219811 matches found
CVE-2026-25266
CVE-2026-25266 describes memory corruption in the IOCTL handling path when the device is in power-save state. The entry notes a local issue with low attack complexity and low privileges required, no user interaction, and a high impact on confidentiality, integrity, and availability per CVSS 3.1 (...
CVE-2026-25266 Exposed dangerous function in windows host
Memory corruption while processing IOCTL command when device is in power-save state...
EUVD-2026-26989
Memory corruption while processing IOCTL command when device is in power-save state...
CVE-2026-25266 Exposed dangerous function in windows host
Memory corruption while processing IOCTL command when device is in power-save state...
CVE-2025-47408
CVE-2025-47408 involves memory corruption in Power Optimization Firmware triggered when a second driver issues an IOCTL with an invalid input/output buffer. The CVE is described as an Untrusted Pointer Dereference in firmware per CVE record, aligning with the NVD description of memory corruption ...
EUVD-2025-209631
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...
CVE-2025-47406
CVE-2025-47406 is a DSP Service buffer over-read vulnerability where information disclosure can occur during processing of IOCTL handler callbacks without verifying the input buffer size. The NVD entries describe the issue as Information Disclosure with a CVSSv3.1 base score of 6.1 (Medium), with...
CVE-2025-47406 Buffer Over-read in DSP Service
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...
CVE-2025-47406
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size...
CVE-2025-47405
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
EUVD-2025-209630
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405
CVE-2025-47405 describes memory corruption that occurs when processing camera sensor IO controls with invalid output buffers. The connected CVE records call it an untrusted pointer dereference in the camera path, linking root cause to dereferencing pointers derived from untrusted inputs during IO...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
CVE-2025-47405 Untrusted Pointer Dereference in Camera
Memory corruption when processing camera sensor input/output control codes with invalid output buffers...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-security-web (CVE-2026-22732)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-22732 reported for spring-security-web-6.4.12.jar. Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring Security, there is the...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jasperreports (CVE-2025-10492)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-10492 reported for jasperreports-7.0.2.jar. Vulnerability Details CVEID:CVE-2025-10492 DESCRIPTION: A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2025-66168)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2025-66168 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2025-66168 DESCRIPTION: WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-http (CVE-2026-2332)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-2332 reported for jetty-http-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-2332 DESCRIPTION: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "fun...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-server (CVE-2026-1605)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-1605 reported for jetty-server-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed...
Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-34197)
Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-34197 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-34197 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broke...