CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

CVE-2025-58407

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

CVE-2025-58407

CVE-2025-58407 concerns Imagination Technologies GPU DDK/driver software used in a Guest VM. The vulnerability is a TOCTOU race in the GPU firmware interaction (psFWMemContext->uiPageCatBaseRegSet) that could allow reading and/or writing data outside the allotted memory, enabling escape from t...

CVE-2025-58407 GPU DDK - TOCTOU bug affecting psFWMemContext->uiPageCatBaseRegSet

Kernel or driver software installed on a Guest VM may post improper commands to the GPU Firmware to exploit a TOCTOU race condition and trigger a read and/or write of data outside the allotted memory escaping the virtual machine...

The vulnerability of the Teamcenter Visualization product’s lifecycle management system lies in the fact that operations can escape out of the buffer into memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Teamcenter Visualization product’s lifecycle management system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the nf_conntrack_dccp_packet() function in the net/netfilter/nf_conntrack_proto_dccp.c module of the Linux operating system allows a hacker to gain access to protected information.

The vulnerability of the nfconntrackdccppacket function in the net/netfilter/nfconntrackprotodccp.c module of the Linux kernel is related to the escape of allocated memory from the protected area. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the Adobe Photoshop graphic editor arises from an operation that allows data to escape out of the buffer area in memory, enabling a hacker to disclose protected information.

The vulnerability of the Adobe Photoshop graphic editor arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the software...

SolarWinds Serv-U Remote Code Execution Vulnerability

SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution...

Vulnerabilities fixed in Microsoft Windows

Microsoft has fixed vulnerabilities in Windows and Hyper-V. The vulnerabilities potentially enable a malicious party to launch attacks execute attacks that lead to the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Bypassing authentication Circumvention of securit...

Serv-U FTP Server <= 15.2.3 Hotfix 1 Memory Escape Vulnerability

According to its banner, the installed version of Serv-U is a version prior to 15.2.3 Hotfix 2. It is, therefore, affected memory escape vulnerability. An unauthenticated remote attacker who successfully exploited this vulnerability could run arbitrary code with privileges, which could then insta...

CVE-2021-35211

Microsoft discovered a remote code execution RCE vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U...

CVE-2021-35211

Microsoft discovered a remote code execution RCE vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U...

CVE-2021-35211 Serv-U Remote Memory Escape Vulnerability

Microsoft discovered a remote code execution RCE vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U...

CVE-2021-35211

CVE-2021-35211 affects SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows prior to 15.2.3 HF2. The connected PoC exploit documents an out-of-bounds write path leading to remote code execution, with targets around Serv-U version 15.2.3 (examples cite 15.2.3.717). Exploitatio...

VulnCheck KEV: CVE-2021-35211

SolarWinds Serv-U contains an unspecified memory escape vulnerability which can allow for remote code execution...