Lucene search
+L

57 matches found

nvd
nvd
added 2026/06/26 8:17 p.m.10 views

CVE-2026-53313

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

5.5CVSS0.001EPSS
Exploits0References2
cve
cve
added 2026/06/26 7:41 p.m.13 views

CVE-2026-53313

CVE-2026-53313 is a Linux kernel vulnerability in the drm/amd/display path where NULL pointer dereference can occur in logging paths. Specifically, in dc_dmub_srv_log_diagnostic_data() and dc_dmub_srv_enable_dpia_trace(), code checked if (!dc_dmub_srv || !dc_dmub_srv->dmub) and then invoked DC...

5.5CVSS5.8AI score0.001EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/06/26 7:41 p.m.8 views

EUVD-2026-39848

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

5.8AI score0.001EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/16 7:57 a.m.11 views

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
euvd
euvd
added 2026/05/15 2:44 a.m.17 views

EUVD-2025-209879

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/15 2:44 a.m.7 views

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
cve
cve
added 2026/05/15 2:44 a.m.22 views

CVE-2025-54517

CVE-2025-54517: Out of bounds write in the AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution. Affected component: AMD graphics driver/kernel ioctl path (AMDGV_CMD_GET_DIAG_DATA). Root cause: out-of-bounds write in the ioctl handler...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/15 2:44 a.m.53 views

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

8.5CVSS0.00146EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/15 12:0 a.m.13 views

PT-2026-41255

Name of the Vulnerable Software and Affected Versions AMD affected versions not specified Description An out-of-bounds write exists in the AMDGV CMD GET DIAG DATA ioctl handler. This issue could allow a local user to escalate privileges through remote code execution. Recommendations At the moment...

8.5CVSS6.1AI score0.00146EPSS
Exploits0References5
mscve
mscve
added 2026/04/26 8:9 a.m.8 views

af_unix: read UNIX_DIAG_VFS data under unix_state_lock

...

7.8CVSS5.8AI score0.00121EPSS
Exploits0
attackerkb
attackerkb
added 2026/04/21 3:1 p.m.4 views

CVE-2026-40498

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.3CVSS5.8AI score0.00571EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2026/04/21 3:1 p.m.33 views

CVE-2026-40498 FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

9.3CVSS0.00571EPSS
Exploits1References3
nessus
nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003359 advisory. A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1...

7.5CVSS6.6AI score0.03763EPSS
Exploits4References12
redhatcve
redhatcve
added 2026/01/09 9:5 a.m.8 views

CVE-2024-41970

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources...

5.7CVSS7.1AI score0.00339EPSS
Exploits0References1
malwarebytes
malwarebytes
added 2025/11/06 4:40 p.m.6 views

Take control of your privacy with updates on Malwarebytes for Windows

It’s getting harder to keep your Windows space truly yours, as Microsoft increasingly serves annoying ads and tracks your data across third-party apps. Pushing back against your eroding privacy has been a scattered and sometimes complicated process… but we're making it easier for you. With the...

6.9AI score
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-39300

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00339EPSS
Exploits0References1
cvelist
cvelist
added 2025/08/11 1:3 p.m.14 views

CVE-2025-8863

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...

7CVSS0.00235EPSS
Exploits0References1
cve
cve
added 2025/08/11 1:3 p.m.25 views

CVE-2025-8863

CVE-2025-8863 affects YugabyteDB: diagnostic information transmitted over HTTP can expose sensitive data during transmission. The CVSS 4.0 vector yields a HIGH base score (7.0) with network attack vector, high attack complexity, and impact mainly on confidentiality. No explicit fix version is pro...

7CVSS6.8AI score0.00235EPSS
Exploits0References1
osv
osv
added 2025/08/11 1:3 p.m.3 views

CVE-2025-8863

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...

7CVSS5.9AI score0.00235EPSS
Exploits0References4
redos
redos
added 2025/02/13 12:0 a.m.10 views

ROS-20250212-15

A vulnerability in the diagnosticschannel utility of the Node.js software platform is related to incorrectly set security restrictions on diagnostic data processing. incorrectly set security restrictions when processing diagnostic data. Exploitation of the vulnerability could allow an attacker to...

7.7CVSS6AI score0.01327EPSS
Exploits0
Rows per page
Query Builder