CVE-2026-11281

Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. Chromium security severity: Low...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, from version 5.19.9 onwards, the drivers/scsi/stex.c file allows local users to access sensitive information from kernel memory. This occurs because the stexqueuecommandlck function lacks a memset for the PASSTHRUCMD case...

CVE-2023-20601

CVE-2023-20601 affects the RAS TA Driver. The issue is improper input validation that can allow a local attacker to read/write out-of-bounds memory, potentially causing a denial-of-service. Red Hat and NVD entries corroborate the vulnerability description; exploitation is local and implies elevat...

About Information Disclosure – Desktop Window Manager (CVE-2026-20805) vulnerability

About Information Disclosure - Desktop Window Manager CVE-2026-20805 vulnerability. Desktop Window Manager is a compositing window manager that has been part of Windows since Windows Vista. Exploitation of the vulnerability, which was addressed in the January Microsoft Patch Tuesday, allows a loc...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000737)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000737 advisory. The atalkrecvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000848)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000848 advisory. The overriderelease function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a unam...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002296 advisory. arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002059)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002059 advisory. The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local...

EUVD-2025-50796

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-21068

Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory...

CVE-2025-21066

Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory...

CVE-2025-21068

Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory...

EUVD-2025-33678

Out-of-bounds read in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to potentially access out-of-bounds memory...

CVE-2025-20992

CVE-2025-20992 affects libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1. The vulnerability is an out-of-bounds read that enables local attackers to read memory beyond bounds. Affected software is libsecimaging.camera.samsung.so, with impact described as local read access and no ind...

CVE-2021-38150

When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the...

CVE-2025-20887

CVE-2025-20887 refers to an out-of-bounds read in the svp8t table accessed by libsthmbc.so, affected on Samsung Mobile devices prior to SMR Jan-2025 Release 1. Local attackers can read arbitrary memory with user interaction required to trigger the issue. The vulnerability is documented across mul...

CVE-2024-34634

Out-of-bounds read in parsing connected object list in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

CVE-2024-34635

Out-of-bounds read in parsing textbox object in Samsung Notes prior to version 4.4.21.62 allows local attacker to access unauthorized memory...

PT-2024-26044 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.21.62 Description: The issue is related to an out-of-bounds read in the parsing implementation, which could allow local attackers to potentially read memory. Recommendations: For versions prior to 4.4.21.62...

IEIT NF5280M6 安全漏洞

The IEIT NF5280M6 is a UEFI boot firmware from China Wave Information IEIT. A security vulnerability exists in the IEIT NF5280M6 version 8.4 and earlier, which stems from improper function usage and a pool overflow vulnerability that could lead to tampering of memory data by an attacker with acce...