Project Zero Bot
p0bot
New Project Zero issue:
Samsung S24: Out of bounds read in MP3 Decoder
https://project-zero.issues.chromium.org/issues/388115013
CVE-2025-20944
Samsung S24: Out of bounds read in MP3 Decoder
https://project-zero.issues.chromium.org/issues/388115013
CVE-2025-20944
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung S24: Out of bounds write in VC1 Decoder (svc1d_rr_frm)
https://project-zero.issues.chromium.org/issues/396226992
CVE-2025-20964
Samsung S24: Out of bounds write in VC1 Decoder (svc1d_rr_frm)
https://project-zero.issues.chromium.org/issues/396226992
CVE-2025-20964
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung S24: Out of bounds memset in VC1 Decoder
https://project-zero.issues.chromium.org/issues/395975495
CVE-2025-20963
Samsung S24: Out of bounds memset in VC1 Decoder
https://project-zero.issues.chromium.org/issues/395975495
CVE-2025-20963
0
0
0
Project Zero Bot
p0bot
New Project Zero issue:
XNU VM_BEHAVIOR_ZERO_WIRED_PAGES behavior allows writing to read-only pages
https://project-zero.issues.chromium.org/issues/391518636
CVE-2025-24203
XNU VM_BEHAVIOR_ZERO_WIRED_PAGES behavior allows writing to read-only pages
https://project-zero.issues.chromium.org/issues/391518636
CVE-2025-24203
0
1
2
Project Zero Bot
p0bot
New Project Zero issue:
Firefox: JavaScript can run during XSLTProcessor transform, leading to use-after-free
https://project-zero.issues.chromium.org/issues/389079450
CVE-2025-3028
Firefox: JavaScript can run during XSLTProcessor transform, leading to use-after-free
https://project-zero.issues.chromium.org/issues/389079450
CVE-2025-3028
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Windows: System Drive Replacement During Impersonation EoP
https://project-zero.issues.chromium.org/issues/42451595
CVE-2023-35359
Windows: System Drive Replacement During Impersonation EoP
https://project-zero.issues.chromium.org/issues/42451595
CVE-2023-35359
0
0
1
Project Zero Bot
p0bot
New Project Zero issue:
Firefox: inconsistent comparator in xslt/txNodeSorter leads to out-of-bounds access
https://project-zero.issues.chromium.org/issues/392850860
CVE-2025-1932
Firefox: inconsistent comparator in xslt/txNodeSorter leads to out-of-bounds access
https://project-zero.issues.chromium.org/issues/392850860
CVE-2025-1932
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Linux >=4.12: USB CDC-ACM: missing size check in acm_ctrl_irq() leads to OOB write
https://project-zero.issues.chromium.org/issues/395107243
CVE-2025-21704
Linux >=4.12: USB CDC-ACM: missing size check in acm_ctrl_irq() leads to OOB write
https://project-zero.issues.chromium.org/issues/395107243
CVE-2025-21704
0
2
4
Project Zero Bot
p0bot
New Project Zero issue:
msm_npu: Race between npu_host_unload_network and npu_host_exec_network_v2 leads to memory corruption
https://project-zero.issues.chromium.org/issues/380081941
CVE-2025-21424
msm_npu: Race between npu_host_unload_network and npu_host_exec_network_v2 leads to memory corruption
https://project-zero.issues.chromium.org/issues/380081941
CVE-2025-21424
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
libxslt: use-after-free in xsltParseStylesheetProcess
https://project-zero.issues.chromium.org/issues/382015274
CVE-2024-55549
libxslt: use-after-free in xsltParseStylesheetProcess
https://project-zero.issues.chromium.org/issues/382015274
CVE-2024-55549
0
2
2
Project Zero Bot
p0bot
New Project Zero issue:
Linux 6.4: UAF race between mbind() and VMA-locked page fault
https://project-zero.issues.chromium.org/issues/42451620
CVE-2023-4611
Linux 6.4: UAF race between mbind() and VMA-locked page fault
https://project-zero.issues.chromium.org/issues/42451620
CVE-2023-4611
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Firefox: use-after-free in txMozillaXSLTProcessor
https://project-zero.issues.chromium.org/issues/383558273
CVE-2025-1009
Firefox: use-after-free in txMozillaXSLTProcessor
https://project-zero.issues.chromium.org/issues/383558273
CVE-2025-1009
0
1
1
Project Zero Bot
p0bot
New Project Zero issue:
Android: SPF in AOSP 5.10/5.15 kernels can create dangling TLB entries by misdirecting TLB flushes on race with mremap() [and other miscellaneous issues in SPF]
https://project-zero.issues.chromium.org/issues/377569381
CVE-2025-0088
Android: SPF in AOSP 5.10/5.15 kernels can create dangling TLB entries by misdirecting TLB flushes on race with mremap() [and other miscellaneous issues in SPF]
https://project-zero.issues.chromium.org/issues/377569381
CVE-2025-0088
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
cvp: Incorrect bailout unwinding leads to UAF dangling list entry
https://project-zero.issues.chromium.org/issues/389724938
CVE-2024-38411
cvp: Incorrect bailout unwinding leads to UAF dangling list entry
https://project-zero.issues.chromium.org/issues/389724938
CVE-2024-38411
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Linux: io_uring: UAF of io_ev_fd; io_eventfd_do_signal() frees on refcount drop without RCU delay
https://project-zero.issues.chromium.org/issues/388499293
CVE-2025-21655
Linux: io_uring: UAF of io_ev_fd; io_eventfd_do_signal() frees on refcount drop without RCU delay
https://project-zero.issues.chromium.org/issues/388499293
CVE-2025-21655
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
MacOS Sandbox Escape via Type Confusion in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/372511888
CVE-2024-54529
MacOS Sandbox Escape via Type Confusion in coreaudiod/CoreAudio Framework
https://project-zero.issues.chromium.org/issues/372511888
CVE-2024-54529
0
0
2
Project Zero Bot
p0bot
New Project Zero issue:
WebKit: use-after-free in DocumentFontLoader::fontLoadingTimerFired
https://project-zero.issues.chromium.org/issues/374377963
CVE-2024-54502
WebKit: use-after-free in DocumentFontLoader::fontLoadingTimerFired
https://project-zero.issues.chromium.org/issues/374377963
CVE-2024-54502
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
inotify_rm_watch() race with umount() can lead to superblock-related UAF
https://project-zero.issues.chromium.org/issues/379667898
CVE-2024-53143
inotify_rm_watch() race with umount() can lead to superblock-related UAF
https://project-zero.issues.chromium.org/issues/379667898
CVE-2024-53143
0
1
0
Project Zero Bot
p0bot
New Project Zero issue:
Samsung S24: Out of bounds write in APE Decoder
https://project-zero.issues.chromium.org/issues/368695689
CVE-2024-49415
Samsung S24: Out of bounds write in APE Decoder
https://project-zero.issues.chromium.org/issues/368695689
CVE-2024-49415
0
1
3
Project Zero Bot
p0bot
New Project Zero issue:
Windows Kernel False File Immutability attack on registry hives via the Cloud Filter API
https://project-zero.issues.chromium.org/issues/42451734
CVE-2024-49114
Windows Kernel False File Immutability attack on registry hives via the Cloud Filter API
https://project-zero.issues.chromium.org/issues/42451734
CVE-2024-49114
1
1
1