CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Vulnrichment•added 2026/02/05 8:19 p.m.•3 views

CVE-2026-0106

In vpummap of vpuioctl, there is a possible arbitrary address mmap due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.7AI score0.00004EPSS

Exploits0References1

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35849)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35849 advisory. - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix information leak in...

7.1CVSS6.7AI score0.00014EPSS

Exploits0References2

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002212)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002212 advisory. The dovideosetspupalette function in fs/compatioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow...

4.7CVSS7.2AI score0.00104EPSS

Exploits0References13

OSV•added 2026/01/13 4:16 p.m.•4 views

AZL-74459 CVE-2025-68797 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: char: applicom: fix NULL pointer dereference in acioctl Discovered by Atuin - Automated Vulnerability Discovery Engine. In acioctl, the validation of IndexCard and the check for a valid RamIO pointer are skipped when cmd is 6...

5.6AI score0.00068EPSS

Exploits0References1

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414580 advisory. An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMA...

7.8CVSS6.5AI score0.00088EPSS

Exploits0References3

Debian CVE•added 2025/07/25 3:27 p.m.•4 views

CVE-2025-38459

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clippush. syzbot reported the splat below. 0 This happens if we call ioctlATMARPMKIP more than once. During the first call, clipmkip sets clippush to vcc-push, and the second call copies ...

7.8CVSS6.2AI score0.00045EPSS

Exploits0

Positive Technologies•added 2025/05/01 12:0 a.m.•3 views

PT-2025-18488 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bug in the Linux kernel's dm ioctl has been resolved. The issue occurs when the list versions function estimates the required space using the dm target iteratelist version get needed...

8.8CVSS7.9AI score0.00346EPSS

Exploits4References668

OSV•added 2024/10/21 8:15 p.m.•1 views

DEBIAN-CVE-2024-50048

In the Linux kernel, the following vulnerability has been resolved: fbcon: Fix a NULL pointer dereference issue in fbconputcs syzbot has found a NULL pointer dereference bug in fbcon. Here is the simplified C reproducer: struct param uint8t type; struct tioclselection ts; ; int main struct...

5.5CVSS5.9AI score0.00049EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 6:18 a.m.•2 views

SUSE CVE-2005-1264

Raw character devices raw.c in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589...

7.2CVSS6.6AI score0.00061EPSS

Exploits2References3

ATTACKERKB•added 2021/07/09 11:15 a.m.•1 views

CVE-2021-3612

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from th...

7.8CVSS6.7AI score0.00088EPSS

Exploits0References10

RedHat Linux•added 2018/04/10 9:1 a.m.•3 views

kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation

A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space...

7.8CVSS7AI score0.00085EPSS

Exploits0References4

OSV•added 2014/01/18 12:0 a.m.•0 views

UBUNTU-CVE-2014-1446

The yamioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAPNETADMIN capability for an SIOCYAMGCFG ioctl call...

1.9CVSS6.7AI score0.00154EPSS

Exploits1References14

RedHat Linux•added 2010/11/12 9:36 a.m.•3 views

kernel: gdth: Prevent negative offsets in ioctl

Array index error in the gdthreadevent function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request...

7.2CVSS5.8AI score0.0013EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by