68 matches found
CVE-2024-42385
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters...
CVE-2025-31173
Memory write permission bypass vulnerability in the kernel futex module Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-31173
CVE-2025-31173 corresponds to a memory write permission bypass in the kernel futex module, with Huawei HarmonyOS repeatedly identified as affected. Descriptions across CNVD/CNNVD and related feeds indicate a privilege-bypass in the kernel futex path that can impact service confidentiality, with s...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a privilege bypass vulnerability that originates from a kernel futex module memory write privilege bypass, which can be exploited by an attacker to affect service confidentiality...
CVE-2022-27835
Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write...
CVE-2024-36432
An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, and X11PDG-SN motherboards with BIOS firmware before 4.4...
Ivanti EPM Out-of-Bounds Write Vulnerability (CNVD-2025-30751)
Ivanti EPM is a comprehensive endpoint management solution developed by Ivanti. Ivanti EPM suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to cause a denial of service...
PT-2024-17709 · Velocidex · Velocidex Winpmem
Name of the Vulnerable Software and Affected Versions: Velocidex WinPmem versions below 4.1 Description: The issue allows a user space program to trick the driver into writing a 0 into any chosen memory location by using an IO Control. In conjunction with information leakage from the WinPmem...
Google Chrome integer overflow vulnerability (CNVD-2024-39740)
Google Chrome is a web browser from Google, an American company. An integer overflow vulnerability exists in Google Chrome versions prior to 129.0.6668.70, which can be exploited by remote attackers to perform out-of-bounds memory writes via specially crafted HTML pages...
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to memory-related write operations. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...
Various Supermicro products Security breaches
The SuperMicro X11DPH-T and others are a motherboard from SuperMicro, Inc. A security vulnerability exists in various Supermicro products, which originates from an arbitrary memory write vulnerability on the motherboard. The affected products are as follows: SuperMicro X11DPH-T, SuperMicro...
Various Supermicro products Security breaches
The SuperMicro X11DPG-HGX2 and others are a motherboard from SuperMicro, Inc. A security vulnerability exists in various Supermicro products, which stems from an arbitrary memory write vulnerability on the motherboard. The affected products are as follows: X11DPG-HGX2, X11PDG-QT, X11PDG-OT and...
PT-2024-5266 · Supermicro · Supermicro X11Dpg-Hgx2 +2
Name of the Vulnerable Software and Affected Versions: Supermicro X11DPG-HGX2 versions prior to BIOS firmware 4.4 Supermicro X11PDG-QT versions prior to BIOS firmware 4.4 Supermicro X11PDG-OT versions prior to BIOS firmware 4.4 Supermicro X11PDG-SN versions prior to BIOS firmware 4.4 Description:...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices prior to SMR Apr-2024 Release 1, which stems from an out-of-bounds write when freeing memory...
openSUSE: Security Advisory for xorg (SUSE-SU-2023:4925-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The vulnerability of MiniUPnP software for Ubiquiti EdgeRouter and Aircube routers allows a hacker to induce a service failure.
The vulnerability of MiniUPnP software for Ubiquiti EdgeRouter and Aircube routers lies in the fact that the operation data is written outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...
UNISOC Chipsets 缓冲区错误漏洞
UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets log service module, which stems from a lack of boundary checking, leading to out-of-bounds writes...
RHEL 8 : nss (RHSA-2023:1369)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1369 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...
CVE-2022-46342
CVE-2022-46342 affects the X.Org X11 server (xorg-x11-server). The issue is a use-after-free in the XvdiSelectVideoNotify handler, which can lead to local privilege elevation on privileged X servers (and, per some advisories, potential remote code execution via X forwarding). Multiple advisories ...
AMD EPYC DRTM UApp 安全漏洞
AMD EPYC is an x86 architecture server microprocessor product line from AMD Semiconductor, known in Chinese as "霄龙", which utilizes the Zen microarchitecture. A security vulnerability exists in the AMD EPYC DRTM UApp. The vulnerability arises from a partial initialization of the DRTM UApp, which...