Lucene search
+L

640 matches found

NVD
NVD
added yesterday3 views

CVE-2019-25764

UNSUPPORTED WHEN ASSIGNED Exposed IOCTL with Insufficient Access Control in the ASUS AURA SYNC driver allows a local user to bypass the driver's verification and invoke arbitrary IOCTLs, resulting in privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ...

7.3CVSS0.0009EPSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2019-25764

CVE-2019-25764 concerns the ASUS AURA SYNC driver, where an exposed IOCTL with insufficient access control enables a local user to bypass verification and invoke arbitrary IOCTLs, leading to privilege escalation. The available connected documents confirm the affected component as the ASUS AURA SY...

7.3CVSS6.2AI score0.0009EPSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2019-20200

UNSUPPORTED WHEN ASSIGNED Exposed IOCTL with Insufficient Access Control in the ASUS AURA SYNC driver allows a local user to bypass the driver's verification and invoke arbitrary IOCTLs, resulting in privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ...

7.3CVSS5.5AI score0.0009EPSS
Exploits0References1
NVD
NVD
added 2 days ago7 views

CVE-2026-60063

An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability...

7.3CVSS0.00107EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-60140 AutomationDirect Productivity Suite Out-of-bounds Read

An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This can lead to exposing sensitive information or causing the affected product to become unstable or unavailable...

6.9CVSS0.00106EPSS
Exploits0References3
CVE
CVE
added 2 days ago6 views

CVE-2026-61389

Technical details about CVE-2026-61389 are not publicly provided in the supplied documents; no affected product versions, root cause, or remediation details are present beyond the basic description. Monitor for updates.

7.3CVSS6.1AI score0.00107EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-45024

An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability...

7.3CVSS6.1AI score0.00107EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago9 views

EUVD-2026-44587

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe...

8.2CVSS6AI score0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-9492 GIGABYTE|Gigabyte Control Center - Improper Access Control

The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...

8.5CVSS0.00109EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/07 4:2 p.m.12 views

CVE-2026-57851 MSI KernCoreLib64.sys Privilege Escalation via IOCTL Handlers

MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
CVE
CVE
added 2026/07/07 4:2 p.m.18 views

CVE-2026-57851

MSI Feature Manager contains a local privilege escalation via the KernCoreLib64.sys kernel driver. An attacker with local access can use exposed IOCTL handlers to perform arbitrary physical memory read/write and unrestricted I/O port operations without administrator privileges. This can enable ma...

8.5CVSS6AI score0.0017EPSS
Exploits0References2
NVD
NVD
added 2026/07/06 9:16 p.m.7 views

CVE-2025-59615

Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization...

7.8CVSS0.00064EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 9:16 p.m.8 views

CVE-2025-59617

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input...

7.3CVSS0.00065EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 9:16 p.m.12 views

CVE-2025-59616

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

7.8CVSS0.00064EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:9 p.m.41 views

CVE-2025-59616 Use After Free in Computer Vision

Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory...

6.6CVSS0.00064EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.9 views

PT-2026-55985

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when invoking device input/output control operations for mapping and unmapping persistent memory buffers. This issue is caused by improp...

7.8CVSS6AI score0.00064EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/04 1:15 p.m.9 views

EUVD-2026-41674

A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...

5.3CVSS5.5AI score0.00309EPSS
Exploits0References7
NVD
NVD
added 2026/07/03 3:16 a.m.9 views

CVE-2022-4989

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS...

8.5CVSS0.00103EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 3:47 p.m.44 views

CVE-2026-0828 Kernel driver vulnerability in Safetica Endpoint Client

Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...

0.00461EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/06/25 7:3 a.m.34 views

CVE-2026-56129

Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory...

6.8CVSS0.00121EPSS
Exploits0References3
Rows per page
Query Builder