Lucene search
K

56 matches found

NVD
NVD
added last week7 views

CVE-2026-53313

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

0.00145EPSS
Exploits0References2
EUVD
EUVD
added last week7 views

EUVD-2026-39848

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

5.8AI score0.00145EPSS
Exploits0References2
CVE
CVE
added last week7 views

CVE-2026-53313

The CVE relates to the Linux kernel DRM/AMD display path. In dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace(), code path checks meant to guard against null dc_dmub_srv or dc_dmub_srv->dmub incorrectly call DC_LOG_ERROR(), which uses dc_dmub_srv->ctx. If dc_dmub_srv is N...

5.8AI score0.00145EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/16 7:57 a.m.11 views

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/15 2:44 a.m.6 views

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:44 a.m.48 views

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS0.00146EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 2:44 a.m.17 views

EUVD-2025-209879

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 2:44 a.m.21 views

CVE-2025-54517

CVE-2025-54517: Out of bounds write in the AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution. Affected component: AMD graphics driver/kernel ioctl path (AMDGV_CMD_GET_DIAG_DATA). Root cause: out-of-bounds write in the ioctl handler...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/15 12:0 a.m.13 views

PT-2026-41255

Name of the Vulnerable Software and Affected Versions AMD affected versions not specified Description An out-of-bounds write exists in the AMDGV CMD GET DIAG DATA ioctl handler. This issue could allow a local user to escalate privileges through remote code execution. Recommendations At the moment...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:9 a.m.8 views

af_unix: read UNIX_DIAG_VFS data under unix_state_lock

...

7.8CVSS5.8AI score0.00121EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/21 3:1 p.m.3 views

CVE-2026-40498

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.3CVSS5.8AI score0.00571EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/04/21 3:1 p.m.27 views

CVE-2026-40498 FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.3CVSS0.00571EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003359 advisory. A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1...

7.5CVSS6.6AI score0.03763EPSS
Exploits4References12
RedhatCVE
RedhatCVE
added 2026/01/09 9:5 a.m.6 views

CVE-2024-41970

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources...

5.7CVSS7.1AI score0.00339EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2025/11/06 4:40 p.m.4 views

Take control of your privacy with updates on Malwarebytes for Windows

It’s getting harder to keep your Windows space truly yours, as Microsoft increasingly serves annoying ads and tracks your data across third-party apps. Pushing back against your eroding privacy has been a scattered and sometimes complicated process… but we're making it easier for you. With the...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-39300

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00339EPSS
Exploits0References1
CVE
CVE
added 2025/08/11 1:3 p.m.20 views

CVE-2025-8863

CVE-2025-8863 affects YugabyteDB: diagnostic information transmitted over HTTP can expose sensitive data during transmission. The CVSS 4.0 vector yields a HIGH base score (7.0) with network attack vector, high attack complexity, and impact mainly on confidentiality. No explicit fix version is pro...

7CVSS6.8AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/11 1:3 p.m.13 views

CVE-2025-8863

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...

7CVSS0.00219EPSS
Exploits0References1
Redos
Redos
added 2025/02/13 12:0 a.m.9 views

ROS-20250212-15

A vulnerability in the diagnosticschannel utility of the Node.js software platform is related to incorrectly set security restrictions on diagnostic data processing. incorrectly set security restrictions when processing diagnostic data. Exploitation of the vulnerability could allow an attacker to...

7.7CVSS6AI score0.01282EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/12/04 12:0 a.m.5 views

PT-2024-10669 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible stack buffer overflow in the MTK FLP MSG HAL DIAG REPORT DATA NTF handler of flp2hal interface.c due to a missing...

7.8CVSS6.9AI score0.00085EPSS
Exploits0References4
Rows per page
Query Builder