541 matches found
CVE-2026-47472
NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer where an attacker with local same-user access could cause deserialization. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, and denial of service...
CVE-2026-47472
NVIDIA TensorRT-LLM contains a vulnerability in its inter-process communication layer where an attacker with local same-user access could cause deserialization. A successful exploit of this vulnerability might lead to code execution, information disclosure, data tampering, and denial of service...
Security Bulletin: NVIDIA TensorRT-LLM - July 2026
NVIDIA has released a software update for NVIDIA® TensorRT-LLM. To protect your system, clone or update this software from the NVIDIA/TensorRT-LLM GitHub repo. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses a...
CVE-2026-8921
External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information...
CVE-2026-22078 O+ Connect's lack of authentication for IPC channels led to a local privilege escalation vulnerability.
Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel...
CVE-2026-22078
CVE-2026-22078 concerns O+ Connect where an unauthenticated IPC service allows a local attacker to escalate privileges via the IPC channel. The root cause is lack of client authentication on the IPC interface, enabling external applications to perform sensitive actions with elevated privileges. T...
CVE-2026-52993
A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC module. This vulnerability, a double-free, occurs when the tipcbufappend function incorrectly handles memory after a socket buffer skb reallocation. An attacker could potentially exploit this to cause system...
CVE-2026-53202 accel/ivpu: Fix signed integer truncation in IPC receive
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...
CVE-2026-52930
A flaw was found in the Linux kernel's inter-process communication IPC shared memory shm component. A synchronization issue exists where orphaned shared memory segments might be incorrectly destroyed while still in use due to a lack of serialization between cleanup and attachment updates. This...
CVE-2026-52923
In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions via the module and resolve request types in the internal IPC server. An attacker can access sensitive files and secrets by connecting to the world-accessible abstract-namespace Unix socket and issuing craft...
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data
A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...
Falco 0.44.1
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco...
CVE-2026-41981
Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-9279 Shell command injection in Logseq
Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name e.g. git, pandoc, grep, the argument string is concatenated with the command and passed to childprocess.spawn with the shell: true option, allowing shell...
CVE-2026-41982
Race condition vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-41981
Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability...
Huawei HarmonyOS 资源管理错误漏洞
Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There is a resource management vulnerability in HUAWEI HarmonyOS, which stems from a race condition in the IPC module and may...
PT-2026-47697
Out-of-bounds write vulnerability in the IPC module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-47796
1 Local Privilege Escalation via DYLIB Injection CVE-2026-24064 2 Local Privilege Escalation via Insecure XPC Client Validation CVE-2026-24065 Multiple Local Privilege Escalation Vulnerabilities in Waves Audio Waves Central https://t.co/fkys4ePhWy...