2267 matches found
SUSE CVE-2026-43206
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...
CVE-2026-40003
ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...
CVE-2026-40003
CVE-2026-40003 describes a USB-based arbitrary memory write vulnerability in the ZTE ZX297520V3 BootROM. The issue arises from lack of target address validation in the USB download mode, allowing writes to arbitrary locations in BootROM runtime memory. Potential consequences, as stated, include o...
CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM
ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...
CVE-2026-40003
ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...
CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM
ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...
PT-2026-38322
ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...
EUVD-2026-27767
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...
Astra Linux - уязвимость в chromium
Before version 117.0.5938.62, SwiftShader in Google Chrome allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
A heap buffer overflow in Dawn in Google Chrome prior to version 125.0.6422.76 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory write via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Type Confusion in V8 in Google Chrome before version 126.0.6478.54 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux-5.10, linux
A flaw was discovered in KVM. When updating a guest’s page table entry, vmpgoff was incorrectly used as the offset to obtain the page’s pfn. Since vaddr and vmpgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region...
Astra Linux - уязвимость в chromium
A heap buffer overflow in WebAudio in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в glib2.0
A flaw was discovered in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculations, the library may incorrectly calculate buffer boundaries. This can lead to memory writes outside of the allocated buffer. Applications...
Astra Linux - уязвимость в chromium
“Type Confusion in V8” in Google Chrome before version 129.0.6668.100 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Before version 124.0.6367.207, writing out-of-bounds data in V8 using Google Chrome allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в linux-5.10
A vulnerability was discovered in the kvms390guestsidaop function within the arch/s390/kvm/kvm-s390.c file in KVM for s390 in the Linux kernel. This flaw allows a local attacker with normal user privileges to gain unauthorized memory write access. This vulnerability affects Linux kernel versions...
Astra Linux - уязвимость в linux
A out-of-bounds memory write flaw was discovered in the Linux kernel’s joystick devices subsystem in versions prior to 5.9-rc1. This flaw allows a local user to crash the system or potentially escalate their privileges on the system. The greatest threat posed by this vulnerability is related to...
Astra Linux - уязвимость в tiff
LibTIFF 4.4.0 contains an out-of-bounds write vulnerability in tiffcrop, located at line 368 of libtiff/tifunix.c. This vulnerability is invoked by lines 2903 and 6778 of tools/tiffcrop.c. This allows attackers to cause a denial-of-service attack through a crafted TIF file. For users who compile...