CWE-1260
Improper Handling of Overlap Between Protected Memory Ranges
BaseStable
Description
The product allows address regions to overlap, which can result in the bypassing of intended memory protection.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-456 · CAPEC-679
CVEs mapped to this weakness (10)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-22889 | Hig | 0.51 | 7.9 | 0.00 | Aug 12, 2025 | Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | |
| CVE-2025-1937 | Hig | 0.49 | 7.5 | 0.00 | Mar 4, 2025 | Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, and Thunderbird 128.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8. | |
| CVE-2025-0012 | Med | 0.44 | — | 0.00 | Feb 10, 2026 | Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality. | |
| CVE-2018-25240 | Med | 0.40 | 6.2 | 0.00 | Apr 4, 2026 | Watchr 1.1.0.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 8145 characters into the search bar and trigger a search operation to cause the application to crash. | |
| CVE-2018-25238 | Med | 0.40 | 6.2 | 0.00 | Apr 4, 2026 | VSCO 1.1.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string through the search functionality. Attackers can paste a buffer of 5000 characters into the search bar and navigate back to trigger an application crash. | |
| CVE-2019-25592 | Med | 0.40 | 6.2 | 0.00 | Mar 22, 2026 | PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an application crash. | |
| CVE-2019-25572 | Med | 0.40 | 6.2 | 0.00 | Mar 21, 2026 | NordVPN 6.19.6 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the email input field. Attackers can paste a buffer of 100,000 characters into the email field during login to trigger an application crash. | |
| CVE-2025-29948 | Med | 0.38 | — | 0.00 | Feb 10, 2026 | Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity. | |
| CVE-2019-25602 | Med | 0.36 | 5.5 | 0.00 | Mar 22, 2026 | GSearch 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by inputting an excessively long string in the search bar. Attackers can paste a buffer of 2000 characters into the search field, click search, and select any result to trigger an application crash. | |
| CVE-2019-25559 | Med | 0.36 | 5.5 | 0.00 | Mar 21, 2026 | SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a crash when the OK button is clicked. |