Lucene search
K

15230 matches found

RedHat Linux
RedHat Linux
added 16 hours ago6 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS6.7AI score0.00145EPSS
Exploits0References5
NVD
NVD
added 4 days ago6 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

7.8CVSS0.00155EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago9 views

EUVD-2026-43037

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

6.1AI score0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago31 views

CVE-2026-7639 GPU DDK - Page UAF read in PMMETA_PROTECT heap memory

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

0.00155EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-15109

Summary: CVE-2026-15109 affects Google Chrome via an uninitialized use in ANGLE. Affected component: ANGLE in Chrome. Impact: remote attacker could potentially read sensitive data from process memory by enticing a user to visit a crafted HTML page. Versions: Chrome prior to 150.0.7871.115 are aff...

6.5CVSS6AI score0.00215EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-15109

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6AI score0.00215EPSS
Exploits0References3Affected Software1
OSV
OSV
added 6 days ago5 views

BIT-PYTHON-MIN-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.7AI score0.00132EPSS
Exploits0References7
CVE
CVE
added 6 days ago13 views

CVE-2026-57237

CVE-2026-57237 impacts Foxit PDF Editor/Reader (annotation handling) where JavaScript modifying form-field properties leaves underlying objects in an invalid state, triggering a use-after-free and reading an illegal memory address. This can crash the application. The Connected documents do not pr...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software2
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-42196

When the application opens a PDF and JavaScript modifies the properties of form fields, it causes the state of the underlying objects referenced by the program to become invalid. Eventually, it reads an illegal memory address, which leads to the crash of the application...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-57237

When the application opens a PDF and JavaScript modifies the properties of form fields, it causes the state of the underlying objects referenced by the program to become invalid. Eventually, it reads an illegal memory address, which leads to the crash of the application...

7.8CVSS5.9AI score0.00116EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2026/07/07 5:16 p.m.10 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS0.0017EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/07 4:2 p.m.11 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/07 4:2 p.m.6 views

EUVD-2026-42053

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/07 2:14 p.m.7 views

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

7.8CVSS6.5AI score0.00114EPSS
Exploits0References5
OSV
OSV
added 2026/07/07 10:17 a.m.6 views

PYSEC-2026-981 Out of bounds write in grappler in Tensorflow

Impact The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. Patches We have patched the issue in GitHub commit...

7.1CVSS6AI score0.00449EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/07 5:55 a.m.3 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.9AI score0.00143EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 1:19 a.m.5 views

kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...

7.8CVSS5.9AI score0.00143EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 2:31 p.m.5 views

kernel: RDMA/rxe: Fix double free in rxe_srq_from_init

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...

7.8CVSS6.6AI score0.00175EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 1:47 p.m.4 views

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

7.8CVSS6.5AI score0.00114EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/06 4:59 a.m.3 views

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

7.8CVSS5.9AI score0.00114EPSS
Exploits0References5
Rows per page
Query Builder