Monthly
Local privilege escalation in Linux kernel XFRM ESP-in-TCP subsystem (Fragnesia vulnerability) allows authenticated local attackers to overwrite kernel memory structures by exploiting arbitrary byte writes into the kernel page cache of read-only files. CVSS score of 7.8 reflects high impact across confidentiality, integrity, and availability. Low attack complexity (AC:L) and no user interaction requirement (UI:N) make this exploitable by any local user with basic privileges. No confirmed active exploitation (not in CISA KEV) or public proof-of-concept identified at time of analysis, but the specific vulnerability name 'Fragnesia' suggests coordinated disclosure with security research community.
Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.
Stack memory write protection bypass in Semtech LoRa LR11xx transceiver firmware allows physical attackers with SPI interface access to overwrite the program call stack and achieve limited arbitrary code execution during an active session. The vulnerability affects LR1110, LR1120, and LR1121 devices running early firmware versions; however, impact is constrained to the current attack session because secure boot prevents persistent firmware modification, cryptographic keys remain isolated, and all changes revert upon device reboot or loss of physical access. CVSS 5.4 (moderate) reflects the physical attack requirement despite high confidentiality and integrity impact.
A critical write-what-where memory corruption vulnerability exists in p2r3 Bareiron (commit 8e4d40) that allows unauthenticated remote attackers to write arbitrary values to memory locations, enabling arbitrary code execution through specially crafted network packets. The vulnerability carries a CVSS score of 9.8 and is remotely exploitable without authentication, though it is not currently listed in CISA KEV and has no EPSS score data available. A proof-of-concept appears to exist based on the GitHub reference to a dedicated CVE repository.
Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.
A flaw was found in Libtiff. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity.
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where Condition” and “Exposure of Sensitive Information to an Unauthorized Actor” through local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Local privilege escalation in Linux kernel XFRM ESP-in-TCP subsystem (Fragnesia vulnerability) allows authenticated local attackers to overwrite kernel memory structures by exploiting arbitrary byte writes into the kernel page cache of read-only files. CVSS score of 7.8 reflects high impact across confidentiality, integrity, and availability. Low attack complexity (AC:L) and no user interaction requirement (UI:N) make this exploitable by any local user with basic privileges. No confirmed active exploitation (not in CISA KEV) or public proof-of-concept identified at time of analysis, but the specific vulnerability name 'Fragnesia' suggests coordinated disclosure with security research community.
Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) before build 42183.
Stack memory write protection bypass in Semtech LoRa LR11xx transceiver firmware allows physical attackers with SPI interface access to overwrite the program call stack and achieve limited arbitrary code execution during an active session. The vulnerability affects LR1110, LR1120, and LR1121 devices running early firmware versions; however, impact is constrained to the current attack session because secure boot prevents persistent firmware modification, cryptographic keys remain isolated, and all changes revert upon device reboot or loss of physical access. CVSS 5.4 (moderate) reflects the physical attack requirement despite high confidentiality and integrity impact.
A critical write-what-where memory corruption vulnerability exists in p2r3 Bareiron (commit 8e4d40) that allows unauthenticated remote attackers to write arbitrary values to memory locations, enabling arbitrary code execution through specially crafted network packets. The vulnerability carries a CVSS score of 9.8 and is remotely exploitable without authentication, though it is not currently listed in CISA KEV and has no EPSS score data available. A proof-of-concept appears to exist based on the GitHub reference to a dedicated CVE repository.
Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.
A flaw was found in Libtiff. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity.
APTIOV contains vulnerabilities in the BIOS where a privileged user may cause “Write-what-where Condition” and “Exposure of Sensitive Information to an Unauthorized Actor” through local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
ImageMagick is free and open-source software used for editing and manipulating digital images. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.