Lucene search
K

1071 matches found

Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36498

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

5.9AI score0.00148EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/17 11:6 p.m.220 views

Exploit for CVE-2025-7771

🔓 ThrottleStop.sys Kernel Exploit — HVCI-Compatible Physical M...

8.7CVSS6.2AI score0.08963EPSS
Exploits8
OSV
OSV
added 2026/04/11 2:5 p.m.4 views

OESA-2026-1890 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml through 4.14.3, Bigarray.reshape allows an integer...

5.9CVSS5.9AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.5 views

PT-2026-31688

Name of the Vulnerable Software and Affected Versions Wasmtime versions 32.0.0 through 36.0.6, 42.0.2, and 43.0.1 Description Wasmtime's Cranelift compilation backend has a flaw on aarch64 architectures when handling specific heap access patterns. This can lead to incorrect address calculations,...

9CVSS5.9AI score0.00319EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/04/08 8:51 p.m.7 views

CVE-2026-31411

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM networking component. A local attacker, by acting as a malicious signaling daemon, could send a specially crafted message containing an unvalidated pointer. This unvalidated pointer would be directly used by the kernel, leading...

7.1CVSS6AI score0.00125EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/02 11:26 p.m.10 views

SUSE CVE-2026-34159

llama.cpp is an inference of several LLM models in C/C++. Prior to version b8492, the RPC backend's deserializetensor skips all bounds validation when a tensor's buffer field is 0. An unauthenticated attacker can read and write arbitrary process memory via crafted GRAPHCOMPUTE messages. Combined...

9.8CVSS6.4AI score0.01126EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:14 p.m.9 views

CVE-2026-22163

Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...

7.8CVSS6AI score0.00078EPSS
Exploits0References1
CVE
CVE
added 2026/03/20 10:52 p.m.13 views

CVE-2026-22163

The CVE-2026-22163 entry describes a local, high-severity GPU driver vulnerability in Imagination Graphics DDK where malware can misuse the DDK kernel module IOCTL interface to subvert the GPU and perform writes to arbitrary physical memory pages. The root cause is unsynchronized access to a shar...

7.8CVSS6AI score0.00078EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/20 10:52 p.m.27 views

CVE-2026-22163 GPU DDK - Unsafe writing of MMU PT entries on systems with 32-bit host CPU

Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...

0.00078EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26692

Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...

6AI score0.00078EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.9 views

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK, which stems from unsynchronized access to shared resources, potentially allowing the GPU to write to arbitrary physical memory pages...

7.8CVSS5.9AI score0.00078EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

bareiron 安全漏洞

Bareiron is a Minecraft game server developed by the P2R3 individual developer. Bareiron has a security vulnerability, which stems from the existence of arbitrary memory write conditions, potentially allowing unverified attackers to execute arbitrary code...

9.8CVSS6AI score0.00525EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/04 7:44 p.m.6 views

CVE-2026-3437

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS6AI score0.00159EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/03 5:44 p.m.33 views

CVE-2026-3437 Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering Toolkits

An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS0.00159EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/03 5:44 p.m.7 views

CVE-2026-3437

An improper restriction of operations within the bounds of a memory buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

9.3CVSS6.2AI score0.00159EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/16 1:25 p.m.6 views

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

8.7CVSS6.1AI score0.0014EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/12 1:57 p.m.3 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the pgtrgm due to lower-casing. An attacker can write arbitrary byte patterns onto server memory by submitting a specially crafted input string. This may potentially lead to privilege escalation or other...

8.8CVSS5.8AI score0.00481EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/11 2:33 p.m.4 views

CVE-2023-20514

Improper handling of parameters in the AMD Secure Processor ASP could allow a privileged attacker to pass an arbitrary memory value to functions in the trusted execution environment resulting in arbitrary code execution...

8.7CVSS6.3AI score0.0014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 7 : nss-3.79.0-5.el7 (AXSA:2023-5233:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5233:03 advisory. nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

8.8CVSS8.3AI score0.00817EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : nss-3.79.0-11.el8 (AXSA:2023-5224:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5224:01 advisory. nss: Arbitrary memory write via PKCS 12 CVE-2023-0767 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

8.8CVSS8.2AI score0.00817EPSS
Exploits0References2
Rows per page
Query Builder