Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-21732

Summary
Assigner-imaginationtech
Assigner Org ID-367425dc-4d06-4041-9650-c2dc6aaa27ce
Published At-20 Mar, 2026 | 22:48
Updated At-23 Mar, 2026 | 15:03
Rejected At-
Credits

GPU DDK - libusc OOB write at ConvertSwitchToArrayLookupBP during WebGPU shader compilation

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very large value in switch statements in GPU shader code can cause a segmentation fault in the GPU shader compiler due to an out-of-bounds write access.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:imaginationtech
Assigner Org ID:367425dc-4d06-4041-9650-c2dc6aaa27ce
Published At:20 Mar, 2026 | 22:48
Updated At:23 Mar, 2026 | 15:03
Rejected At:
▼CVE Numbering Authority (CNA)
GPU DDK - libusc OOB write at ConvertSwitchToArrayLookupBP during WebGPU shader compilation

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very large value in switch statements in GPU shader code can cause a segmentation fault in the GPU shader compiler due to an out-of-bounds write access.

Affected Products
Vendor
Imagination Technologies LimitedImagination Technologies
Product
Graphics DDK
Platforms
  • Linux
  • Android
Default Status
unknown
Versions
Affected
  • 23.2 RTM (custom)
  • From 24.1 RTM through 25.1 RTM (custom)
Unaffected
  • 1.17 RTM (custom)
  • 1.18 RTM (custom)
  • 25.2 RTM (custom)
Problem Types
TypeCWE IDDescription
CWECWE-823CWE-823: Use of Out-of-range Pointer Offset (4.16)
Type: CWE
CWE ID: CWE-823
Description: CWE-823: Use of Out-of-range Pointer Offset (4.16)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-113CAPEC-113: Interface Manipulation (Version 3.9)
CAPEC ID: CAPEC-113
Description: CAPEC-113: Interface Manipulation (Version 3.9)
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.imaginationtech.com/gpu-driver-vulnerabilities/
N/A
Hyperlink: https://www.imaginationtech.com/gpu-driver-vulnerabilities/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.19.6CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:367425dc-4d06-4041-9650-c2dc6aaa27ce
Published At:20 Mar, 2026 | 23:16
Updated At:21 Apr, 2026 | 16:55

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An edge case using a very large value in switch statements in GPU shader code can cause a segmentation fault in the GPU shader compiler due to an out-of-bounds write access.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.6CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CPE Matches
Imagination Technologies Limited
imaginationtech
>>ddk>>Versions from 24.1(inclusive) to 25.1(inclusive)
cpe:2.3:a:imaginationtech:ddk:*:*:*:*:*:*:*:*
Imagination Technologies Limited
imaginationtech
>>ddk>>1.17
cpe:2.3:a:imaginationtech:ddk:1.17:*:*:*:*:*:*:*
Imagination Technologies Limited
imaginationtech
>>ddk>>1.18
cpe:2.3:a:imaginationtech:ddk:1.18:*:*:*:*:*:*:*
Imagination Technologies Limited
imaginationtech
>>ddk>>23.2
cpe:2.3:a:imaginationtech:ddk:23.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-823Secondary367425dc-4d06-4041-9650-c2dc6aaa27ce
CWE-787Primarynvd@nist.gov
CWE ID: CWE-823
Type: Secondary
Source: 367425dc-4d06-4041-9650-c2dc6aaa27ce
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.imaginationtech.com/gpu-driver-vulnerabilities/367425dc-4d06-4041-9650-c2dc6aaa27ce
Vendor Advisory
Hyperlink: https://www.imaginationtech.com/gpu-driver-vulnerabilities/
Source: 367425dc-4d06-4041-9650-c2dc6aaa27ce
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

35Records found
CVE-2024-52935
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-4.1||MEDIUM
EPSS-0.05% / 16.84%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 10:33
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - psContext->eDM gives OOB write

