Lucene search
+L

245 matches found

Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.5 views

PT-2025-37572

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the assignment logic of iocb within the f2fs filesystem. A commit introduced an iocb field in a trace event, attempting to assign a pointer...

6.1AI score0.00147EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.6 views

SpyShelter 安全漏洞

SpyShelter is a host intrusion prevention system software from the US-based SpyShelter team. A security vulnerability exists in SpyShelter 15.4.0.1015 and earlier versions, which stems from an unknown function issue in the library SpyShelter.sys in the component IOCTL Handler, which could lead to...

6.8CVSS5.3AI score0.00138EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2025/09/13 8:3 a.m.8 views

btrfs: qgroup: fix race between quota disable and quota rescan ioctl

...

7CVSS6.8AI score0.00108EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/09 12:0 a.m.23 views

CVE-2025-52915

K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...

0.00504EPSS
Exploits1References2
OSV
OSV
added 2025/09/05 5:20 p.m.6 views

CVE-2025-38731 drm/xe: Fix vm_bind_ioctl double free bug

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix vmbindioctl double free bug If the argument check during an array bind fails, the bindops are freed twice as seen below. Fix this by setting bindops to NULL after freeing...

7.8CVSS6.2AI score0.00143EPSS
Exploits0References5
OSV
OSV
added 2025/09/04 4:15 p.m.18 views

AZL-66794 CVE-2025-38685 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...

7.8CVSS5.8AI score0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-38459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: clip: Fix infinite recursive call of clippush. syzbot reported the splat below. 0 This happens if we call ioctlATMARPMKIP more than once. During the first...

7.8CVSS7.2AI score0.0017EPSS
Exploits0References3
OSV
OSV
added 2025/08/05 6:15 p.m.3 views

CVE-2025-51060

An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSRLSTAR and hook KiSystemCall64. Afterward,...

6.5CVSS5.8AI score0.00279EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2025/07/15 9:19 p.m.7 views

kernel: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds clause 45 read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via C45 clause 45 mdiobus, there is no verificati...

7.1CVSS6.8AI score0.00161EPSS
Exploits0References5
OSV
OSV
added 2025/07/03 9:15 a.m.8 views

AZL-64550 CVE-2025-38111 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential out-of-bounds read/write access When using publicly available tools like 'mdio-tools' to read/write data from/to network interface and its PHY via mdiobus, there is no verification of parameters passed ...

7.1CVSS6.8AI score0.00179EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/07/02 4:39 a.m.19 views

kernel: dm ioctl: prevent potential spectre v1 gadget

A vulnerability was found in the Linux kernel's dm-ioctl interface in the lookupioctl function, which accepts a user-provided cmd value that is used to index the ioctls array directly. This issue could lead to an out-of-bounds access if the CPU speculatively executes the array access before cmd i...

5.5CVSS7.2AI score0.00295EPSS
Exploits0References5
OSV
OSV
added 2025/06/18 11:15 a.m.2 views

DEBIAN-CVE-2022-50027

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE There is no corresponding free routine if lpfcsli4issuewqe fails to issue the CMF WQE in lpfcissuecmfsyncwqe. If retval is non-zero, then free the iocbq request...

5.5CVSS5.3AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:0 a.m.8 views

CVE-2023-1453

A vulnerability was found in Watchdog Anti-Virus 1.4.214.0. It has been rated as critical. Affected by this issue is the function 0x80002008 in the library wsdk-driver.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Attacking locally is a requiremen...

7.1CVSS6.9AI score0.00327EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:59 a.m.8 views

CVE-2023-1486

A vulnerability classified as problematic was found in Lespeed WiseCleaner Wise Force Deleter 1.5.3.54. This vulnerability affects the function 0x220004 in the library WiseUnlock64.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is...

7.1CVSS6.6AI score0.00511EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:57 a.m.7 views

CVE-2023-1007

A vulnerability was found in Twister Antivirus 8.17. It has been declared as critical. This vulnerability affects the function 0x801120E4 in the library filmfd.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. The attack needs to be approached locally...

7.8CVSS7AI score0.00505EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/09 11:14 a.m.22 views

CVE-2025-21447

Memory corruption may occur while processing device IO control call for session control...

7.8CVSS7.3AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2025/04/07 11:15 a.m.20 views

CVE-2025-21447

Memory corruption may occur while processing device IO control call for session control...

7.8CVSS0.001EPSS
Exploits0References1
CVE
CVE
added 2025/04/07 10:16 a.m.58 views

CVE-2025-21447

CVE-2025-21447 affects Qualcomm Snapdragon chipsets. The issue is memory corruption occurring when processing a device IOCTL call for session control, caused by an underlying vulnerability in the IOCTL handling path. The provided sources (NVD/Red Hat/CVE record and related feeds) confirm the memo...

7.8CVSS7.3AI score0.001EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/07 10:16 a.m.11 views

CVE-2025-21447 Improper Validation of Array Index in Computer Vision

Memory corruption may occur while processing device IO control call for session control...

7.8CVSS7.5AI score0.001EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.6 views

PT-2025-15217 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon and related products versions prior to the fixed version Description: Memory corruption may occur while processing device IO control call for session control. Recommendations: At the moment, there is no information about a...

7.8CVSS6.6AI score0.001EPSS
Exploits0References9
Rows per page
Query Builder