16 matches found
CVE-2026-9274
This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...
CVE-2025-58410 GPU DDK - Multiple calls into PhysmemGEMPrimeExport can inherit write access permission for an existing read-only dma_buf import PMR
Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource...
XNU VM_BEHAVIOR_ZERO_WIRED_PAGES Read-Only Write
XNU VMBEHAVIORZEROWIREDPAGES suffers from a flaw that allows writing to read-only pages...
CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An incorrect memory address protection vulnerability exists in the Huawei HarmonyOS HUKS module, which can be exploited by an attacker to cause availability ...
SUSE CVE-2019-0117
Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR XeonR Processor E3-1500 v5, v6 Families; IntelR XeonR E-2100 & E-2200 Processor Families with IntelR Processor Graphics may allow a privileged user t...
grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled
A flaw was found in grub2. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this...
CVE-2019-0159
Insufficient memory protection in the Linux Administrative Tools for IntelR Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-11096
Insufficient memory protection for IntelR Ethernet I218 Adapter driver for Windows 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access...
hw: Intel SGX information leak
A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...
The vulnerability of the microprogram code of the NCR S1 dispenser controller, related to deficiencies in the memory writing mechanism’s protection, allows a intruder to execute arbitrary code or lower the version of the device’s firmware.
The vulnerability of the microprogram code of the NCR S1 dispenser controller is related to insufficient protection of the memory writing mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code or downgrade the device’s firmware to a outdated version with known...
AMD Ryzen, Ryzen Pro and Ryzen Mobile File Write Vulnerability
AMD Ryzen, Ryzen Pro, and Ryzen Mobile are central processing unit CPU products from AMD in the United States. A security vulnerability exists in AMD Ryzen, Ryzen Pro, and Ryzen Mobile, which arises from a program that makes it difficult to perform adequate access control on the Secure Processor...
DEBIAN-CVE-2017-7889
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...
The vulnerability of the Internet Explorer browser allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Internet Explorer browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the process’s memory through a specially crafted web page...
The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.
The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...
The vulnerability of the iOS operating system, which allows a perpetrator to gain access to protected information stored in memory
The vulnerability of the IOAcceleratorFamily component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information stored in memory through a specially...