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-52937
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.17%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 10:37
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - rgxfw_kernel_CMD_DISABLE_ZSSTORE OOB write via ui32WriteOffsetOfDisableZSStore

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-52936
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.92%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 10:35
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - rgxfw_hwperf_config OOB read & write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-52939
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.17%
||
7 Day CHG~0.00%
Published-22 Feb, 2025 | 14:54
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - RGXFWIF_HWPERF_CTL_BLK.uiNumCounters OOB write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-52938
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.35%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 11:50
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - rgxfw_pm_add_freelist_for_reconstruction OOB write

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-47900
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.09%
||
7 Day CHG~0.00%
Published-31 Jan, 2025 | 03:19
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - Multiple integer overflow in DmaTransfer PMR_DevPhysAddr functions leading to OOB writes

Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-47895
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.1||HIGH
EPSS-0.03% / 10.56%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 10:31
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - OOB read into fwlog due to unchecked block count

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-47897
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-8.8||HIGH
EPSS-0.16% / 36.66%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 10:28
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - PVRSRVRGXGetEnabledHWPerfBlocksKM off-by-one OOB write

Software installed and run as a non-privileged user may conduct improper GPU system calls resulting in platform instability and reboots.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-47896
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-3.3||LOW
EPSS-0.02% / 6.89%
||
7 Day CHG~0.00%
Published-22 Feb, 2025 | 14:50
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - rgxfw_hwr_log_info OOB write via psHWRInfoBuf->ui32WriteIndex

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-47894
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.1||HIGH
EPSS-0.03% / 10.56%
||
7 Day CHG~0.00%
Published-13 Jan, 2025 | 10:30
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - Out of bounds read into fwlog due to unchecked loop bounds

Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-12577
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.3||HIGH
EPSS-0.03% / 7.18%
||
7 Day CHG~0.00%
Published-22 Feb, 2025 | 14:58
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - rgxfw_pcset_ungrab OOB write via psFWMemContext->uiPageCatBaseRegSet

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2025-0467
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.32%
||
7 Day CHG~0.00%
Published-18 Apr, 2025 | 00:32
Updated-11 Jul, 2025 | 16:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - rgxfw_hwperf_get_packet_buffer OOB write

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-ddkGraphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-47893
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.26% / 49.33%
||
7 Day CHG~0.00%
Published-17 May, 2025 | 00:47
Updated-19 May, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - OOB read and write of the shared KMD/FW memory heap (VZ/TEE setups)

Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-31336
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.93%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 00:09
Updated-17 Dec, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PVRSRVBridgeRGXKickTA3D2 of server_rgxta3d_bridge.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Imagination Technologies LimitedGoogle LLC
Product-androidAndroidddk
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23698
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.44%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 20:09
Updated-17 Dec, 2024 | 16:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In RGXFWChangeOSidPriority of rgxfwutils.c, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Imagination Technologies LimitedGoogle LLC
Product-androidAndroidpowervr-gpu
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-25180
Matching Score-6
Assigner-Imagination Technologies
ShareView Details
Matching Score-6
Assigner-Imagination Technologies
CVSS Score-7.8||HIGH
EPSS-0.08% / 22.97%
||
7 Day CHG+0.05%
Published-14 Jul, 2025 | 01:36
Updated-15 Jul, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GPU DDK - Insufficient validation in RGXCREATEFREELIST creates corrupt freelist

Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.

