Lucene search
+L

8807 matches found

Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.13 views

PT-2026-55283

Name of the Vulnerable Software and Affected Versions CubeSpace CW0057 Reaction Wheel versions prior to 5.0.20 Description An improper verification of cryptographic signature allows an attacker with physical access to the product to upload arbitrary malicious firmware to the device without...

5.2CVSS6AI score0.00116EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 1:32 p.m.10 views

EUVD-2026-40990

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...

5.8AI score0.00164EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/07/01 1:32 p.m.9 views

CVE-2026-53356

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...

5.7AI score0.00164EPSS
Exploits0
CVE
CVE
added 2026/07/01 1:32 p.m.27 views

CVE-2026-53356

CVE-2026-53356 concerns the Linux kernel’s DRM i915 GEM phys BO handling. The issue stems from sg_page() returning a struct page pointer instead of a void*, which makes pread/pwrite offset scaling incorrect and risks accessing inappropriate parts of the BO when a non-zero offset is used. The vuln...

7.8CVSS5.8AI score0.00164EPSS
Exploits0References8
OSV
OSV
added 2026/07/01 1:32 p.m.3 views

CVE-2026-53356 drm/i915/gem: Fix phys BO pread/pwrite with offset

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...

7.8CVSS5.8AI score0.00164EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/07/01 1:32 p.m.48 views

CVE-2026-53356 drm/i915/gem: Fix phys BO pread/pwrite with offset

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix phys BO pread/pwrite with offset sgpage returns struct page pointer not void so the scaling of pread/pwrite is wrong for phys BO and wrong parts of BO would be accessed if non-zero offset is used. Last impacted...

7.8CVSS0.00164EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/01 12:34 a.m.23 views

EUVD-2026-40591

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40494

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

4.6CVSS5.8AI score0.00134EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-13905

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

4.2CVSS0.00092EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.7 views

DEBIAN-CVE-2026-13905

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:16 p.m.7 views

CVE-2026-13808

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

4.6CVSS0.00134EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.93 views

CVE-2026-13905

Chrome for iOS on Google Chrome (iOS) is affected by a race in versions prior to 150.0.7871.47, allowing a local attacker with physical access to potentially read confidential data from process memory. The issue is documented across CVE-2026-13905 and EUVD-2026-40591. Remediation is to upgrade to...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-13905

Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...

0.00092EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.7 views

CVE-2026-13808

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

4.6CVSS5.8AI score0.00134EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/28 11:15 p.m.44 views

CVE-2026-13514 Chess Play and Learn App com.chess AndroidManifest.xml backup

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS0.00133EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 11:15 p.m.22 views

CVE-2026-13514

The affected software is the Chess Play and Learn App for Android (com.chess), with impact up to version 4.9.42. The issue stems from a weakness in processing AndroidManifest.xml that can cause a backup file to be exposed to an unauthorized control sphere. Exploitation is feasible on a physical d...

2.4CVSS5.4AI score0.00133EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.10 views

SUSE CVE-2026-53324

In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...

5.8AI score0.00115EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:14 a.m.2 views

efi/capsule-loader: fix incorrect sizeof in phys array reallocation

...

5.5CVSS6.1AI score0.00195EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.9 views

CVE-2026-53324

In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...

5.5CVSS5.7AI score0.00115EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/26 8:29 a.m.11 views

CVE-2026-53232

A flaw was found in the Linux kernel's network PHY Physical Layer driver. When a PHY probing operation fails, the system does not properly clean up the SFP Small Form-Factor Pluggable upstream connection. This oversight leaves a dangling reference in the SFP bus, which could be accessed later...

8.8CVSS5.7AI score0.00276EPSS
Exploits0References4
Rows per page
Query Builder