155 matches found
CVE-2025-27732
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...
CVE-2025-27484
CVE-2025-27484 affects Windows Universal Plug and Play (UPnP) Device Host. The issue is described as sensitive data storage in improperly locked memory, enabling an authorized attacker to elevate privileges over the network. Public details in connected docs indicate the vulnerability impacts the ...
Windows Update Stack Elevation of Privilege Vulnerability
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-20916
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory...
PT-2025-9890 · Samsung · Samsung Notes
Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read when applying binary of video content. This allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71,...
PT-2025-9891 · Samsung · Samsung Notes
Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read in action link data, which allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71, update to version...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfs: fix log recovery buffer allocation for the legacy hsize fixup CVE-2024-39472 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In...
Linux Distros Unpatched Vulnerability : CVE-2022-21499
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger...
CVE-2023-20508
Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability...
Astra Linux – Vulnerability in APR
The lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users to read access to named shared memory segments, potentially exposing sensitive application data. This issue does not affect non-Unix platforms, or builds with APRUSESHMEMSHMGET=1 apr.h. Users...
CVE-2020-11284
Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructur...
CVE-2024-4640
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...
CVE-2024-57793
In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possible for the untrusted host to cause setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers...
CVE-2024-12668 Velocidex WinPmem Out of Bounds Write Vulnerability
Velocidex WinPmem versions below 4.1 suffer from an Out of Bounds Write vulnerability. By using an IO Control, a user space program can trick the driver into writing a 0 into any chosen memory location. In conjunction with information leakage from the WinPmem driver, attackers can discover the...
Code execution vulnerability in multiple Mozilla products (CNVD-2024-46830)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. A code execution vulnerability exists in several Mozilla products, which...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 131, which stemmed from the inclusion of a memory security hole...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability previously existed in Mozilla Firefox version 131, which stemmed from the inclusion of a memory security hole...
ROS-20240920-09
Vulnerability in Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird email client is related to memory security flaws. with memory security flaws. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code. remotely to execute arbitrary code...
CVE-2024-40790
The issue was addressed with improved handling of caches. This issue is fixed in visionOS 2. An app may be able to read sensitive data from the GPU memory...
CVE-2024-35282
A cleartext storage of sensitive information in memory vulnerability CWE-316 affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain...