Lucene search
K

8752 matches found

CVE
CVE
added 4 hours ago7 views

CVE-2026-15029

The CVE-2026-15029 entry covers an Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager. The vulnerability permits a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests...

8.4CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 4 hours ago7 views

EUVD-2026-44589

Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protection...

8.4CVSS6.2AI score
Exploits0References1
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-9492 GIGABYTE|Gigabyte Control Center - Improper Access Control

The MBStorage DRAM lighting control module within Gigabyte Control Center GCC developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIOx64.sys bundled with the module, thereby arbitrari...

8.5CVSS0.00109EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-57623

Name of the Vulnerable Software and Affected Versions Gigabyte Control Center affected versions not specified Description The MBStorage DRAM lighting control module within Gigabyte Control Center GCC contains an improper access control issue. Authenticated local attackers can send specific IOCTL...

8.5CVSS6.1AI score0.00109EPSS
Exploits0References6
NVD
NVD
added 3 days ago8 views

CVE-2026-10663

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS0.00159EPSS
Exploits0References2
CVE
CVE
added 3 days ago15 views

CVE-2026-10663

The vulnerability CVE-2026-10663 affects Zephyr’s experimental USB host stack (CONFIG_USB_HOST_STACK). freed root usb_device slab in usbh_device_disconnect() leaves ctx->root dangling; bus removal handler dev_removed_handler() uses ctx->root to decide teardown. Synthesis of DEV_REMOVED even...

6.1CVSS6.1AI score0.00159EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 3 days ago5 views

CVE-2026-10663 Use-after-free / double-free of the root USB device in the experimental USB host stack

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS6.1AI score0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago29 views

CVE-2026-10663 Use-after-free / double-free of the root USB device in the experimental USB host stack

In Zephyr's experimental USB host stack CONFIGUSBHOSTSTACK, usbhdevicedisconnect subsys/usb/host/usbhdevice.c freed the root usbdevice slab object without clearing the cached pointer ctx-root. The bus removal handler devremovedhandler subsys/usb/host/usbhcore.c decides what to tear down solely fr...

6.1CVSS0.00159EPSS
Exploits0References2
CVE
CVE
added 5 days ago11 views

CVE-2026-7639

CVE-2026-7639 describes a vulnerability where software running as a non-privileged user can trigger a sequence of improper GPU system calls that cause use-after-free in the driver, enabling unprivileged access to memory from shader code. The failure path in MMU mapping can prevent complete cleanu...

7.8CVSS6.1AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-34196 GPU DDK - UAF read and/or write of arbitrary physical memory due to integer truncation in PMRDevPhysAddrOSMem

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...

0.00118EPSS
Exploits0References1
CVE
CVE
added 5 days ago10 views

CVE-2026-34196

CVE-2026-34196 concerns GPU-driver code: when non-privileged software makes improper GPU system calls, an integer overflow can cause two GPU virtual addresses to map to the same physical page. After freeing the first mapping and the physical page, the second mapping can be used to read/write to m...

7.8CVSS6.1AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-43032

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...

6.1AI score0.00118EPSS
Exploits0References1
The Hacker News
The Hacker News
added 5 days ago13 views

Laser Attack Resets Tangem Wallet Passwords on Cards That Can't Be Patched

Researchers at Ledger's Donjon security team have shown that a precisely timed laser pulse, aimed at the chip inside a Tangem crypto wallet card, can reset the card's password to anything the attacker picks. No old password. No backup card. Once it is reset, whoever did it controls the wallet and...

6.1AI score
Exploits0
NVD
NVD
added last week7 views

CVE-2026-36028

A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset...

6.8CVSS0.00237EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56535

Name of the Vulnerable Software and Affected Versions Code 27 Companion Hub affected versions not specified Description A protection mechanism failure allows an attacker with physical access to completely bypass kiosk restrictions by performing a factory reset. Recommendations At the moment, ther...

6.8CVSS6.1AI score0.00237EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/08 12:0 a.m.30 views

CVE-2026-36028

A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset...

0.00237EPSS
Exploits0References3
CVE
CVE
added 2026/07/08 12:0 a.m.6 views

CVE-2026-36028

Technical details are not publicly available in the provided documents. Monitor for updates as no specific affected components, versions, or remediation are disclosed here.

6.8CVSS6AI score0.00237EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:33 p.m.6 views

CVE-2026-58583

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/07 8:33 p.m.8 views

EUVD-2026-42094

FluxInk formerly Sunia SPB Peripheral Color Management Driver TcnPeripheral64.sys 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
CVE
CVE
added 2026/07/07 8:33 p.m.28 views

CVE-2026-58583

CVE-2026-58583 affects FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, enabling local privilege escalation for a standard user via arbitrary physical memory mapping at \Device\PhysicalMemory. Root cause: memory mapping vulnerability in the driver. Impact: potential elevation of pri...

8.4CVSS6AI score0.00101EPSS
Exploits0References4
Rows per page
Query Builder