CVE-2026-40003

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

CVE-2025-29938

CVE-2025-29938 affects AMD Platform Management Framework (PMF). The issue is an unchecked return value that could allow an attacker to write to an arbitrary memory address, potentially causing denial of service or arbitrary code execution. CVSS:4.0 (AV:L/AC:L/PR:L/UI:N/S:C/VC:N/VI:L/VA:H/SC:H/SI:...

CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

ZTE ZX297520V3 缓冲区错误漏洞

ZTE ZX297520V3 is an industrial-grade 4G module from ZTE Corporation. The ZTE ZX297520V3 has a buffer error vulnerability. This vulnerability stems from the lack of target address verification in the USB download mode, which may allow arbitrary memory writes. As a result, it can overwrite the...

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

bareiron 安全漏洞

Bareiron is a Minecraft game server developed by the P2R3 individual developer. Bareiron has a security vulnerability, which stems from the existence of arbitrary memory write conditions, potentially allowing unverified attackers to execute arbitrary code...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the pgtrgm due to lower-casing. An attacker can write arbitrary byte patterns onto server memory by submitting a specially crafted input string. This may potentially lead to privilege escalation or other...

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

AMD uProf Input Validation Improperity Vulnerability

AMD uProf is a suite of performance analysis tools from AMD for analyzing the performance of x86 architecture applications on Windows, Linux and FreeBSD systems. AMD uProf suffers from an improper input validation vulnerability that can be exploited by an attacker to write to arbitrary physical...

Advisory ROSA-SA-2025-3034

software: opencv 4.10.0 AXIS: ROSA-CHROME affected versions: None CVE-ID: CVE-2025-53644 BDU-ID: None CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in OpenCV 4.10.0 and 4.11.0 is the use of an uninitialized pointer when processing JPEGs, which can lead to arbitrary memory writes. CVE-STATUS: Not...

EUVD-2025-21141

Malicious code in bioql PyPI...

ROS-20250904-01

A vulnerability in the converter program that converts man pages to HTML man2html format is related to overwriting the the size parameter in the top fragment of the heap. Exploitation of the vulnerability could allow an attacker to perform an arbitrary writing to any memory location in the progra...

PT-2025-32958

Name of the Vulnerable Software and Affected Versions: Tcg2Smm affected versions not specified Description: Tcg2Smm contains a flaw that allows writing arbitrary memory inside SMRAM and executing arbitrary code at the SMM level. Recommendations: At the moment, there is no information about a newe...

GIGABYTE Chipsets 安全漏洞

GIGABYTE Chipsets is a series of chipsets open-sourced by GIGABYTE of Taiwan, China. A security vulnerability exists in GIGABYTE Chipsets that originates from an unverified pointer and could lead to arbitrary memory writes and elevation of privilege...

ESP-IDF 数字错误漏洞

ESP-IDF is an Espressif open source development framework for Espressif SoCs supported on Windows, Linux and macOS. A numeric error vulnerability exists in ESP-IDF versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6, which stems from an integer underflow in the ESP-NOW protocol implementation that could lead...

TencentOS Server 2: nss (TSSA-2023:0035)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0035 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0094: nss (ALINUX3-SA-2023:0094)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0094 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0767: An attacker could construct a PKCS 1...

Amazon Linux 2 : firefox (ALASFIREFOX-2023-007)

The version of firefox installed on the remote host is prior to 102.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-007 advisory. firefox-esr , thunderbird and nss only are affected by this package. CVE-2023-0767 The Mozilla Foundation Security...

Code injection

An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via PKCS 12 Safe Bag attributes being mishandled. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...