Action-Not Available
Vendor-Imagination Technologies Limited
Product-Graphics DDK
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-6779
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.70% / 72.16%
||
7 Day CHG~0.00%
Published-16 Jul, 2024 | 21:43
Updated-20 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChromechrome
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-7024
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.3||CRITICAL
EPSS-0.12% / 30.89%
||
7 Day CHG~0.00%
Published-23 Sep, 2024 | 22:47
Updated-02 Jan, 2025 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChromechrome
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-7519
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.37% / 58.84%
||
7 Day CHG~0.00%
Published-06 Aug, 2024 | 12:38
Updated-12 Aug, 2024 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdfirefox_esrFirefoxFirefox ESRThunderbirdfirefoxfirefox_esr
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-16011
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-1.60% / 81.84%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Microsoft CorporationGoogle LLCopenSUSEDebian GNU/Linux
Product-debian_linuxchromewindowsbackports_sleleapChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-16025
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.85% / 75.01%
||
7 Day CHG~0.00%
Published-08 Jan, 2021 | 17:52
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-16024
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.80% / 74.20%
||
7 Day CHG~0.00%
Published-08 Jan, 2021 | 17:52
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromechrome_osChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-32722
Matching Score-4
Assigner-Zabbix
ShareView Details
Matching Score-4
Assigner-Zabbix
CVSS Score-9.6||CRITICAL
EPSS-0.36% / 58.01%
||
7 Day CHG~0.00%
Published-12 Oct, 2023 | 06:06
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-buffer Overflow in library module zbxjson

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.

Action-Not Available
Vendor-ZABBIX
Product-zabbixZabbixzabbix
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8562
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.6||CRITICAL
EPSS-0.47% / 64.93%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows. A sandboxed process may be able to circumvent sandbox restrictions.

Action-Not Available
Vendor-Apple Inc.
Product-itunessafariiphone_ostvostvOSiTunes for WindowsSafariiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-4920
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-1.01% / 77.28%
||
7 Day CHG~0.00%
Published-28 Jul, 2023 | 23:26
Updated-13 Feb, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChromechrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-4135
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.08% / 23.18%
||
7 Day CHG~0.00%
Published-25 Nov, 2022 | 00:00
Updated-24 Oct, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-12-19||Apply updates per vendor instructions.

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-chromeedgeedge_chromiumChromeChromium GPU
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3890
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.57% / 68.76%
||
7 Day CHG~0.00%
Published-09 Nov, 2022 | 00:00
Updated-23 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCDebian GNU/Linux
Product-chromedebian_linuxChromechrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-38013
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-1.18% / 78.92%
||
7 Day CHG~0.00%
Published-23 Dec, 2021 | 00:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCDebian GNU/Linux
Product-chromedebian_linuxchrome_osfedoraChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-37981
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-1.45% / 80.91%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 21:05
Updated-04 Aug, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLCDebian GNU/Linux
Product-chromedebian_linuxChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-3157
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-8.1||HIGH
EPSS-0.65% / 71.02%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 18:41
Updated-27 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChromechrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21154
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-1.08% / 78.01%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 21:20
Updated-03 Aug, 2024 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLC
Product-chromefedoraChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21155
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-1.08% / 78.01%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 21:20
Updated-03 Aug, 2024 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Fedora ProjectGoogle LLCMicrosoft Corporation
Product-chromewindowsfedoraChrome
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15999
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-92.91% / 99.78%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 00:00
Updated-24 Oct, 2025 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-freetypeDebian GNU/LinuxopenSUSEGoogle LLCFedora ProjectNetApp, Inc.
Product-debian_linuxbackports_slefreetypeontap_select_deploy_administration_utilityfedorachromeChromeChrome FreeType
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-16010
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-19.62% / 95.47%
||
7 Day CHG~0.00%
Published-03 Nov, 2020 | 02:21
Updated-14 Jan, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Action-Not Available
Vendor-Google LLC
Product-chromeandroidChromeandroidchromeChrome for Android UI
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-14498
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.6||CRITICAL
EPSS-0.56% / 68.31%
||
7 Day CHG~0.00%
Published-26 Aug, 2020 | 13:30
Updated-23 Feb, 2026 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HMS Industrial Networks AB eCatcher Stack-based Buffer Overflow

HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.

Action-Not Available
Vendor-hms-networksHMS Industrial Networks AB
Product-ecatchereCatcher
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
Details not found