CVE-2025-54874 OpenJPEG allows OOB heap memory write in opj_jp2_read_header

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874

OpenJPEG (JPEG 2000 codec) contains a vulnerability CVE-2025-54874: in OpenJPEG 2.5.1–2.5.3, a call to opj_jp2_read_header may cause an out-of-bounds heap write when the data stream is too short and p_image is not initialized. This is referenced across multiple security advisories and vendors (Ub...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

CVE-2025-54874

OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...

OESA-2025-1915 polkit security update

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. Security Fixes: A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggere...

Imagination GPU Driver 安全漏洞

Imagination GPU Driver is a graphics driver from Imagination. A security vulnerability exists in Imagination GPU Driver that originates from the possibility that an unprivileged user may make improper GPU system calls that result in writing arbitrary physical memory pages, potentially corrupting...

CVE-2025-7027 SMM Arbitrary Write via Dual-Controlled Pointers in CommandRcx1

A vulnerability in the Software SMI handler SwSmiInputValue 0xB2 allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable SetupXtuBufferAddress, while the write content is read from a...

CVE-2025-20982

Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

VulnCheck KEV: CVE-2014-3931

fastping.c in MRLG aka Multi-Router Looking Glass before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory corruption...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the composing size in the vivid driver, which could lead to out-of-bounds writes...

USN-7589-1 gnuplot vulnerabilities

Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a denial of service or arbitrary code execution. These issues on...

SUSE CVE-2022-50097

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the value of 'screensize' is calculated by the user input. If the user provides the improper value, the value of 'screensize' may larger tha...

CVE-2025-38074

CVE-2025-38074 affects the Linux kernel vhost-scsi path used by virtio-scsi/QEMU. The root cause is a race where vq->log_base can be accessed after vq->log_used is set to false, because the completion path may evaluate log_used and then access log_base before proper synchronization. The fix...

TencentOS Server 4: nss (TSSA-2024:0636)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0636 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-3052

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability...

VulnCheck KEV: CVE-2025-0286

Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine...

Samsung S24 VC1 Decoder Out-Of-Bounds Write

There is an out-of-bounds write to a heap buffer in the Samsung S24 VC1 decoder. The function svc1drrfrm can write outside of the allocated frame buffers in several locations due to incorrect calculations of buffer offsets...

CVE-2025-25179 GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

CVE-2024-20873

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory...