Buffer Overflow
Monthly
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.
A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. Rated low severity (CVSS 1.0), this vulnerability is no authentication required. No vendor patch available.
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
ImageSharp is a 2D graphics API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
A vulnerability was found in MicroDicom DICOM Viewer 2025.1 Build 3321. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Memory safety bugs present in Firefox 135 and Thunderbird 135. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability via HGFS out-of-bounds read, allowing VM administrators to leak memory from the VMX process on the host.
VMware ESXi contains an arbitrary write vulnerability that allows privileged VMX process users to trigger kernel writes, enabling escape from the VMX sandbox to the ESXi kernel.
VMware ESXi and Workstation contain a TOCTOU race condition leading to out-of-bounds write, allowing local administrators on VMs to escape the sandbox and execute code as the VMX process on the host.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.4). No vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.4). No vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.4). No vendor patch available.
A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw was found in grub2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A flaw was found in the HFS filesystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur in keyboard virtual device due to guest VM interaction. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while processing input message passed from FE driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur while processing message from frontend during allocation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Memory corruption may occur while accessing a variable during extended back to back tests. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption may occur during communication between primary and guest VM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption may occur due to improper input validation in clock device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Transient DOS during hypervisor virtual I/O operation in a virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.
A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. Rated low severity (CVSS 1.0), this vulnerability is no authentication required. No vendor patch available.
ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob. Rated medium severity (CVSS 4.5), this vulnerability is no authentication required. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.
ImageSharp is a 2D graphics API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, W920, W930, and W1000. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in NRMM in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read The nvmem interface supports variable buffer sizes, while the regmap. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
A vulnerability was found in MicroDicom DICOM Viewer 2025.1 Build 3321. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in parsing image data in Samsung Notes prior to vaersion 4.4.26.71 allows local attackers to access out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of text data in Samsung Notes prior to version 4.4.26.71 allows local attackers to potentially read memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability has been found in Tenda AC15 15.03.05.19 in the function GetParentControlInfo of the file /goform/GetParentControlInfo. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Memory safety bugs present in Firefox 135 and Thunderbird 135. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability via HGFS out-of-bounds read, allowing VM administrators to leak memory from the VMX process on the host.
VMware ESXi contains an arbitrary write vulnerability that allows privileged VMX process users to trigger kernel writes, enabling escape from the VMX sandbox to the ESXi kernel.
VMware ESXi and Workstation contain a TOCTOU race condition leading to out-of-bounds write, allowing local administrators on VMs to escape the sandbox and execute code as the VMX process on the host.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through buffer overflow. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.4). No vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.4). No vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.4). No vendor patch available.
A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw was found in grub2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A flaw was found in the HFS filesystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A flaw was found in grub2. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while calling the NPU driver APIs concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption occurs during an Escape call if an invalid Kernel Mode CPU event and sync object handle are passed with the DriverKnownEscape flag reset. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while doing Escape call when user provides valid kernel address in the place of valid user buffer address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur in keyboard virtual device due to guest VM interaction. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while processing input message passed from FE driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur while processing message from frontend during allocation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Transient DOS may occur while processing the country IE. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.
Memory corruption in display driver while detaching a device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Memory corruption may occur while accessing a variable during extended back to back tests. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption may occur during communication between primary and guest VM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur while validating ports and channels in Audio driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption may occur due to improper input validation in clock device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Memory corruption while processing command in Glink linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
Transient DOS during hypervisor virtual I/O operation in a virtual machine. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.