Lucene search
K

1071 matches found

Cvelist
Cvelist
added 2026/01/15 12:0 a.m.28 views

CVE-2025-67246

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...

0.0014EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.8 views

PT-2026-3059

Name of the Vulnerable Software and Affected Versions Ludashi driver versions prior to 5.1025 Description A local information disclosure issue exists in the Ludashi driver due to insufficient access control within the IOCTL handler. The driver provides a device interface accessible to standard...

7.3CVSS5.6AI score0.0014EPSS
Exploits1References4
OSV
OSV
added 2026/01/13 5:15 p.m.5 views

CVE-2025-58409

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

3.5CVSS5.9AI score0.00132EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 4:37 p.m.12 views

CVE-2025-58409

CVE-2025-58409 is a GPU driver vulnerability affecting Imagination Technologies’ GPU driver/Imagination Graphics DDK. The issue arises when an unprivileged user performs improper GPU system calls, subverting GPU hardware to write to arbitrary physical memory pages. Under certain conditions this c...

3.5CVSS6.2AI score0.00132EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/13 4:37 p.m.4 views

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

6.2AI score0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.5 views

PT-2026-2471

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

6.5AI score0.00132EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.8 views

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a security vulnerability that originates from the possibility that an unprivileged user may make improper GPU system calls to corrupt the GPU hardware to write arbitrary physical...

3.5CVSS5.9AI score0.00132EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.10 views

CVE-2019-2250

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130...

7.8CVSS7.4AI score0.00208EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:8 a.m.7 views

CVE-2019-20537

An issue was discovered on Samsung mobile devices with P9.0 TEEGRIS and Qualcomm chipsets. There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 November 2019...

10CVSS7.8AI score0.00831EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.6 views

CVE-2020-10860

An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service AvastSvc.exe...

7.5CVSS7AI score0.02033EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:52 a.m.7 views

CVE-2020-10836

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 February 2020...

9.8CVSS7.2AI score0.00449EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.9 views

CVE-2021-27425

Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

9.8CVSS7.6AI score0.01529EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.14 views

CVE-2022-23428

An improper boundary check in edenruntime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

8.4CVSS7.1AI score0.00152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.11 views

CVE-1999-0401

A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files...

3.7CVSS6.7AI score0.00308EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/01/05 6:7 p.m.5 views

libtiff: Libtiff Write-What-Where

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

8.8CVSS7.6AI score0.00739EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/01/05 5:40 p.m.4 views

libtiff: Libtiff Write-What-Where

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controll...

8.8CVSS7.6AI score0.00739EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.4 views

MSI Motherboards 安全漏洞

MSI Motherboards are a line of motherboards from Taiwan, China-based Micro-Star MSI. A security vulnerability exists in MSI Motherboards that stems from not properly enabling the IOMMU, which could allow an unauthenticated physical attacker to read or write arbitrary physical memory before the...

7CVSS6.8AI score0.00314EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/27 4:10 p.m.6 views

CVE-2025-33192

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service...

5.7CVSS6.8AI score0.00124EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/27 12:0 a.m.3 views

AMD uProf Input Validation Improperity Vulnerability

AMD uProf is a suite of performance analysis tools from AMD for analyzing the performance of x86 architecture applications on Windows, Linux and FreeBSD systems. AMD uProf suffers from an improper input validation vulnerability that can be exploited by an attacker to write to arbitrary physical...

5.5CVSS6.8AI score0.00097EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 6:15 p.m.5 views

CVE-2025-33192

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause an arbitrary memory read. A successful exploit of this vulnerability might lead to denial of service...

5.7CVSS0.00124EPSS
Exploits0References3
Rows per page
Query Builder