CVE-2025-4276

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4277

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4276

UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4277 Tcg2Smm: improper input validation may lead to arbitrary code execution

Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level...

CVE-2025-4277

CVE-2025-4277 is described across multiple sources as a vulnerability in InsydeH2O firmware (Tcg2Smm) that can write arbitrary memory inside SMRAM and execute arbitrary code at the SMM level. The root cause indicated in CVE records is improper input handling/execution flow that enables arbitrary ...

CVE-2025-4276

CVE-2025-4276 affects UsbCoreDxe (EFI/UEFI) and related InsydeH2O implementations. The vulnerability stems from an ability to write to arbitrary memory in SMRAM, enabling arbitrary code execution at System Management Mode (SMM). Reported impact is execution of code with SMM privileges and potenti...

InsydeH2O 安全漏洞

InsydeH2O is a customizable firmware codebase from China Insyde Insyde. A security vulnerability exists in InsydeH2O, which can be exploited to write to arbitrary memory in SMRAM and execute arbitrary code at the SMM level...

Insyde InsydeH2O 安全漏洞

Insyde InsydeH2O is a new EFI/UEFI specification from Insyde China. It is intended to replace the traditional BIOS Basic Input/Output System. A security vulnerability exists in Insyde InsydeH2O that originates from the ability to write to arbitrary memory in SMRAM and execute arbitrary code at th...

CVE-2025-26403

Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

ALPINE-CVE-2025-26403

Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

Linux Distros Unpatched Vulnerability : CVE-2025-37947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: prevent out-of-bounds stream writes by validating pos ksmbdvfsstreamwrite did not validate whether the write offset pos was within the bounds of the...

Linux Distros Unpatched Vulnerability : CVE-2018-1068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a...

Linux Distros Unpatched Vulnerability : CVE-2021-4157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out of memory bounds write flaw 1 or 2 bytes of memory in the Linux kernel NFS subsystem was found in the way users use mirroring replication of files with...

Linux Distros Unpatched Vulnerability : CVE-2020-0009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In calcvmmayflags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privileg...

Linux Distros Unpatched Vulnerability : CVE-2022-1943

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers...

Linux Distros Unpatched Vulnerability : CVE-2020-14305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port...

CVE-2025-21017

Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory...

ALPINE-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

DEBIAN-CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...