396 matches found
CVE-2026-53364
The CVE-2026-53364 entry concerns the Linux kernel Bluetooth HCI subsystem. A memory leak in hci_le_big_terminate() occurs when iso_list_data allocated via kzalloc_obj is not freed on an early return path after evaluating PA/BIG sync state (neither pa_sync_term nor big_sync_term flags set). This ...
PYSEC-2026-360 Session Fixation in ipsilon
A vulnerability in ipsilon 2.0 before 2.0.2, 1.2 before 1.2.1, 1.1 before 1.1.2, and 1.0 before 1.0.3 was found that allows attacker to log out active sessions of other users. This issue is related to how it tracks sessions, and allows an unauthenticated attacker to view and terminate active...
EulerOS 2.0 SP15 : nghttp2 (EulerOS-SA-2026-2494)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
CVE-2026-0828
Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...
CVE-2026-0828
CVE-2026-0828 affects Safetica’s endpoint client x64, specifically the kernel driver ProcessMonitorDriver.sys (versions 10.5.75.0 and 11.11.4.0). The vulnerability stems from an IOCTL path that lacks proper caller privilege validation, allowing an unprivileged user with a handle to the device to ...
CVE-2026-0828 Kernel driver vulnerability in Safetica Endpoint Client
Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes...
Denial Of Service (DoS)
Netty is vulnerable to Denial of Service DoS. The vulnerability is due to exposure of QUIC stateless reset tokens through connection ID generation, which allows an on-path attacker to derive the token and send spoofed Stateless Reset packets to terminate active connections...
BoxLite 安全漏洞
BoxLite is an open-source embedded microvirtual machine runtime developed by BoxLite. It provides hardware-isolated secure sandboxes for AI agents and code execution scenarios. Versions of BoxLite 0.8.2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from using a...
EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2026-2256)
According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...
EulerOS Virtualization 2.12.1 : nghttp2 (EulerOS-SA-2026-2082)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2026-2107)
According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...
CVE-2025-70795
STProcessMonitor 11.11.4.0, part of the Safetica Application suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. This is caused by insufficient caller validation in the driver's IOCTL handler, enabli...
CVE-2026-40136
SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
EUVD-2026-34077
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
CVE-2026-35081
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
PT-2026-45922
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes. This is caused by insufficient validation of user-supplied...
Exploit for CVE-2026-0828
CVE-2026-0828 — Safetica ProcessMonitorDriver.sys BYOVD PoC S...