EUVD-2025-208323

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver version 1.2.0.0 in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer...

CVE-2025-70616

Vulnerability: CVE-2025-70616 affects the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0). The IOCTL handler 0x80102058 copies user-supplied Options into a 40-byte stack buffer (Src[40]) without proper bounds checking, via memmove, enabling a stack-based buffer overflow. An attacker w...

EUVD-2017-9785

Malware in sbrugna...

EUVD-2017-2665

Malware in sbrugna...

kernel: vlan: enforce underlying device type

In the Linux kernel, the following vulnerability has been resolved: vlan: enforce underlying device type Currently, VLAN devices can be created on top of non-ethernet devices. Besides the fact that it doesn't make much sense, this also causes a bug which leaks the address of a kernel function to...

CVE-2022-25477

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR...

PT-2023-8000

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC SETCONF ioctl on the same tty file descriptor with t...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a risk of kernel bare address leakage in the Freeze Screen Detection module. Successful...

kernel: iscsi: unrestricted access to sessions and handles

A flaw was found in the way access to sessions and handles was handled in the iSCSI driver in the Linux kernel. A local user could use this flaw to leak iSCSI transport handle kernel address or end arbitrary iSCSI connections on the system...

CVE-2017-18694

CVE-2017-18694 affects Samsung mobile devices with Exynos5 software up to 2016-10-25. Root cause: an incorrect format specifier in the logging path allows reading kernel addresses from logs, enabling information disclosure. Impact per sources: kernel addresses disclosed; no exploitation details p...

CVE-2017-1000410

A flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space...

DEBIAN-CVE-2019-10639

The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols e.g....

kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...

kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass

The acpismbushcadd function in drivers/acpi/sbshc.c in the Linux kernel, through 4.14.15, allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call...

Google Android Qualcomm Component Information Disclosure Vulnerability (CNVD-2017-36259)

Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, and Qualcomm Camera is a camera program developed by Qualcomm. An information disclosure vulnerability exists in Qualcomm Camera in Android. The vulnerability can be exploited by an...

CVE-2016-9677

Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive kernel address information via unspecified vectors...

CVE-2016-3251

The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to obtain sensitive kernel-address information via a crafte...