1708 matches found
CVE-2026-25260
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...
CVE-2026-25260
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications...
CVE-2026-25260
CVE-2026-25260 describes a memory corruption vulnerability in Qualcomm components caused by accessing shared buffers without validating concurrent user-mode input modifications. The NVD entry lists CVSS v3.1: 7.8 (HIGH) with LOCAL attack vector, low complexity, and low privileges required, with n...
EUVD-2026-33069
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user - multi-user migration even when the device record has userId = null. In...
CVE-2026-47713 AnythingLLM: Legacy mobile device tokens bypass multi-user workspace scoping after mode migration
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user - multi-user migration even when the device record has userId = null. In...
PT-2026-44551
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mode can survive single-user - multi-user migration even when the device record has userId = null. In...
AnythingLLM 安全漏洞
AnythingLLM is an integrated AI application open source by Mintplex. Versions of AnythingLLM prior to 1.13.0 contained a security vulnerability. This vulnerability stemmed from mobile device tokens created in single-user mode being accepted after migration to multi-user mode, without any user...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective
1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
Ubuntu 25.10 : Linux kernel (Raspberry Pi) vulnerabilities (USN-8257-1)
"The remote Ubuntu 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8257-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signatur...
Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8245-1)
"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8245-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers that are active for the new thread in the user context. For a kernel thread, childregs-gp is never used since the kernel’s gp is not touched by switchto. Fo...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007041)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007041 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the...
Ubuntu 24.04 LTS / 25.10 : Linux kernel (GCP) vulnerabilities (USN-8183-1)
"The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8183-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify...
CVE-2026-40572
NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...