Lucene search
K

12 matches found

Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS0.0017EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago7 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.11 views

Xen: x86 HVM I/O Port List Traversal (XSA-491)

HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses therefore needs...

7.9CVSS5.8AI score0.00095EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/18 8:29 p.m.22 views

CVE-2025-1272 Kernel: secure boot does not automatically enable kernel lockdown

The Linux Kernel lockdown mode for kernel versions starting on 6.12 and above for Fedora Linux has the lockdown mode disabled without any warning. This may allow an attacker to gain access to sensitive information such kernel memory mappings, I/O ports, BPF and kprobes. Additionally unsigned...

7.7CVSS0.00231EPSS
Exploits0References3
CVE
CVE
added 2026/02/18 8:29 p.m.332 views

CVE-2025-1272

Summary (CVE-2025-1272) : The Fedora Linux kernel lockdown mode for kernels starting with 6.12 is reported to be disabled without warning, enabling potential exposure of sensitive kernel data (memory mappings, I/O ports, BPF, and kprobes) and allowing unsigned modules to load, which could break S...

7.7CVSS7.8AI score0.00231EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2022/10/24 12:0 a.m.5 views

VulnCheck KEV: CVE-2018-19322

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges...

7.8CVSS7AI score0.01872EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2020/04/29 12:0 a.m.6 views

PT-2020-13118

Name of the Vulnerable Software and Affected Versions: G.SKILL Trident Z Lighting Control versions 1.00.08 and earlier Description: The issue allows local non-privileged users to access sensitive operations, including mapping and un-mapping of physical memory, reading and writing to Model Specifi...

7.8CVSS5.7AI score0.00502EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2019/02/09 12:0 a.m.9 views

PT-2019-3247 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.0.4 Description: The issue is related to a use-after-free error in the Linux kernel, specifically in the ipmi si module, which can be exploited to execute arbitrary code or cause a denial of service. This is d...

10CVSS7.9AI score0.98745EPSS
Exploits142References1470
RedHat Linux
RedHat Linux
added 2016/06/13 5:33 p.m.21 views

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...

8.8CVSS7.7AI score0.00916EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/11 1:1 a.m.8 views

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...

8.8CVSS7.7AI score0.00916EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/05/10 6:43 p.m.6 views

kernel: kvm: reporting emulation failures to userspace

It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...

4.9CVSS6.6AI score0.00374EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/11/19 7:56 p.m.6 views

kernel: kvm: reporting emulation failures to userspace

It was found that reporting emulation failures to user space could lead to either a local CVE-2014-7842 or a L2-L1 CVE-2010-5313 denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain...

4.9CVSS6.6AI score0.00374EPSS
Exploits0References4
Rows per page
Query Builder