59000 matches found
CVE-2025-29338
CVE-2025-29338 affects the NXP moal.ko Wi‑Fi kernel driver (driver version 5.1.7.10) across firmware builds from v17.92.1.p149.43 to v17.92.1.p149.157. The root cause is a stack‑based buffer overflow in the parsing path: woal_setup_module_param allocates a fixed stack buffer and parse_cfg_get_lin...
Hono 资源管理错误漏洞
Hono is a web framework built in TypeScript for the Hono community. Versions of Hono prior to 4.12.16 contained a resource management vulnerability. This vulnerability stemmed from the fact that the bodyLimit function did not reliably enforce the maxSize for requests without an available...
Linux Distros Unpatched Vulnerability : CVE-2026-43477
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/vrr: Configure VRR timings after enabling TRANSDDIFUNCCTL Apparently ICL may hang with an MCE if we write TRANSVRRVMAX/FLIPLINE before enabling...
CVE-2025-29338
NXP moal.ko Wi-Fi driver 5.1.7.10 FW version from v17.92.1.p149.43 To v17.92.1.p149.157 was discovered to contain a buffer overflow via the modpara parameter in the woalinitmoduleparam function...
Flowise < 3.0.5 - Missing Authentication for Critical Function
Exploit Title: Flowise 3.0.5 - Missing Authentication for Critical Function Date: 10/11/2025 Exploit Author: nltt0 https://github.com/nltt-br Vendor Homepage: https://flowiseai.com/ Software Link: https://github.com/FlowiseAI/Flowise Version: 3.0.5 CVE: CVE-2025-58434 from requests import post fr...
EUVD-2026-29604
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
EUVD-2026-29511
The Adversarial Robustness Toolbox ART thru 1.20.1 contains a remote code execution vulnerability in its Kubeflow component. The robustness evaluation function for PyTorch models uses the unsafe eval function to dynamically evaluate user-supplied strings for the LossFn and Optimizer parameters...
CVE-2026-41088
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-35416
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-34345
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-34344
Access of resource using incompatible type 'type confusion' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...
CVE-2026-42144
A flaw was found in the CImg library. An integer overflow vulnerability in the WHD size computation inside loadpnm can bypass the memory allocation guard. A crafted PNM/PGM/PPM file with large dimension values causes the overflow to wrap around, allocating an undersized buffer and potentially...
CVE-2026-41088 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2026-41088 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2026-41088
CVE-2026-41088 affects Windows: External control of file name or path in the Windows Ancillary Function Driver for WinSock can allow an authorized local user to elevate privileges. The available connected records corroborate the issue description (Windows WinSock driver path/name control enabling...
CVE-2026-35416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2026-35416 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...
CVE-2026-35416
CVE-2026-35416 describes a local privilege escalation due to a use-after-free in the Windows Ancillary Function Driver for WinSock. The description in the connected documents confirms the vulnerable component and the root cause as a use-after-free, leading to elevation of privileges for an author...
CVE-2026-34345
CVE-2026-34345 describes a race condition in the Windows Ancillary Function Driver for WinSock that allows local privilege escalation when a shared resource is improperly synchronized. Connected sources confirm the vulnerability affects Windows components and has been addressed by the May 2026 up...
CVE-2026-34344 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
...