Lucene search
+L

7737 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-14960

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

9.8CVSS0.00391EPSS
Exploits1References1
Cvelist
Cvelist
added 3 days ago43 views

CVE-2026-14960 CVE-2026-14960

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

0.00391EPSS
Exploits1References1
CVE
CVE
added 3 days ago17 views

CVE-2026-14960

CVE-2026-14960 concerns Pegatron tdeio64.sys exposing privileged hardware access via the .TdeIo device interface. Connected docs describe IOCTLs (TDE_IOCTL_INDEXIO_READ/WRITE) that allow unprivileged local users to perform arbitrary hardware I/O port operations without proper authorization, and,...

9.8CVSS6.2AI score0.00391EPSS
Exploits1References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-44730

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

6.2AI score0.00391EPSS
Exploits1References1
CVE
CVE
added 4 days ago9 views

CVE-2026-12588

The CVE-2026-12588 entry describes a DoS condition in HX devices where an attacker with access to HX 10.0.0 and earlier can send specially crafted data to the HX console. The malicious detection triggers decompression of a large file, consuming excessive system resources and causing denial of ser...

6CVSS6.1AI score0.00185EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/10 8:53 p.m.36 views

CVE-2026-45196 GPU DDK - Arbitrary GPU register write in rgxfw_hwperf_hw due to unsanitized pointers from host kernel

Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a GPU register access which can lead to privilege escalation...

0.00106EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 3:16 p.m.8 views

CVE-2026-38059

The iDirect iQ200 exposes the /api/identity and /api/ REST API endpoints without authentication. An unauthenticated attacker with network access can retrieve sensitive device information including the serial number, Device ID DID, Terminal Private Key identifier TPK, MAC address, and exact firmwa...

8.7CVSS0.00592EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/07/10 2:51 p.m.17 views

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old password. No backup card. Once it is reset, whoever did it controls the wallet and...

6.1AI score
Exploits0
OSV
OSV
added 2026/07/10 1:40 p.m.1 views

MINI-Q4XX-3G26-FQPF

Bulletin has no description...

5.9CVSS6.1AI score
Exploits0
OSV
OSV
added 2026/07/10 1:39 p.m.4 views

MINI-CHW3-5VVC-H3M8

Bulletin has no description...

5.3CVSS6.1AI score0.00413EPSS
Exploits0
OSV
OSV
added 2026/07/10 1:39 p.m.1 views

MINI-H8CQ-333Q-8GMR

Bulletin has no description...

5.3CVSS6.1AI score0.00413EPSS
Exploits0
Ubuntu
Ubuntu
added 2026/07/10 9:38 a.m.6 views

USN-8492-5: Linux kernel (FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.6AI score0.00686EPSS
Exploits4
The Hacker News
The Hacker News
added 2026/07/10 9:0 a.m.16 views

Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets

Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom , and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out a...

6.1AI score
Exploits0
CVE
CVE
added 2026/07/09 9:13 p.m.59 views

CVE-2026-57031

Summary of CVE-2026-57031 (Junos OS MX Series): A vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series devices allows adjacent subscribers configured on static interfaces to bypass ingress firewall filters, disabling both protocol-level and upstream bandwi...

5.3CVSS6AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2026/07/09 4:16 p.m.4 views

ALPINE-CVE-2026-23561

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS6.2AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2026/07/09 4:16 p.m.8 views

CVE-2026-23562

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. XAPI can configure different users with different roles, using Role Based Access Control. For more details, see:...

9.4CVSS0.0014EPSS
Exploits0References1
CVE
CVE
added 2026/07/09 3:13 p.m.31 views

CVE-2026-23561

CVE-2026-23561 is part of a set of RBAC-related issues in XAPI (XenServer/XCP-ng) where certain administrator roles (vm-admin, etc.) can improperly modify RBAC-protected settings. Specifically, this CVE allows a vm-admin to set VM.other_config:storage_driver_domain and mark a VM as the storage do...

9.4CVSS7.3AI score0.0014EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.10 views

Ubuntu 26.04 LTS : Linux kernel (NVIDIA) vulnerabilities (USN-8507-1)

"The remote Ubuntu 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8507-1 advisory. It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker...

9.8CVSS7.1AI score0.00675EPSS
Exploits31References237
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.9 views

PT-2026-56256

Name of the Vulnerable Software and Affected Versions FluxInk Color Management Driver versions 1.0.7.2 through 1.0.7.5 Description The Color Management Driver TcnPeripheral64.sys allows a standard user account to achieve local privilege escalation. This is possible through arbitrary physical memo...

8.4CVSS6.2AI score0.00101EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2026/07/07 12:0 a.m.3 views

The vulnerability of the usbhs_remove() function in the drivers/usb/renesas_usbhs/common.c driver module allows a hacker to cause a service failure.

The vulnerability of the usbhsremove function in the drivers/usb/renesasusbhs/common.c file of the Linux device driver module is related to state management errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6AI score0.00176EPSS
Exploits0References13Affected Software2
Rows per page
Query Builder