CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 4 days ago•4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Fixed a divide-by-zero bug in arksetpixclock Since the user can control the arguments of the ioctl function from the user space, there are special cases where a divide-by-zero bug may occur. For example, in:...

5.5CVSS6AI score0.00156EPSS

AstraLinux•added 4 days ago•4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: dm ioctl: prevents potential Spectre v1 exploits. It seems that cmd could be a Spectre v1 exploit, as it is provided by a user and used as an array index. This vulnerability prevents the contents of kernel memory from being leake...

5.5CVSS6.1AI score0.00288EPSS

AstraLinux•added 4 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: A overflow issue was identified in IOMMUTESTOPADDRESERVED. syzkaller discovered that this could lead to an overflow in the test infrastructure and cause a WARN message by corrupting the reserved interval tree...

7.8CVSS5.2AI score0.00182EPSS

Tenable Nessus•added 5 days ago•5 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23236)

In the Linux kernel, the following vulnerability has been resolved: fbdev: smscufx: properly copy ioctl memory to kernelspace The UFXIOCTLREPORTDAMAGE ioctl does not properly copy data from userspace to kernelspace, and instead directly references the memory, which can cause problems if invalid...

7.3CVSS5.7AI score0.00206EPSS

Exploits0References3

Cvelist•added 6 days ago•17 views

CVE-2026-8049 CVE-2026-8049

In SignalRGB versions prior to 1.3.7.0, the \.\SignalIo device object is created without an explicit SDDL security descriptor and without FILEDEVICESECUREOPEN. This results in overly permissive default access control, allowing any authenticated local user to obtain a handle to the device and issu...

0.00087EPSS

EUVD•added 6 days ago•7 views

EUVD-2025-210212

Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the bypassing of all...

6.8CVSS5.3AI score0.00163EPSS

NVD•added 6 days ago•5 views

CVE-2025-15641

6.8CVSS0.00163EPSS

OSV•added 6 days ago•5 views

UBUNTU-CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl"...

4.8CVSS5.7AI score0.0014EPSS

NVD•added 2026/06/16 8:16 p.m.•5 views

CVE-2026-0125

In multiple functions of vpuioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7CVSS0.00067EPSS

Cvelist•added 2026/06/16 6:50 p.m.•20 views

CVE-2026-0125

0.00067EPSS

NVD•added 2026/06/16 12:16 p.m.•14 views

CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS0.0014EPSS

EUVD•added 2026/06/16 10:32 a.m.•6 views

EUVD-2026-37064

4.8CVSS5.6AI score0.0014EPSS

Cvelist•added 2026/06/16 10:32 a.m.•27 views

CVE-2026-8484 Heap buffer overflow in Jansi

4.8CVSS0.0014EPSS

CVE•added 2026/06/16 10:32 a.m.•13 views

CVE-2026-8484

The CVE-2026-8484 entry describes a heap buffer overflow in the Jansi JNI"ioctl()" wrapper caused by missing size verification of the argument array before the system call. Affected software is Jansi (JNI wrapper) and, per sources, all versions are believed vulnerable. Consequences stated are hea...

4.8CVSS5.7AI score0.0014EPSS

Positive Technologies•added 2026/06/16 12:0 a.m.•13 views

PT-2026-49784

Name of the Vulnerable Software and Affected Versions vpu ioctl.c affected versions not specified Description A race condition in multiple functions of vpu ioctl.c can lead to a use after free, which is a scenario where a program continues to use a pointer after it has been freed. This issue may...

7CVSS5.9AI score0.00067EPSS

Exploits0References4

NVD•added 2026/06/15 12:16 a.m.•9 views

CVE-2026-12193

A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtlHandler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is...

8.5CVSS0.0019EPSS

Cvelist•added 2026/06/14 11:30 p.m.•33 views

CVE-2026-12193 VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

8.5CVSS0.0019EPSS

Vulnrichment•added 2026/06/14 11:30 p.m.•8 views

CVE-2026-12193 VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

8.5CVSS7.4AI score0.0019EPSS

CVE•added 2026/06/14 11:30 p.m.•15 views

CVE-2026-12193

VS Revo RevoUninstaller 2.5.x/2.6.x contains a heap-based overflow in IOCtl_Handler of RevoDetector.sys (IOCTL Handler). The vulnerability enables a local attack and is supported by publicly available exploit material. Upgrading to version 2.7.0 fixes the issue. If you rely on affected builds, ap...

8.5CVSS7.5AI score0.0019EPSS