Monthly
Local privilege escalation and integrity compromise in Imagination Technologies Graphics DDK (GPU driver) allows non-privileged users to corrupt sparse memory mapping state via improper GPU system calls, leading to out-of-bounds memory access. The flaw stems from implicit scaling errors in pointer arithmetic across buffers of differing sizes (CWE-468), affecting DDK releases 24.2 RTM, 25.1-25.3 RTM, and 26.1 RTM. No public exploit identified at time of analysis, but the local attack vector with low complexity makes this attractive for sandbox escape chains on Android/Linux devices using PowerVR GPUs.
SkyFire game server has improper pointer arithmetic enabling memory corruption.
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Local privilege escalation and integrity compromise in Imagination Technologies Graphics DDK (GPU driver) allows non-privileged users to corrupt sparse memory mapping state via improper GPU system calls, leading to out-of-bounds memory access. The flaw stems from implicit scaling errors in pointer arithmetic across buffers of differing sizes (CWE-468), affecting DDK releases 24.2 RTM, 25.1-25.3 RTM, and 26.1 RTM. No public exploit identified at time of analysis, but the local attack vector with low complexity makes this attractive for sandbox escape chains on Android/Linux devices using PowerVR GPUs.
SkyFire game server has improper pointer arithmetic enabling memory corruption.
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to execute malicious code on a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Incorrect Pointer Scaling vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series and MELSEC-L Series CPU modules allows a remote unauthenticated attacker to read arbitrary information from. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.