1672 matches found
CVE-2026-61389
Technical details about CVE-2026-61389 are not publicly provided in the supplied documents; no affected product versions, root cause, or remediation details are present beyond the basic description. Monitor for updates.
EUVD-2026-45024
An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability...
EUVD-2026-44587
Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...
CVE-2026-10577
The CVE-2026-10577 entry concerns the 1715-AENTR EtherNet/IP Adapter, where a network-accessible debug port does not enforce proper privilege controls. This allows unauthenticated remote access to destructive CLI commands, potentially enabling read/delete of files, stopping tasks, memory modifica...
PT-2026-58060
Name of the Vulnerable Software and Affected Versions Rockwell Automation FLEX 5000 adapters affected versions not specified Description A denial-of-service issue occurs due to improper handling of exceptional conditions when processing crafted CIP Common Industrial Protocol packets sent to the...
EUVD-2026-43297
Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the initial startup sequence. This functionality is not formally documented and becomes accessible without authentication for a brief period in the early boot phase. During this window, an...
CVE-2026-9492 GIGABYTE|Gigabyte Control Center - Improper Access Control
The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...
[SECURITY] Fedora 44 Update: OpenImageIO-3.1.15.0-1.fc44
OpenImageIO is a library for reading and writing images, and a bunch of relat ed classes, utilities, and applications. Main features include: - Extremely simple but powerful ImageInput and ImageOutput APIs for reading a nd writing 2D images that is format agnostic. - Format plugins for TIFF,...
CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
CVE-2026-57851
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
CVE-2026-57851
MSI Feature Manager contains a local privilege escalation via the KernCoreLib64.sys kernel driver. An attacker with local access can use exposed IOCTL handlers to perform arbitrary physical memory read/write and unrestricted I/O port operations without administrator privileges. This can enable ma...
CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers
MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...
389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...
389-ds-base: 389-ds-base: integer overflow in SASL packet length bypasses size limit leading to heap buffer overflow
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: clear page-private in freepagesprepare CVE-2026-43303 In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl CVE-2026-43492 In...
CVE-2025-59615
Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization...
CVE-2025-59617
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...
CVE-2025-59616
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...
CVE-2025-59616
CVE-2025-59616 is a memory corruption (use-after-free) flaw triggered when processing multiple IOCTL calls using the same buffer file descriptor input, due to accessing already freed memory. According to NVD, the CVSSv3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 7.8 (HIG...
CVE-2025-59616 Use After Free in Computer Vision
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...