Lucene search
+L

6019 matches found

Cvelist
Cvelist
added 8 hours ago7 views

CVE-2019-25764

UNSUPPORTED WHEN ASSIGNED Exposed IOCTL with Insufficient Access Control in the ASUS AURA SYNC driver allows a local user to bypass the driver's verification and invoke arbitrary IOCTLs, resulting in privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ...

7.3CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57896

An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...

6.9CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added yesterday16 views

CVE-2026-61389 AutomationDirect Productivity Suite Out-of-bounds Write

An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability...

7.3CVSS
Exploits0References3
CVE
CVE
added yesterday7 views

CVE-2026-60063

Technical details about CVE-2026-60063 are not publicly available in the provided documents. The available descriptions mention an out-of-bounds write in the Productivity Suite and potential privilege escalation, but no affected versions, vectors, or mitigations are disclosed. Monitor for updates.

7.3CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added yesterday16 views

CVE-2026-60063 AutomationDirect Productivity Suite Out-of-bounds Write

An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability...

7.3CVSS
Exploits0References3
Cvelist
Cvelist
added yesterday20 views

CVE-2026-15449 TOCTOU double copyin in illumos dld ioctl handling causes kernel heap corruption

A time-of-check to time-of-use TOCTOU flaw in the illumos data-link pseudo-driver dld affects handling of the DLDIOCGETMACPROP and DLDIOCSETMACPROP ioctls on /dev/dld. drviocpropcommon in usr/src/uts/common/io/dld/dlddrv.c copies the dldiocmacpropt ioctl header in once to read its prvalsize field...

5.8CVSS
Exploits0References3
CVE
CVE
added yesterday6 views

CVE-2026-15449

CVE-2026-15449 describes a TOCTOU vulnerability in the illumos data-link pseudo-driver (dld) regarding handling of DLDIOC_GETMACPROP and DLDIOC_SETMACPROP ioctls on /dev/dld. In drv_ioc_prop_common(), the header is read once to obtain pr_valsize, a kernel heap buffer is allocated, and then the fu...

5.8CVSS6.2AI score
Exploits0References3
Cvelist
Cvelist
added 2 days ago43 views

CVE-2026-14960 CVE-2026-14960

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

0.00203EPSS
Exploits1References1
NVD
NVD
added 2 days ago7 views

CVE-2026-15029

Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protection...

8.4CVSS0.00118EPSS
Exploits0References1
NVD
NVD
added 2 days ago8 views

CVE-2026-15030

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS0.00101EPSS
Exploits0References1
NVD
NVD
added 2 days ago8 views

CVE-2026-13585

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS0.00112EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-15030

The CVE-2026-15030 entry concerns ASUS components: System Control Interface v3, System Control Interface, and ASUS Business Manager. The weakness is an out-of-bounds read caused by a crafted IOCTL request that bypasses validation, enabling a local administrator to read memory regions beyond the i...

5.6CVSS6.1AI score0.00101EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago36 views

CVE-2026-15030

Out-of-bounds Read in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to read memory regions beyond the intended firmware boundary by supplying a crafted IOCTL request that bypasses the validation. Refer to the ' Security...

5.6CVSS0.00101EPSS
Exploits0References1
NVD
NVD
added 4 days ago7 views

CVE-2026-9492

The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...

8.5CVSS0.00109EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.9 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-124 (ALASKERNEL-5.10-2026-124)

"The version of kernel installed on the remote host is prior to 5.10.259-258.1043. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-124 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free i...

9.8CVSS6.4AI score0.00742EPSS
Exploits1References132
EUVD
EUVD
added 2026/07/07 4:2 p.m.6 views

EUVD-2026-42053

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.8 views

CVE-2025-59617

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.7 views

CVE-2025-59617 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

6.6CVSS6.1AI score0.00065EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:9 p.m.8 views

CVE-2025-59616

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS6.1AI score0.00064EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/06 8:9 p.m.8 views

CVE-2025-59616 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS6.1AI score0.00064EPSS
Exploits0References1
Rows per page
Query Builder