CVEs classified under CWE-1260, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2024-4778 — CVSS 9.8 (critical): Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort…
CVE-2022-27813 — CVSS 8.1 (high): Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The…
CVE-2025-22889 — CVSS 7.9 (high): Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged…
CVE-2019-1164 — CVSS 7.8 (high): An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who…
CVE-2025-1937 — CVSS 7.5 (high): Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these…
CVE-2025-0012: Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged…
CVE-2018-25240 — CVSS 6.2 (medium): Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively…
CVE-2018-25238 — CVSS 6.2 (medium): VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively…
CVE-2019-25592 — CVSS 6.2 (medium): PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively…
CVE-2019-25585 — CVSS 6.2 (medium): Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively…
CVE-2019-25572 — CVSS 6.2 (medium): NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively…
CVE-2025-29948: Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections…
CVE-2019-25602 — CVSS 5.5 (medium): GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively…
CVE-2019-25570 — CVSS 5.5 (medium): RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by…
CVE-2019-25559 — CVSS 5.5 (medium): SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the…