CVE-2026-45958

A flaw was found in the Linux kernel's drm/exynos: vidi driver. A local user could exploit this vulnerability by directly dereferencing a user pointer in the vidiconnectionioctl function. This allows for arbitrary kernel memory access from user space, potentially leading to privilege escalation o...

CVE-2026-40003

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

CVE-2024-21962

Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution...

CVE-2024-21962

The CVE-2024-21962 entry concerns the AMD RAID driver and is supported by multiple sources (NVD entry and AMD security bulletin AMD-SB-4016). It describes Improper Input Validation in the AMD RAID driver that could allow an attacker to point to an arbitrary memory location, potentially resulting ...

CVE-2025-29938

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...

EUVD-2025-209874

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...

CVE-2025-29938

CVE-2025-29938 affects AMD Platform Management Framework (PMF). The issue is an unchecked return value that could allow an attacker to write to an arbitrary memory address, potentially causing denial of service or arbitrary code execution. CVSS:4.0 (AV:L/AC:L/PR:L/UI:N/S:C/VC:N/VI:L/VA:H/SC:H/SI:...

CVE-2025-29937

An out of bounds read within the AMD Platform Management Framework PMF could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality...

CVE-2025-29937

The CVE-2025-29937 entry concerns an out-of-bounds read in the AMD Platform Management Framework (PMF) . The vulnerability could allow a local attacker to read an arbitrary memory location, potentially impacting availability and confidentiality. AMD PSIRT metrics indicate CVSSv4.0 base score 5.8 ...

CVE-2025-29937

An out of bounds read within the AMD Platform Management Framework PMF could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality...

EUVD-2025-209867

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...

CVE-2025-0028

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to read or modify an arbitrary address potentially resulting in loss of confidentiality, integrity, or availability...

PT-2026-41249

An out of bounds read within the AMD Platform Management Framework PMF could allow an attacker to trigger a read of an arbitrary memory location potentially resulting in loss of availability or confidentiality...

PT-2026-41242

Improper Input Validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location potentially resulting in privilege escalation and arbitrary code execution...

AMD RAID Driver Vulnerability

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2024-21962| Improper input validation in the AMD RAID driver could allow an attacker to point to an arbitrary memory location, potentially resulting in privilege escalation and arbitrary code...

CVE-2026-31244

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories/memoryid. The endpoint allows unauthenticated users to delete arbitrary memory records without verifying their identity or permissions. A remote attacker can exploit this by...

CVE-2026-40003

CVE-2026-40003 describes a USB-based arbitrary memory write vulnerability in the ZTE ZX297520V3 BootROM. The issue arises from lack of target address validation in the USB download mode, allowing writes to arbitrary locations in BootROM runtime memory. Potential consequences, as stated, include o...

CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

ZTE ZX297520V3 缓冲区错误漏洞

ZTE ZX297520V3 is an industrial-grade 4G module from ZTE Corporation. The ZTE ZX297520V3 has a buffer error vulnerability. This vulnerability stems from the lack of target address verification in the USB download mode, which may allow arbitrary memory writes. As a result, it can overwrite the...

CVE-2026-37534

Integer underflow vulnerability in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadTransportProtocolDataTransfer,allows attackers to write to arbitrary memory via crafted sequence number from the CAN frame...