Lucene search
K

50 matches found

NVD
NVD
added 2026/06/27 10:16 a.m.11 views

CVE-2026-49416

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

7.8CVSS0.00107EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/27 9:25 a.m.11 views

EUVD-2026-39960

The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the end of the allocation. An...

6AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.16 views

PT-2026-53065

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The CONS HISTORY ioctl handler fails to properly validate the requested history size. Providing a large value leads to an integer overflow during the buffer size...

7.8CVSS5.9AI score0.00107EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.7 views

FreeBSD : FreeBSD -- Integer overflow in vt(4) CONS_HISTORY ioctl (71036b90-6476-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 71036b90-6476-11f1-958d-bc241121aa0a advisory. The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value...

7.8CVSS5.6AI score0.00107EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/11 6:31 p.m.14 views

EUVD-2026-29087

Symbolic-link path traversal CWE-61, CWE-22 in pgAdmin 4 File Manager. checkaccesspermission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while the subsequent kernel write follows symlinks. An authenticated user could plant a symbolic link inside their own storag...

8.1CVSS5.8AI score0.00359EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/07 2:19 a.m.21 views

SUSE CVE-2026-43075

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/04/09 7:19 p.m.150 views

Exploit for Out-of-bounds Read in Microsoft

!CVEhttps://img.shields.io/badge/CVE-2025--60709-FF0000?styl...

7.8CVSS7.3AI score0.0051EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/03/29 6:7 p.m.182 views

Exploit for Out-of-bounds Read in Microsoft

!CVEhttps://img.shields.io/badge/CVE-2025--60709-FF0000?styl...

7.8CVSS6.6AI score0.0051EPSS
Exploits2
GithubExploit
GithubExploit
added 2026/03/18 6:53 p.m.176 views

Exploit for Out-of-bounds Write in Apple Ipados

CVE-2025-24257 IOGPUFamily bitmapmask underflow — kernel h...

7.1CVSS5.8AI score0.00252EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fixed the warning from kernelwriteiter 2110.972290 ------------ Cut here ------------ 2110.972301 WARNING: CPU: 3 PID: 735 at fs/readwrite.c:599 kernelwriteiter+0x21b/0x280 This patch does not allow writing to directories...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : kernel-3.10.0-1160.99.1.el7 (AXSA:2023-6384:24)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6384:24 advisory. kernel: clsflower: out-of-bounds write in flsetgeneveopt CVE-2023-35788 hw: amd: Cross-Process Information Leak CVE-2023-20593 Tenable has extracted...

7.8CVSS6.9AI score0.05794EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2018-15451

Malware in sbrugna...

7.8CVSS7.9AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987209 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpmchip The following sequence of operations results in a...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-7604

Malicious code in bioql PyPI...

8.2CVSS9AI score0.00963EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/17 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2025-39828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close,...

7.8CVSS7.2AI score0.00157EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/16 1:0 p.m.11 views

CVE-2025-39828 atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...

0.00157EPSS
Exploits0References8
Gitee
Gitee
added 2025/07/27 4:22 a.m.89 views

IOHIDeous

IOHIDeous A macOS kernel exploit based on an IOHIDFamily 0day. Write-up here. Notice The prefetch timing attack I'm using for hid for some reason doesn't work on High Sierra 10.13.2 anymore, and I don't feel like investigating that. Maybe patched, maybe just the consequence of a random change, I...

6.8AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.4 views

ksmbd: fix the warning from __kernel_write_iter

...

5.5CVSS7.6AI score0.00156EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:34 p.m.5 views

CVE-2022-20155

In ipucorejqsmsgtransportkernelwritesync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

7CVSS6.7AI score0.00083EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 p.m.8 views

CVE-2022-32844

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication...

6.3CVSS6.1AI score0.00197EPSS
Exploits0References1
Rows per page
Query Builder