MINI-GWMP-5QMR-PMR3

Bulletin has no description...

CVE-2025-10865 GPU DDK - DevmemIntGetReservationData does not ref the PMR it returns

Software installed and run as a non-privileged user may conduct improper GPU system calls to cause mismanagement of reference counting to cause a potential use after free. Improper reference counting on an internal resource caused scenario where potential for use after free was present...

EUVD-2024-54967

Malicious code in bioql PyPI...

CVE-2024-49739

CVE-2024-49739 describes an out-of-bounds write in the function MMapVAccess within pmr_os.c, caused by insufficient input validation. This could enable local privilege escalation with no required user interaction. The CVE is reflected across multiple sources (NVD, Red Hat, OSV) and is associated ...

PT-2025-36008

Name of the Vulnerable Software and Affected Versions: pmr os.c affected versions not specified Description: An out-of-bounds write issue exists in the MMapVAccess function within pmr os.c due to insufficient input validation. Successful exploitation of this issue could lead to local privilege...

CVE-2023-21263

In OSMMapPMRGeneric of pmros.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21163

In PMRReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-21217

In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2021-46997

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GICPRIOPSRISET during entry Zenghui reports that booting a kernel with "irqchip.gicv3pseudonmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the...

Spoofing

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GICPRIOPSRISET during entry Zenghui reports that booting a kernel with "irqchip.gicv3pseudonmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the...

CVE-2021-46997 arm64: entry: always set GIC_PRIO_PSR_I_SET during entry

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: always set GICPRIOPSRISET during entry Zenghui reports that booting a kernel with "irqchip.gicv3pseudonmi=1" on the command line hits a warning during kernel entry, due to the way we manipulate the PMR. Early in the...

PT-2023-8468 · Unknown · Powervr Gpu Driver

Name of the Vulnerable Software and Affected Versions: PowerVR GPU driver versions affected versions not specified Description: The issue is related to a buffer overflow in the PowerVR GPU driver, specifically in the PMR ReadBytes function for Android and ChromeOS, and an out of bounds write in t...

PT-2022-9134 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android SoC Description: The issue arises from the method PVRSRVBridgePMRPDumpSymbolicAddr, which allocates a buffer on the heap, attempts to fill it via PMR PDumpSymbolicAddr, and then copies the buffer to userspace. If PMR...

pmr-avtorinok.ru Cross Site Scripting vulnerability OBB-1280514

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

pmr.szczecin.pl Cross Site Scripting vulnerability OBB-1266523

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Security Bulletin: Websphere Application Server Liberty vulnerabilities used by IBM Streams

Summary Websphere Application Server Liberty vulnerability CVE-2020-4329 affecting IBM Streams Vulnerability Details CVEID: CVE-2020-4329 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain...

Security Bulletin: Vulnerabilities in WebSphere Application Server

Summary There are vulnerabilities in WebSphere Application Server used by IBM Streams. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2018-1902 DESCRIPTION: IBM WebSphere Application Server could allow a remote attacker to spoof connection information which could ...

Security Bulletin: Vulnerabilities in WAS traditional and liberty

Summary There are vulnerabilities in WAS traditional and liberty used by IBM Streams. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2014-7810 DESCRIPTION: Apache Tomcat could allow a remote attacker to bypass security restrictions, caused by the use of expression...

CVE-2008-3861

CVE-2008-3861 affects phpMyRealty 1.0.7 and 1.0.9 (and earlier). The vulnerability is multiple SQL injection flaws caused by insufficient input sanitization in user-supplied data, enabling remote attackers to inject SQL via two parameters: id in pages.php and price_max in search.php. OpenVAS entr...

CVE-2008-3445

The CVE-2008-3445 entry affects phpMyRealty (PMR) 2.0.0, where a flaw in index.php allows SQL injection through the location parameter. This enables a remote attacker to execute arbitrary SQL commands on the underlying database. The vulnerability is confirmed across multiple sources (NVD/NVD reco...