CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

CVE-2025-54517

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

CVE-2025-54517

CVE-2025-54517: Out of bounds write in the AMD AMDGV_CMD_GET_DIAG_DATA ioctl handler could allow a local user to escalate privileges via remote code execution. Affected component: AMD graphics driver/kernel ioctl path (AMDGV_CMD_GET_DIAG_DATA). Root cause: out-of-bounds write in the ioctl handler...

EUVD-2025-209879

Out of bounds write in AMD AMDGVCMDGETDIAGDATA ioctl handler could allow a local user to escalate privileges via remote code execution...

PT-2026-41255

Name of the Vulnerable Software and Affected Versions AMD affected versions not specified Description An out-of-bounds write exists in the AMDGV CMD GET DIAG DATA ioctl handler. This issue could allow a local user to escalate privileges through remote code execution. Recommendations At the moment...

af_unix: read UNIX_DIAG_VFS data under unix_state_lock

...

CVE-2026-40498

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

CVE-2026-40498 FreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cron

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can access diagnostic and system tools that should be restricted to administrators. The /system/cron endpoint relies on a static MD5 hash derived from the APPKEY, which is exposed i...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003359 advisory. A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1...

CVE-2024-41970

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources...

Take control of your privacy with updates on Malwarebytes for Windows

It’s getting harder to keep your Windows space truly yours, as Microsoft increasingly serves annoying ads and tracks your data across third-party apps. Pushing back against your eroding privacy has been a scattered and sometimes complicated process… but we're making it easier for you. With the...

EUVD-2024-39300

Malicious code in bioql PyPI...

CVE-2025-8863

CVE-2025-8863 affects YugabyteDB: diagnostic information transmitted over HTTP can expose sensitive data during transmission. The CVSS 4.0 vector yields a HIGH base score (7.0) with network attack vector, high attack complexity, and impact mainly on confidentiality. No explicit fix version is pro...

CVE-2025-8863

YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission...

ROS-20250212-15

A vulnerability in the diagnosticschannel utility of the Node.js software platform is related to incorrectly set security restrictions on diagnostic data processing. incorrectly set security restrictions when processing diagnostic data. Exploitation of the vulnerability could allow an attacker to...

PT-2024-10669 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible stack buffer overflow in the MTK FLP MSG HAL DIAG REPORT DATA NTF handler of flp2hal interface.c due to a missing...

PT-2024-30275 · Qualcomm · Qualcomm Windows Wlan Host

Name of the Vulnerable Software and Affected Versions: Qualcomm Windows WLAN Host affected versions not specified Description: The issue involves memory corruption that occurs when invoking IOCTL calls from user space to read diagnostic information of the target WLAN. This corruption happens due ...

Understanding the Citrix Telemetry Service

Understanding the Citrix Telemetry Service The Citrix Telemetry Service plays a crucial role in maintaining and optimizing the user experience of Citrix products. This feature is designed to collect diagnostic, performance, and usage data from Citrix products back to Citrix. The information...

CVE-2024-41970 WAGO: Unauthorized Diagnostic Data Exposure in Multiple Devices

A low privileged remote attacker may gain access to forbidden diagnostic data due to incorrect permission assignment for critical resources...