71 matches found
EUVD-2024-20815
Malicious code in bioql PyPI...
EUVD-2022-35910
Malicious code in bioql PyPI...
PT-2025-37536
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to the fsverity functionality. A change introduced by commit 56124d6c87fd, intended to support enabling fsverity with smaller tree block sizes...
CVE-2025-38588
In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent infinite loop in rt6nlmsgsize While testing prior patch, I was able to trigger an infinite loop in rt6nlmsgsize in the following place: listforeachentryrcusibling, &f6i-fib6siblings, fib6siblings...
Exploit for Use After Free in Google Android
This is a PoC Proof of Concept application demonstrating the power of an Android kernel arbitrary R/W, targeting CVE-2019-2215. The application is designed to exploit this vulnerability, which allows for arbitrary read and write access to the kernel. The exploit is implemented in the native/poc.c...
CVE-2024-23296
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write...
CVE-2024-23225
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write...
CVE-2022-32844
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication...
CVE-2025-46716 Sandboxie Arbitrary Kernel Read in SbieDrv.sys API (API_SET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiSetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to read...
CVE-2025-46716 Sandboxie Arbitrary Kernel Read in SbieDrv.sys API (API_SET_SECURE_PARAM)
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, ApiSetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to read...
CVE-2025-32776
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...
UBUNTU-CVE-2025-32776
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...
CVE-2024-57995 wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev()
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix read pointer after free in ath12kmacassignviftovdev In ath12kmacassignviftovdev, if arvif is created on a different radio, it gets deleted from that radio through a call to ath12kmacunassignlinkvif. This action...
CVE-2022-49078
In the Linux kernel, the following vulnerability has been resolved: lz4: fix LZ4decompresssafepartial read out of bound When partialDecoding, it is EOF if we've either filled the output buffer or can't proceed with reading an offset for following match. In some extreme corner cases when compresse...
AZL-67605 CVE-2024-53219 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
CVE-2024-47715
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...
CVE-2024-47715 wifi: mt76: mt7915: fix oops on non-dbdc mt7986
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix oops on non-dbdc mt7986 mt7915bandconfig sets bandidx = 1 on the main phy for mt7986 with MT7975ONEADIE or MT7976ONEADIE. Commit 0335c034e726 "wifi: mt76: fix race condition related to checking tx queue fi...
CVE-2024-47715
Summary: CVE-2024-47715 affects the Linux kernel’s wifi mt76 driver for MT7915 on MT7986. The issue stemmed from mt7915_band_config() setting band_idx to 1 on the main phy for MT7986 with MT7975_ONE_ADIE or MT7976_ONE_ADIE, which caused a dereference of the phys array via wcid->phy_idx in mt76...
CVE-2024-23296
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited...