially enabling arbitrary code execution. The is...

AMD Radeon™ Graphics Kernel Driver Privilege Management Vulnerability

Bulletin ID: AMD-SB-6009 Potential Impact: Arbitrary code execution Severity: High Summary A potential vulnerability was reported in the AMD Radeon™ Software Adrenalin Edition and PRO Edition kernel pdfwkrnl.sys driver which may allow arbitrary code execution. Current AMD analysis shows the attac...

CVE-2022-20598

creationtimestamp| type| source ---|---|--- 2022-12-16 18:34:41+00:00| seen| https://t.me/cibsecurity/54725...

CVE-2022-20598

In secmediaprotect of media.c, there is a possible EoP due to an integer overflow. This could lead to local escalation of privilege of secure mode MFC Core with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

CVE-2022-20598

CVE-2022-20598 describes an integer overflow in the Android kernel’s sec_media_protect function (media.c). The issue can cause a local Elevation of Privilege in the secure mode MFC Core, with no additional privileges or user interaction required. The available documents specify the vulnerability ...

Mitsubishi Electric MELSEC iQ-R Series Overly Restrictive Account Lockout Mechanism (CVE-2021-20598)

Overly Restrictive Account Lockout Mechanism vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules R08/16/32/120SFCPU all versions, R08/16/32/120PSFCPU all versions allows a remote unauthenticated attacker to lockout a legitimate user by continuously trying login with incorrect...

CVE-2020-20598

creationtimestamp| type| source ---|---|--- 2021-12-23 02:18:35+00:00| seen| https://t.me/cibsecurity/34549...

CVE-2020-20598

The vulnerability is in Lemon OA v1.10.0, specifically in the Editing component, where a cross-site scripting (XSS) flaw enables attackers to execute arbitrary web scripts or HTML. Root cause is an XSS in the Editing module; context and exact vulnerable entry points are not detailed in the provid...

CVE-2021-20598

The CVE-2021-20598 issue affects Mitsubishi Electric MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU and related SIL2 Process CPU R08/16/32/120PSFCPU, where an anti-brute-force function incorrectly locks out all users after multiple failed logins, enabling a remote attacker to disrupt legitimate...

CVE-2021-20598

creationtimestamp| type| source ---|---|--- 2021-08-06 16:38:36+00:00| seen| https://t.me/truesecator/1979 2024-01-08 19:10:44+00:00| seen| https://t.me/arpsyndicate/2671...

CVE-2019-20598

The CVE-2019-20598 entry concerns Samsung mobile devices running O(8.x) software where Bixby can leak the keyboard’s learned words and clipboard contents through the lock screen. The vulnerability is documented with Samsung IDs SVE-2018-12896 and SVE-2018-12897. Connected records (e.g., Red Hat C...

CVE-2018-20598

UCMS 1.4.7 has ?do=useraddpost CSRF...

CVE-2018-20598

CVE-2018-20598 affects UCMS 1.4.7 and is described in connected records as a Cross-Site Request Forgery (CSRF) vulnerability triggered via the parameter ?do=user_addpost. The vulnerability allows an attacker to abuse CSRF to create an administrator account within UCMS. Root cause is CSRF in the u...