Lucene search
+L

17 matches found

CVE
CVE
added 7 hours ago5 views

CVE-2026-63882

CVE-2026-63882 concerns the Linux kernel’s DRM/AMDKFD component, specifically the function svm_range_set_attr . The issue is a possible NULL pointer dereference where process_info could be NULL if the user does not call kfd_ioctl_acquire_vm before kfd_ioctl_svm . The vulnerability has been fixed ...

5.3AI score
Exploits0References6
OSV
OSV
added 2026/05/08 3:16 p.m.16 views

UBUNTU-CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.10 views

CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.7 views

CVE-2026-43370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free race in VM acquire Replace non-atomic vm-processinfo assignment with cmpxchg to prevent race when parent/child processes sharing a drmfile both try to acquire the same VM after fork. cherry picked...

5.7AI score0.00126EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39031

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free race condition exists in the drm/amdgpu component during VM acquire. This occurs when parent and child processes sharing a drm file both attempt to acquire the same VM...

7.8CVSS5.4AI score0.00126EPSS
Exploits0References20
RedHat Linux
RedHat Linux
added 2023/09/19 2:7 p.m.48 views

Moderate: Red Hat Security Advisory: linux-firmware security update

An update for linux-firmware is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

5.5CVSS7AI score0.05794EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.4 views

SUSE CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...

3.3CVSS6.6AI score0.00523EPSS
Exploits2References3
OSV
OSV
added 2022/05/14 12:55 a.m.31 views

GHSA-89C9-3758-737W keycloak-httpd-client-install Insecure Secrets

keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users...

7.8CVSS6.2AI score0.00378EPSS
Exploits0References4
Kitploit
Kitploit
added 2020/11/10 11:30 a.m.39 views

paradoxiaRAT - Native Windows Remote Access Tool

Paradoxia Remote Access Tool. Features Paradoxia Console Feature | Description ---|--- Easy to use | Paradoxia is extremely easy to use, So far the easiest rat! Root Shell | - Automatic Client build | Build Paradoxia Client easily with or without the icon of your choice. Multithreaded |...

7.5AI score
Exploits0References6
OSV
OSV
added 2020/09/03 5:27 p.m.10 views

GHSA-CRR2-PH72-C52G Malicious Package in my-very-own-package

All versions of my-very-own-package contain malicious code. The package sends the output of process.versions, process.arch and process.platform to a remote server in a postinstall script. Recommendation Remove the package from your environment. There are no further signs of compromise...

9.8CVSS7.1AI score
Exploits0References1
OSV
OSV
added 2019/10/29 12:0 a.m.7 views

UBUNTU-CVE-2019-15790

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through getpidinfo in data/apport. An unprivileged user could exploit this to read information about a privileged...

3.3CVSS5.8AI score0.00523EPSS
Exploits2References4
Veracode
Veracode
added 2019/08/08 12:7 a.m.19 views

Information Disclosure

keycloak-httpd-client-install is vulnerable to information disclosure. Users are able to submit passwords through command line, which would cause the passwords to be stored in command histories and process info...

7.8CVSS1.3AI score0.00378EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2018/01/20 12:29 a.m.12 views

Design/Logic Flaw

keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users...

2.1CVSS7.5AI score0.00378EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/01/20 12:0 a.m.14 views

CVE-2017-15112

keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users...

7.6AI score0.00378EPSS
Exploits0References2
Kitploit
Kitploit
added 2015/02/03 10:12 p.m.38 views

Socat - Multipurpose relay (SOcket CAT)

Socat is a utility similar to the venerable Netcat that works over a number of protocols and through a files, pipes, devices terminal or modem, etc., sockets Unix, IP4, IP6 - raw, UDP, TCP, a client for SOCKS4, proxy CONNECT, or SSL, etc. It provides forking, logging, and dumping, different modes...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2013/12/07 12:0 a.m.6 views

PT-2013-6224 · Microsoft · Windows Server 2008 R2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Server 2008 SP2 Description: The IsHandleEntrySecure function in win32k.sys does not properly validate the tagPROCESSINFO pW32Job field, allowing local users to cause a denial of service via a crafted...

4CVSS6.8AI score0.01957EPSS
Exploits1References5
Nmap
Nmap
added 2012/05/29 6:25 p.m.156 views

eppc-enum-processes NSE Script

Attempts to enumerate process info over the Apple Remote Event protocol. When accessing an application over the Apple Remote Event protocol the service responds with the uid and pid of the application, if it is running, prior to requesting authentication. Example Usage nmap -p 3031 --script...

10CVSS9.1AI score0.99448EPSS
Exploits33
Rows per page
Query Builder