56 matches found
CVE-2026-53313
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
EUVD-2026-39848
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...
CVE-2026-53313
The CVE relates to the Linux kernel DRM/AMD display path. In dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace(), code path checks meant to guard against null dc_dmub_srv or dc_dmub_srv->dmub incorrectly call DC_LOG_ERROR(), which uses dc_dmub_srv->ctx. If dc_dmub_srv is N...
CVE-2025-54517
Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...
CVE-2025-54517
Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...
CVE-2025-54517
Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...
EUVD-2025-209879
Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...
CVE-2025-54517
CVE-2025-54517: Out of bounds write in the AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution. Affected component: AMD graphics driver/kernel ioctl path (AMDGV_CMD_GET_DIAG_DATA). Root cause: out-of-bounds write in the ioctl handler...
PT-2026-41255
Name of the Vulnerable Software and Affected Versions AMD affected versions not specified Description An out-of-bounds write exists in the AMDGV CMD GET DIAG DATA ioctl handler. This issue could allow a local user to escalate privileges through remote code execution. Recommendations At the moment...
af_unix: read UNIX_DIAG_VFS data under unix_state_lock
...
CVE-2026-40498
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...
CVE-2026-40498 FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron
FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003359)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003359 advisory. A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1...
CVE-2024-41970
A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources...
Take control of your privacy with updates on Malwarebytes for Windows
It’s getting harder to keep your Windows space truly yours, as Microsoft increasingly serves annoying ads and tracks your data across third-party apps. Pushing back against your eroding privacy has been a scattered and sometimes complicated process… but we're making it easier for you. With the...
EUVD-2024-39300
Malicious code in bioql PyPI...
CVE-2025-8863
CVE-2025-8863 affects YugabyteDB: diagnostic information transmitted over HTTP can expose sensitive data during transmission. The CVSS 4.0 vector yields a HIGH base score (7.0) with network attack vector, high attack complexity, and impact mainly on confidentiality. No explicit fix version is pro...
CVE-2025-8863
YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...
ROS-20250212-15
A vulnerability in the diagnosticschannel utility of the Node.js software platform is related to incorrectly set security restrictions on diagnostic data processing. incorrectly set security restrictions when processing diagnostic data. Exploitation of the vulnerability could allow an attacker to...
PT-2024-10669 · Google · Android +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible stack buffer overflow in the MTK FLP MSG HAL DIAG REPORT DATA NTF handler of flp2hal interface.c due to a missing...