Lucene search
K

155 matches found

NVD
NVD
added 2025/04/08 6:16 p.m.12 views

CVE-2025-27732

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

7CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 5:23 p.m.101 views

CVE-2025-27484

CVE-2025-27484 affects Windows Universal Plug and Play (UPnP) Device Host. The issue is described as sensitive data storage in improperly locked memory, enabling an authorized attacker to elevate privileges over the network. Public details in connected docs indicate the vulnerability impacts the ...

7.5CVSS7.1AI score0.00704EPSS
Exploits0References1Affected Software15
Microsoft CVE
Microsoft CVE
added 2025/04/08 7:0 a.m.15 views

Windows Update Stack Elevation of Privilege Vulnerability

Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...

7CVSS6.9AI score0.0032EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/08 6:22 a.m.7 views

CVE-2025-20916

Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory...

7.5CVSS6.7AI score0.00255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/06 12:0 a.m.5 views

PT-2025-9890 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read when applying binary of video content. This allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71,...

7.5CVSS6.3AI score0.00255EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/03/06 12:0 a.m.5 views

PT-2025-9891 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read in action link data, which allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71, update to version...

7.5CVSS6.2AI score0.00255EPSS
Exploits0References4
Amazon
Amazon
added 2025/03/06 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup CVE-2024-39472 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...

8.4CVSS7AI score0.0032EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-21499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger...

6.7CVSS6.7AI score0.00612EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/14 12:26 a.m.7 views

CVE-2023-20508

Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability...

5CVSS6.8AI score0.00131EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.1 views

Astra Linux – Vulnerability in APR

The lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users to read access to named shared memory segments, potentially exposing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr.h. Users...

5.5CVSS6.6AI score0.00332EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:10 p.m.9 views

CVE-2020-11284

Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructur...

8.4CVSS7.2AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:8 a.m.5 views

CVE-2024-4640

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...

8.2CVSS7.2AI score0.00393EPSS
Exploits0
NVD
NVD
added 2025/01/11 1:15 p.m.10 views

CVE-2024-57793

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possible for the untrusted host to cause setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers...

5.5CVSS0.00189EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/16 2:56 p.m.9 views

CVE-2024-12668 Velocidex WinPmem Out of Bounds Write Vulnerability

Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the...

8.2CVSS8AI score0.00208EPSS
Exploits0References1
CNVD
CNVD
added 2024/10/13 12:0 a.m.8 views

Code execution vulnerability in multiple Mozilla products (CNVD-2024-46830)

Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...

8.8CVSS7.9AI score0.00552EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.3 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 131, which stemmed from the inclusion of a memory security hole...

9.8CVSS8.2AI score0.00614EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/10/01 12:0 a.m.4 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 131, which stemmed from the inclusion of a memory security hole...

9.8CVSS8.8AI score0.00738EPSS
Exploits0References9
Redos
Redos
added 2024/09/20 12:0 a.m.686 views

ROS-20240920-09

Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...

7.8AI score0.00536EPSS
Exploits0
NVD
NVD
added 2024/09/17 12:15 a.m.23 views

CVE-2024-40790

The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory...

5.5CVSS0.00229EPSS
Exploits0References2
OSV
OSV
added 2024/09/10 3:15 p.m.2 views

CVE-2024-35282

A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...

4.6CVSS5.8AI score0.00165EPSS
Exploits0References1
Rows per page
Query Builder