EUVD-2026-26664

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the certtool --verify command. An attacker can cause excessive CPU and memory consumption by submitting specially crafted certificates containing a large number of SANs and Name Constraints...

ROS-20260121-73-0037

A vulnerability in the x86/mm component of the Linux operating system kernel is related to a flaw in the data security mechanism. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-58409 GPU DDK - Disguised freelist buffers passed to RGXCreateHWRTDataSet can cause arbitrary physical memory writes corrupting memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kern...

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

CVE-2025-38152 remoteproc: core: Clear table_sz when rproc_shutdown

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Clear tablesz when rprocshutdown There is case as below could trigger kernel dump: Use U-Boot to start remote processorrproc with resource table published to a fixed address by rproc. After Kernel boots up, stop...

CVE-2025-0467

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory...

kernel: ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses

A flaw was found in the Linux kernel’s ARM memory management functionality, where certain memory layouts cause a kernel panic. This flaw allows an attacker who can specify or alter memory layouts to cause a denial of service...

PT-2023-8363 · Apple · Macos Monterey +5

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 17.1 iPadOS versions prior to 17.1 macOS Monterey versions prior to 12.7.1 iOS versions prior to 16.7.2 iPadOS versions prior to 16.7.2 macOS Ventura versions prior to 13.6.1 macOS Sonoma versions prior to 14.1...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of an Execution Behavior Attack problem, which could be exploited by an attacker to potentially...

CVE-2021-46779

Insufficient input validation in SVCECCPRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP AMD Secure Processor OS memory which may lead to potential loss of integrity and availability...

PT-2023-1412 · Amd · Amd Secure Processor

Name of the Vulnerable Software and Affected Versions: AMD Secure Processor ASP affected versions not specified Description: The issue is related to insufficient input validation in the SYS KEY DERIVE system call, which can be exploited by an attacker to corrupt AMD Secure Processor ASP OS memory...

HUAWEI EMUI 安全漏洞

Huawei Emui is an Android-based mobile operating system developed by Huawei, a Chinese company. An access control error vulnerability exists in Huawei EMUI version 12.0.0, which stems from an unauthorized rewrite vulnerability in the memory access management module on the ACPU. An attacker can...

UBUNTU-CVE-2016-9932

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix...

apache-cxf: Multiple denial of service flaws in the StAX parser

The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service CPU and memory consumption via crafted XML with a large number of 1 elements, 2 attributes, 3 nested constructs, and possibly other vectors...