Lucene search
K

219811 matches found

CVE
CVE
added 2026/05/04 4:43 p.m.16 views

CVE-2026-25266

CVE-2026-25266 describes memory corruption in the IOCTL handling path when the device is in power-save state. The entry notes a local issue with low attack complexity and low privileges required, no user interaction, and a high impact on confidentiality, integrity, and availability per CVSS 3.1 (...

7.8CVSS5.8AI score0.00071EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.30 views

CVE-2026-25266 Exposed dangerous function in windows host

Memory corruption while processing IOCTL command when device is in power-save state...

5.5CVSS0.00071EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 4:43 p.m.6 views

EUVD-2026-26989

Memory corruption while processing IOCTL command when device is in power-save state...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/04 4:43 p.m.8 views

CVE-2026-25266 Exposed dangerous function in windows host

Memory corruption while processing IOCTL command when device is in power-save state...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 4:43 p.m.9 views

CVE-2025-47408

CVE-2025-47408 involves memory corruption in Power Optimization Firmware triggered when a second driver issues an IOCTL with an invalid input/output buffer. The CVE is described as an Untrusted Pointer Dereference in firmware per CVE record, aligning with the NVD description of memory corruption ...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/05/04 4:43 p.m.6 views

EUVD-2025-209631

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 4:43 p.m.11 views

CVE-2025-47406

CVE-2025-47406 is a DSP Service buffer over-read vulnerability where information disclosure can occur during processing of IOCTL handler callbacks without verifying the input buffer size. The NVD entries describe the issue as Information Disclosure with a CVSSv3.1 base score of 6.1 (Medium), with...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.30 views

CVE-2025-47406 Buffer Over-read in DSP Service

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS0.00074EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:43 p.m.5 views

CVE-2025-47406

Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 4:43 p.m.6 views

CVE-2025-47405

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 4:43 p.m.10 views

EUVD-2025-209630

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 4:43 p.m.9 views

CVE-2025-47405

CVE-2025-47405 describes memory corruption that occurs when processing camera sensor IO controls with invalid output buffers. The connected CVE records call it an untrusted pointer dereference in the camera path, linking root cause to dereferencing pointers derived from untrusted inputs during IO...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/04 4:43 p.m.6 views

CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 4:43 p.m.29 views

CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

7.8CVSS0.00075EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:9 p.m.10 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-security-web (CVE-2026-22732)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-22732 reported for spring-security-web-6.4.12.jar. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the...

9.1CVSS7.3AI score0.0048EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:8 p.m.7 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jasperreports (CVE-2025-10492)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-10492 reported for jasperreports-7.0.2.jar. Vulnerability Details CVEID:CVE-2025-10492 DESCRIPTION: A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied...

9.8CVSS7.3AI score0.00876EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:7 p.m.6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2025-66168)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-66168 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2025-66168 DESCRIPTION: WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following...

8.8CVSS6.1AI score0.0078EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:7 p.m.11 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2026-2332)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-2332 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "fun...

9.1CVSS5.8AI score0.01127EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:6 p.m.11 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-server (CVE-2026-1605)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-1605 reported for jetty-server-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed...

7.5CVSS5.8AI score0.00625EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/04 4:6 p.m.6 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-34197)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-34197 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-34197 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broke...

8.8CVSS7.9AI score0.9619EPSS
Exploits12Affected Software1
Rows per page
Query Builder