CVE-2025-38074

CVE-2025-38074 affects the Linux kernel vhost-scsi path used by virtio-scsi/QEMU. The root cause is a race where vq->log_base can be accessed after vq->log_used is set to false, because the completion path may evaluate log_used and then access log_base before proper synchronization. The fix...

TencentOS Server 4: nss (TSSA-2024:0636)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0636 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-3052

An arbitrary write vulnerability in Microsoft signed UEFI firmware allows for code execution of untrusted software. This allows an attacker to control its value, leading to arbitrary memory writes, including modification of critical firmware settings stored in NVRAM. Exploiting this vulnerability...

VulnCheck KEV: CVE-2025-0286

Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine...

Samsung S24 VC1 Decoder Out-Of-Bounds Write

There is an out-of-bounds write to a heap buffer in the Samsung S24 VC1 decoder. The function svc1drrfrm can write outside of the allocated frame buffers in several locations due to incorrect calculations of buffer offsets...

CVE-2025-25179 GPU DDK - Freelist GPU VA can be remapped to another reservation/PMR to trigger GPU arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages...

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

CVE-2024-20873

Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory...

CVE-2024-42385

Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters...

CVE-2022-23432

An improper input validation in SMCSRPMBWSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-22265

An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution...

CVE-2022-25480

Vulnerability in Realtek RtsPer driver for PCIe Card Reader RtsPer.sys before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader RtsUer.sys before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP...

CVE-2021-30714

A race condition was addressed with improved state handling. This issue is fixed in iOS 14.6 and iPadOS 14.6. An application may be able to cause unexpected system termination or write kernel memory...

CVE-2021-25518

An improper boundary check in securelog of LDFW and BL31 prior to SMR Dec-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25478

A possible stack-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25479

A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25475

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25396

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25408

A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution...

CVE-2021-25407

A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write...