30 matches found
CVE-2026-45993
A flaw was found in the Linux kernel, specifically affecting the LoongArch architecture. The system call syscall dispatch table, which handles requests from user programs, does not properly validate the syscall number provided by userspace. This missing boundary check could allow a local attacker...
EUVD-2026-32289
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a arrayindexnospec boundry to prevent access past the syscall function pointer tables...
CVE-2026-45993
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a arrayindexnospec boundry to prevent access past the syscall function pointer tables...
UBUNTU-CVE-2026-45993
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a arrayindexnospec boundry to prevent access past the syscall function pointer tables...
CVE-2026-45993 LoongArch: Add spectre boundry for syscall dispatch table
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a arrayindexnospec boundry to prevent access past the syscall function pointer tables...
CVE-2026-45993
The CVE-2026-45993 entry concerns the Linux kernel on LoongArch. It identifies a vulnerability where the syscall number, controlled by userspace, lacked an array_index_nospec() boundary to prevent dereferencing past the syscall function pointer tables. The documented consequence is exposure of ac...
CVE-2026-45993
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a arrayindexnospec boundry to prevent access past the syscall function pointer tables...
CVE-2026-45993
LoongArch: Add spectre boundry for syscall dispatch table...
PT-2026-43860
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a array index nospec boundry to prevent access past the syscall function pointer tables...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Added a spectre boundary for the syscall dispatch table. The s390 syscall number is directly controlled by the user space, but there is no arrayindexnospec boundary to prevent access beyond the syscall function...
s390/syscalls: Add spectre boundary for syscall dispatch table
...
SUSE CVE-2026-31483
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...
CVE-2026-31483 s390/syscalls: Add spectre boundary for syscall dispatch table
In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an arrayindexnospec boundary to prevent access past the syscall function pointer tables...
SUSE CVE-2018-17458
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP
Exploit Title: IcoFX 2.6 - '.ico' Buffer Overflow SEH + DEP Bypass using JOP Date: 2020-05-20 Exploit Author: Austin Babcock Vendor Homepage: https://icofx.ro/ Software Link: https://drive.google.com/file/d/1SONzNStAW3pAPU5IUvsYS3z0jYymEZn/view?usp=sharing Version: 2.6.0.0 Tested on: Windows 7...
CVE-2018-17458
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
UBUNTU-CVE-2018-17458
An improper update of the WebAssembly dispatch table in WebAssembly in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
Microsoft Windows 7 Kernel - win32k!xxxClientLpkDrawTextEx Stack Memory Disclosure
Microsoft Windows 7 Kernel - win32k!xxxClientLpkDrawTextEx Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1182 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7 other...
AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation
AVG Internet Security 2015.0.5315 - Arbitrary Write Privilege Escalation / Exploit Title - AVG Internet Security 2015 Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.avg.com/ Tested Version - 2015.0.5315 Driver...
BullGuard (Multiple Products) - Arbitrary Write Privilege Escalation
BullGuard Multiple Products - Arbitrary Write Privilege Escalation / Exploit Title - BullGuard Multiple Products Arbitrary Write Privilege Escalation Date - 04th February 2015 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://www.bullguard.com/ Tested Version - 14.1.285.4 Driver...