Lucene search
K

16 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/25 9:19 a.m.12 views

CVE-2026-9274

This vulnerability exists in CP Plus Wi-Fi Camera due to improper protection of sensitive information in runtime memory. An attacker with physical access could exploit this vulnerability by accessing the UART interface and performing memory extraction to obtain sensitive information, including...

5.2CVSS5.8AI score0.00125EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/17 4:57 p.m.10 views

CVE-2025-58410 GPU DDK - Multiple calls into PhysmemGEMPrimeExport can inherit write access permission for an existing read-only dma_buf import PMR

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource...

0.00246EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/06/25 12:0 a.m.3 views

XNU VM_BEHAVIOR_ZERO_WIRED_PAGES Read-Only Write

XNU VMBEHAVIORZEROWIREDPAGES suffers from a flaw that allows writing to read-only pages...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:23 p.m.4 views

CVE-2022-39854

Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory...

7.8CVSS7.5AI score0.00076EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/08 12:0 a.m.5 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An incorrect memory address protection vulnerability exists in the Huawei HarmonyOS HUKS module, which can be exploited by an attacker to cause availability ...

7.5CVSS6.7AI score0.00193EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:19 a.m.1 views

SUSE CVE-2019-0117

Insufficient access control in protected memory subsystem for IntelR SGX for 6th, 7th, 8th, 9th Generation IntelR CoreTM Processor Families; IntelR XeonR Processor E3-1500 v5, v6 Families; IntelR XeonR E-2100 & E-2200 Processor Families with IntelR Processor Graphics may allow a privileged user t...

4.4CVSS5.1AI score0.00415EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/03/02 7:19 p.m.3 views

grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

A flaw was found in grub2. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this...

7.5CVSS5.7AI score0.0039EPSS
Exploits0References4
OSV
OSV
added 2019/12/16 8:15 p.m.6 views

CVE-2019-0159

Insufficient memory protection in the Linux Administrative Tools for IntelR Network Adapters before version 24.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS5.8AI score0.00372EPSS
Exploits0References1
OSV
OSV
added 2019/12/16 8:15 p.m.2 views

CVE-2019-11096

Insufficient memory protection for IntelR Ethernet I218 Adapter driver for Windows 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.1AI score0.00338EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2019/11/12 10:45 p.m.3 views

hw: Intel SGX information leak

A flaw was found in the implementation of SGX around the access control of protected memory. This flaw allows a local attacker of a system with SGX enabled and an affected intel GPU with the ability to execute code to interpret the contents of the SGX protected memory...

4.4CVSS6.5AI score0.00415EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.7 views

The vulnerability of the microprogram code of the NCR S1 dispenser controller, related to deficiencies in the memory writing mechanism’s protection, allows a intruder to execute arbitrary code or lower the version of the device’s firmware.

The vulnerability of the microprogram code of the NCR S1 dispenser controller is related to insufficient protection of the memory writing mechanism. Exploiting this vulnerability could allow an attacker to execute arbitrary code or downgrade the device’s firmware to a outdated version with known...

7.8CVSS7.7AI score0.01246EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2018/03/28 12:0 a.m.5 views

AMD Ryzen, Ryzen Pro and Ryzen Mobile File Write Vulnerability

AMD Ryzen, Ryzen Pro, and Ryzen Mobile are central processing unit CPU products from AMD in the United States. A security vulnerability exists in AMD Ryzen, Ryzen Pro, and Ryzen Mobile, which arises from a program that makes it difficult to perform adequate access control on the Secure Processor...

9.3CVSS6.8AI score0.01717EPSS
Exploits0References1
OSV
OSV
added 2017/04/17 12:59 a.m.3 views

DEBIAN-CVE-2017-7889

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIGSTRICTDEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte and bypass slab-allocation access restrictions via an application that opens the...

7.8CVSS7.6AI score0.00308EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/04/06 12:0 a.m.9 views

The vulnerability of the Internet Explorer browser allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Internet Explorer browser is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to obtain confidential information from the process’s memory through a specially crafted web page...

4.3CVSS6.3AI score0.3962EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/03/31 12:0 a.m.12 views

The vulnerability of the Windows operating system allows a perpetrator to obtain confidential information from the process memory.

The vulnerability of the Uniscribe component of the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, acting remotely, to obtain confidential information from the process’s memory through a specially crafted web...

4.3CVSS5.8AI score0.42124EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2015/10/05 12:0 a.m.8 views

The vulnerability of the iOS operating system, which allows a perpetrator to gain access to protected information stored in memory

The vulnerability of the IOAcceleratorFamily component in the iOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain access to protected information stored in memory through a specially...

4.3CVSS5.4AI score0.0145EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder