1071 matches found
CVE-2025-67246
A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...
PT-2026-3059
Name of the Vulnerable Software and Affected Versions Ludashi driver versions prior to 5.1025 Description A local information disclosure issue exists in the Ludashi driver due to insufficient access control within the IOCTL handler. The driver provides a device interface accessible to standard...
CVE-2025-58409
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...
CVE-2025-58409
CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...
CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...
PT-2026-2471
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...
Imagination Graphics DDK 安全漏洞
Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a security vulnerability that originates from the possibility that an unprivileged user may make improper GPU system calls to corrupt the GPU hardware to write arbitrary physical...
CVE-2019-2250
Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130...
CVE-2019-20537
An issue was discovered on Samsung mobile devices with P9.0 TEEGRIS and Qualcomm chipsets. There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 November 2019...
CVE-2020-10860
An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service AvastSvc.exe...
CVE-2020-10836
An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 February 2020...
CVE-2021-27425
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2022-23428
An improper boundary check in edenruntime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...
CVE-1999-0401
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files...
libtiff: Libtiff Write-What-Where
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...
libtiff: Libtiff Write-What-Where
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...
MSI Motherboards 安全漏洞
MSI Motherboards are a line of motherboards from Taiwan, China-based Micro-Star MSI. A security vulnerability exists in MSI Motherboards that stems from not properly enabling the IOMMU, which could allow an unauthenticated physical attacker to read or write arbitrary physical memory before the...
CVE-2025-33192
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service...
AMD uProf Input Validation Improperity Vulnerability
AMD uProf is a suite of performance analysis tools from AMD for analyzing the performance of x86 architecture applications on Windows, Linux and FreeBSD systems. AMD uProf suffers from an improper input validation vulnerability that can be exploited by an attacker to write to arbitrary physical...
CVE-2025-33192
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service...