CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

Astra Linux - уязвимость в chromium

A heap buffer overflow in Dawn in Google Chrome prior to version 125.0.6422.76 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...

SUSE-SU-2026:21372-1 Security update for openexr

This update for openexr fixes the following issues: - CVE-2026-34379: misaligned memory write during file decoding can cause a denial of service bsc1261621. - CVE-2026-34380: lack of proper check can lead to integer overflow in image decoding bsc1261622. - CVE-2026-34588: crafted EXR file can lea...

EUVD-2025-206683

Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset is used to determine...

CVE-2021-22327

There is an arbitrary memory write vulnerability in Huawei smart phone when processing file parsing. Due to insufficient validation of the input files, successful exploit could cause certain service abnormal. Affected product versions include:HUAWEI P30 versions 10.0.0.186C10E7R5P1,...

CVE-2019-16900

Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV starting at MSVCR90!memcpy+0x000000000000015c...

CVE-2025-15359

Delta Electronics DVP-12SE11T PLC is affected by CVE-2025-15359, caused by an out-of-bounds memory write in the device. This vulnerability can enable unauthorized access and denial-of-service, with some reports suggesting possible remote code execution. Vendors addressed the issue via firmware up...

PT-2025-53860

Name of the Vulnerable Software and Affected Versions DVP-12SE11T affected versions not specified Description The issue is an out-of-bounds memory write affecting the DVP-12SE11T device. Exploitation may allow a remote attacker to disclose protected information and cause a denial of service. Some...

EUVD-2014-9452

Malware in sbrugna...

EUVD-2020-30649

Malware in sbrugna...

EUVD-2021-27211

Malware in sbrugna...

EUVD-2021-27218

Malware in sbrugna...

CVE-2025-61588

RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in th...

EUVD-2024-36080

Malicious code in bioql PyPI...

EUVD-2025-9956

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-9400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory...

Linux Distros Unpatched Vulnerability : CVE-2018-6144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in PDFium in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file...

CVE-2025-26403

Out-of-bounds write in the memory subsystem for some IntelR XeonR 6 processors when using IntelR SGX or IntelR TDX may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-42385

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters...