Lucene search
+L

7358 matches found

Nuclei
Nuclei
added 4 hours ago47 views

GeoServer Demo Request Endpoint - Server Side Request Forgery

It is possible to achieve Server Side Request Forgery SSRF via the Demo request endpoint if Proxy Base URL has not been set. An unauthenticated user can supply a request that will be issued by the server, allowing enumeration of internal networks and, in the case of cloud instances, access to...

8.2CVSS7.2AI score0.01923EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-45034

A time-of-check to time-of-use TOCTOU flaw in the illumos data-link pseudo-driver dld affects handling of the DLDIOCGETMACPROP and DLDIOCSETMACPROP ioctls on /dev/dld. drviocpropcommon in usr/src/uts/common/io/dld/dlddrv.c copies the dldiocmacpropt ioctl header in once to read its prvalsize field...

5.8CVSS6.2AI score0.00084EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2 days ago11 views

PT-2026-60460

Name of the Vulnerable Software and Affected Versions ubuntu-pro-client affected versions not specified Description An insecure symlink following issue exists within the pro collect-logs command framework. The utility uses predictable temporary file paths or user-accessible log directories to...

5CVSS6AI score0.00155EPSS
Exploits0References5
NVD
NVD
added 3 days ago5 views

CVE-2026-14960

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

9.8CVSS0.00391EPSS
Exploits1References1
Cvelist
Cvelist
added 3 days ago43 views

CVE-2026-14960 CVE-2026-14960

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

0.00391EPSS
Exploits1References1
CVE
CVE
added 3 days ago17 views

CVE-2026-14960

CVE-2026-14960 concerns Pegatron tdeio64.sys exposing privileged hardware access via the .TdeIo device interface. Connected docs describe IOCTLs (TDE_IOCTL_INDEXIO_READ/WRITE) that allow unprivileged local users to perform arbitrary hardware I/O port operations without proper authorization, and,...

9.8CVSS6.2AI score0.00391EPSS
Exploits1References1
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-44730

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \.\TdeIo device interface. IOCTL handlers including TDEIOCTLINDEXIOREAD and TDEIOCTLINDEXIOWRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

6.2AI score0.00391EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-60231

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the .TdeIo device interface. IOCTL handlers including TDE IOCTL INDEXIO READ and TDE IOCTL INDEXIO WRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without...

9.8CVSS6.2AI score0.00391EPSS
Exploits1References4
NVD
NVD
added 4 days ago10 views

CVE-2026-50130

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root...

8.8CVSS0.00225EPSS
Exploits0References3
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-50130 Pi-hole: Local privilege escalation from `pihole` user to root via `/etc/pihole/logrotate`

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root...

8.8CVSS0.00225EPSS
Exploits0References3
CVE
CVE
added 4 days ago7 views

CVE-2026-10671

CVE-2026-10671 affects Zephyr kernel: the userspace verifier for k_pipe_init used K_SYSCALL_OBJ(), allowing an unprivileged thread with access to a k_pipe object to re-init a live pipe. This re-initialization clears the ring buffer and wait queues without accounting for current blockers, leaving ...

7.1CVSS6.1AI score0.00103EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 4 days ago4 views

CVE-2026-10669 Xtensa MPU `arch_buffer_validate()` integer-overflow lets a user thread bypass syscall pointer validation

On Xtensa SoCs built with CONFIGXTENSAMPU and CONFIGUSERSPACE, archbuffervalidate in arch/xtensa/core/mpu.c — the architecture hook that verifies a user-mode-supplied buffer is accessible to the calling user thread with the requested permission — defaulted its return value to 0 access permitted a...

7.8CVSS6.1AI score0.00114EPSS
Exploits0References2
NVD
NVD
added 6 days ago8 views

CVE-2026-10667

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00109EPSS
Exploits1References2
OSV
OSV
added 6 days ago6 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS6.1AI score0.00109EPSS
Exploits1References5
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS0.00109EPSS
Exploits1References2
CVE
CVE
added 6 days ago16 views

CVE-2026-10667

Zephyr CVE-2026-10667 affects SMP builds with CONFIG_USERSPACE and dynamic objects (CONFIG_DYNAMIC_OBJECTS). The bug is a use-after-free in the dynamic kernel-object tracker: k_object_wordlist_foreach() iterates obj_list under lists_lock while removals and frees occur under objfree_lock/obj_lock,...

7.8CVSS6.1AI score0.00109EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 6 days ago6 views

CVE-2026-10667 SMP use-after-free in Zephyr `CONFIG_USERSPACE` dynamic kernel-object tracking, reachable from unprivileged user threads

Zephyr's dynamic kernel-object tracking kernel/userspace/userspace.c, formerly kernel/userspace.c maintains a doubly-linked list objlist of dynamically allocated kernel objects. Iteration over this list in kobjectwordlistforeach was performed under listslock using the SAFE iterator which caches t...

7.8CVSS6.1AI score0.00109EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/07/11 3:34 a.m.7 views

SUSE CVE-2024-7881

An unprivileged context can trigger a data memory-dependent prefetch engine to fetch the contents of a privileged location and consume those contents as an address that is also dereferenced...

5.1CVSS6.1AI score0.00191EPSS
Exploits0References2
NVD
NVD
added 2026/07/10 9:17 p.m.7 views

CVE-2026-7639

Software installed and run as a non-privileged user may conduct a sequence of improper GPU system calls causing use after free, which helps in facilitating unprivileged memory access from a shader code. Triggering failure path in the MMU mapping logic by a malicious code could lead to incomplete...

7.8CVSS0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/07/10 9:16 p.m.8 views

CVE-2026-34196

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause an integer overflow and map two GPU virtual addresses to the same physical address. One of these virutal mappings can be freed along with the physical page, allowing for a read/write UAF via the...

7.8CVSS0.00118EPSS
Exploits0References1
Rows per page
Query Builder