CVE-2026-8070

Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security...

EUVD-2026-33150

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

PT-2026-44743

Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting in unauthorized read and write access to physical memory.Refer to the ' Security Update for Armoury Crate App ' section on the ASUS Security...

CVE-2026-9908

Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-44830

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...

EUVD-2026-32520

Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when APITOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authentication for all HTTP requests. Combined with the default 0.0.0.0 host binding and CORS alloworigins="",...

Realtek rtl819x - Local Privilege

Exploit Title: Realtek rtl819x - Local Privilege Escalation Date: 2026-05-03 Exploit Author: Daniil Gordeev Vendor Homepage: http://www.realtek.com Software Link: https://github.com/iptime-gpl/userappsn104qi representative GPL release Version: Realtek rtl819x Jungle SDK, all known versions throug...

CVE-2023-31317

The CVE-2023-31317 issue affects the AMD Secure Processor (ASP). It is described as an improper restriction of operations within the bounds of a memory buffer, which could allow a local attacker to read or write to protected memory and potentially achieve arbitrary code execution. The AMD vulnera...

EUVD-2026-27325

The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK all known versions through v3.4.14B does not perform any access control checks on the writemem ioctl 0x89F5 and readmem ioctl 0x89F6 debug handlers, which are compiled into production builds via the unconditionally defined...

PT-2026-37043

Name of the Vulnerable Software and Affected Versions Realtek rtl819x Jungle SDK versions prior to v3.4.14B Description The rtl8192cd Wi-Fi kernel driver fails to perform access control checks on the write mem ioctl 0x89F5 and read mem ioctl 0x89F6 debug handlers. These handlers are included in...

CVE-2026-36355

The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x Jungle SDK all known versions through v3.4.14B does not perform any access control checks on the writemem ioctl 0x89F5 and readmem ioctl 0x89F6 debug handlers, which are compiled into production builds via the unconditionally defined...

Astra Linux - уязвимость в firefox

An attacker could have caused a use-after-free in the JavaScript engine, allowing them to read memory from the JavaScript string section of the heap. This vulnerability affects Firefox versions earlier than 127...

JLSEC-2026-35

A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server settings include...

PT-2026-29650

CVE-2026-32929 V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get macro mem COM. Opening a crafted V7 file may lead to information disclosure from the… https://t.co/VzwAV69g6I...

Security Bulletin: Vulnerability in openssl library (CVE-2025-9230) affects Power HMC.

Summary The openssl library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-9230 DESCRIPTION: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an...

EUVD-2026-10751

Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a...

CVE-2026-3437

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

PT-2026-22767

An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this...

SUSE CVE-2026-25941

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001487)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001487 advisory. In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted e.g., because of type confusion and consequently an unprivileged BPF progra...