Project Zero Bot
p0bot
New Project Zero issue:
Samsung: libimagecodec.quram.so buffer overflow in WINKJ_YcbcrWriteOutput1to1_YUV422_H1V2_toRGBA8888 during JPEG decoding
https://project-zero.issues.chromium.org/issues/450884207
CVE-2025-58480
Samsung: libimagecodec.quram.so buffer overflow in WINKJ_YcbcrWriteOutput1to1_YUV422_H1V2_toRGBA8888 during JPEG decoding
https://project-zero.issues.chromium.org/issues/450884207
CVE-2025-58480
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Samsung: QuramDng FixBadPixelList opcode out-of-bounds read/write
https://project-zero.issues.chromium.org/issues/448241955
CVE-2025-58479
Samsung: QuramDng FixBadPixelList opcode out-of-bounds read/write
https://project-zero.issues.chromium.org/issues/448241955
CVE-2025-58479
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung: QuramDng opcodes ignore PixelType, leading to out-of-bounds read/writes
https://project-zero.issues.chromium.org/issues/447479300
CVE-2025-58478
Samsung: QuramDng opcodes ignore PixelType, leading to out-of-bounds read/writes
https://project-zero.issues.chromium.org/issues/447479300
CVE-2025-58478
0
2
1
Project Zero Bot
p0bot
New Project Zero issue:
Adobe DNG SDK: Linearize uses full image on trimmed source image, leading to out-of-bounds read
https://project-zero.issues.chromium.org/issues/452483592
CVE-2025-64784
Adobe DNG SDK: Linearize uses full image on trimmed source image, leading to out-of-bounds read
https://project-zero.issues.chromium.org/issues/452483592
CVE-2025-64784
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Adobe DNG SDK: out-of-bounds read in RefBaselineABCDtoRGB during the Render phase
https://project-zero.issues.chromium.org/issues/457419672
CVE-2025-64893
Adobe DNG SDK: out-of-bounds read in RefBaselineABCDtoRGB during the Render phase
https://project-zero.issues.chromium.org/issues/457419672
CVE-2025-64893
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Adobe DNG SDK: out-of-bounds write in dng_resample_weights::Initialize due to invalid floating point arithmetic
https://project-zero.issues.chromium.org/issues/457987854
CVE-2025-64894
Adobe DNG SDK: out-of-bounds write in dng_resample_weights::Initialize due to invalid floating point arithmetic
https://project-zero.issues.chromium.org/issues/457987854
CVE-2025-64894
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Adobe DNG SDK: areaSpec overlap miscalculation lead to integer overflow, leading to OOB read/write
https://project-zero.issues.chromium.org/issues/445575206
CVE-2025-64783
Adobe DNG SDK: areaSpec overlap miscalculation lead to integer overflow, leading to OOB read/write
https://project-zero.issues.chromium.org/issues/445575206
CVE-2025-64783
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Windows: Administrator Protection UI Access Shared Profile EoP
https://project-zero.issues.chromium.org/issues/437868751
CVE-2025-60721
Windows: Administrator Protection UI Access Shared Profile EoP
https://project-zero.issues.chromium.org/issues/437868751
CVE-2025-60721
0
2
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung: QuramDng TrimBounds Opcode leads to out-of-bounds reads
https://project-zero.issues.chromium.org/issues/443793212
CVE-2025-21074
Samsung: QuramDng TrimBounds Opcode leads to out-of-bounds reads
https://project-zero.issues.chromium.org/issues/443793212
CVE-2025-21074
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung: QuramDng invalid LossyJpeg component assumption, leading to out-of-bounds write
https://project-zero.issues.chromium.org/issues/444346510
CVE-2025-21075
Samsung: QuramDng invalid LossyJpeg component assumption, leading to out-of-bounds write
https://project-zero.issues.chromium.org/issues/444346510
CVE-2025-21075
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Windows: Administrator Protection RAiLaunchAdminProcess Application Name EoP
https://project-zero.issues.chromium.org/issues/437291456
CVE-2025-60718
Windows: Administrator Protection RAiLaunchAdminProcess Application Name EoP
https://project-zero.issues.chromium.org/issues/437291456
CVE-2025-60718
0
3
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung: QuramDng MapPolynomial Opcode out-of-bounds write
https://project-zero.issues.chromium.org/issues/443741909
CVE-2025-21043
Samsung: QuramDng MapPolynomial Opcode out-of-bounds write
https://project-zero.issues.chromium.org/issues/443741909
CVE-2025-21043
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung: QuramDng getOverlap miscalculation leads to integer overflow, leading to out-of-bounds read/write
https://project-zero.issues.chromium.org/issues/442423708
CVE-2025-21055
Samsung: QuramDng getOverlap miscalculation leads to integer overflow, leading to out-of-bounds read/write
https://project-zero.issues.chromium.org/issues/442423708
CVE-2025-21055
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
Dolby Unified Decoder: Out of bounds write in evolution parsing
https://project-zero.issues.chromium.org/issues/428075495
CVE-2025-54957
Dolby Unified Decoder: Out of bounds write in evolution parsing
https://project-zero.issues.chromium.org/issues/428075495
CVE-2025-54957
0
2
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=6.4: epoll: UAF via race between ep_eventpoll_release() and eventpoll_release_file() because mutex_unlock() is not ownership-drop-safe
https://project-zero.issues.chromium.org/issues/430541637
CVE-2025-38349
Linux >=6.4: epoll: UAF via race between ep_eventpoll_release() and eventpoll_release_file() because mutex_unlock() is not ownership-drop-safe
https://project-zero.issues.chromium.org/issues/430541637
CVE-2025-38349
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=6.9: broken AF_UNIX MSG_OOB handling causes UAF read+write
https://project-zero.issues.chromium.org/issues/423023990
CVE-2025-38236
Linux >=6.9: broken AF_UNIX MSG_OOB handling causes UAF read+write
https://project-zero.issues.chromium.org/issues/423023990
CVE-2025-38236
0
8
9
Project Zero Bot
p0bot
New Project Zero issue:
Linux: hugetlb page table sharing races with VMA splitting, leading to page table UAF
https://project-zero.issues.chromium.org/issues/420715744
CVE-2025-38084, CVE-2025-38085
Linux: hugetlb page table sharing races with VMA splitting, leading to page table UAF
https://project-zero.issues.chromium.org/issues/420715744
CVE-2025-38084, CVE-2025-38085
0
6
3
Project Zero Bot
p0bot
New Project Zero issue:
Double-fetch of root_size in fastrpc_pack_root_sharedpage leads to buffer overflow
https://project-zero.issues.chromium.org/issues/399463073
CVE-2025-21485
Double-fetch of root_size in fastrpc_pack_root_sharedpage leads to buffer overflow
https://project-zero.issues.chromium.org/issues/399463073
CVE-2025-21485
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=6.13: io_uring: SQE/CQE UAF/OOB read in race between IORING_REGISTER_RESIZE_RINGS and io_uring_show_fdinfo
https://project-zero.issues.chromium.org/issues/417522668
CVE-2025-38002
Linux >=6.13: io_uring: SQE/CQE UAF/OOB read in race between IORING_REGISTER_RESIZE_RINGS and io_uring_show_fdinfo
https://project-zero.issues.chromium.org/issues/417522668
CVE-2025-38002
0
1
3
Project Zero Bot
p0bot
New Project Zero issue:
MacOS Sandbox Escape via Double Free in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/406271181
CVE-2025-31235
MacOS Sandbox Escape via Double Free in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/406271181
CVE-2025-31235
0
1
3