Lucene search
+L

220 matches found

EUVD
EUVD
added 2 days ago7 views

EUVD-2026-45026

An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable...

6.9CVSS6.1AI score0.00106EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-45025

An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability...

7.3CVSS6.1AI score0.00107EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/07/03 2:0 a.m.6 views

CVE-2022-4990

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks via crafted IOCTL requests, leading to privilege escalation. Refer to the 'End-of-Life Notice and Driver...

7.3CVSS6.1AI score0.00096EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: The payload size has been sanitized to prevent member overflow. In functions qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by the firmware is used to calculate the copy length for the...

5.8AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/17 9:5 p.m.23 views

CVE-2026-8050 CVE-2026-8050

In SignalRGB versions prior to 1.3.7.0, seven of the thirteen IOCTL handlers dereference the SystemBuffer pointer without first verifying that it is non-NULL. Sending an IOCTL with an empty input buffer causes a NULL pointer dereference, resulting in a kernel crash...

0.00278EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.20 views

PT-2026-49556

Name of the Vulnerable Software and Affected Versions @babel/core versions prior to 7.29.6 @babel/core versions prior to 8.0.0-rc.6 Description Compiling maliciously crafted code using @babel/core can allow an attacker to read any source map from the system. This occurs when the attacker controls...

3.6CVSS5.9AI score0.00116EPSS
Exploits0References8
OSV
OSV
added 2026/06/08 5:16 p.m.7 views

UBUNTU-CVE-2026-46298

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

4.7CVSS5.3AI score0.00074EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/01 10:5 p.m.10 views

CVE-2026-25258 Out-of-bounds Read in DSP Service

Memory corruption while processing IOCTL calls for escape operations...

7.8CVSS5.8AI score0.0007EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/12 3:1 p.m.16 views

protobuf.js: Prototype injection in generated message constructors

Summary protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the proto key. If an application constructed a message from an attacker-controlled plain object, an own enumerable proto property could alter the prototype of that...

5.3CVSS5.9AI score0.00264EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.13 views

CVE-2026-43398

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpuuserqwaitioctl can lead to a OOM and could be exploited. So check these input value against AMDGPUUSERQMAXHANDLES which is big enough value...

5.5CVSS5.7AI score0.00126EPSS
Exploits0
OSV
OSV
added 2026/05/05 10:17 p.m.7 views

GHSA-84HM-WFH8-C5PG sse-channel: SSE Injection via unsanitized event fields

Impact Implementations that allows user-provided values to be passed to event, retry or id fields would be susceptible to event spoofing, where an attacker could inject arbitrary messages into the stream. - Event Spoofing: Attacker can inject arbitrary SSE events into the stream - Client-side...

8.7CVSS5.9AI score0.00478EPSS
Exploits0References4
CVE
CVE
added 2026/05/05 6:57 p.m.16 views

CVE-2026-32603

Sandboxie CVE-2026-32603 affects Windows Sandboxie kernel driver (versions ≤ 1.17.2) where an unprivileged process in a Standard Sandbox can send a malformed IOCTL to the \Device\SandboxieDriverApi driver, causing an immediate kernel crash (BSOD). Impact is local, affecting availability with Sta...

8.2CVSS5.7AI score0.00152EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/05/05 6:57 p.m.4 views

CVE-2026-32603 Sandboxie kernel driver denial of service via malformed IOCTL from sandboxed process

Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the...

8.2CVSS5.9AI score0.00152EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.9 views

PT-2026-30643

Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...

7.8CVSS6AI score0.00077EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/23 4:6 p.m.9 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7AI score0.0036EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/03/23 2:53 a.m.15 views

cpython: IMAP command injection in user-controlled commands

A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...

5.9CVSS7.2AI score0.0036EPSS
Exploits0References7
NVD
NVD
added 2026/03/02 5:16 p.m.6 views

CVE-2025-47375

Memory corruption while handling different IOCTL calls from the user-space simultaneously...

7.8CVSS0.00071EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/11 9:25 p.m.5 views

CVE-2026-26029 sf-mcp-server has a Command Injection in query_records tool due to unsafe use of child_process.exec

sf-mcp-server is an implementation of Salesforce MCP server for Claude for Desktop. A command injection vulnerability exists in sf-mcp-server due to unsafe use of childprocess.exec when constructing Salesforce CLI commands with user-controlled input. Successful exploitation allows attackers to...

7.5CVSS6AI score0.00911EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/02 3:20 p.m.34 views

CVE-2025-47399 Buffer Copy Without Checking Size of Input in Camera

Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters...

7.8CVSS0.00092EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/28 3:15 p.m.5 views

CVE-2026-1536

A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...

5.8CVSS5.8AI score0.00298EPSS
Exploits1
Rows per page
Query Builder