Vulnerabilities (CVE)

Filtered by CWE-787
Total 10912 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-52512 1 Linux 1 Linux Kernel 2025-03-19 N/A 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: wpcm450: fix out of bounds write Write into 'pctrl->gpio_bank' happens before the check for GPIO index validity, so out of bounds write may happen. Found by Linux Verification Center (linuxtesting.org) with SVACE.
CVE-2023-40110 1 Google 1 Android 2025-03-19 N/A 7.8 HIGH
In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2025-20631 2025-03-19 N/A 7.8 HIGH
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187.
CVE-2024-54523 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-03-19 N/A 6.3 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.
CVE-2024-49738 2025-03-19 N/A 7.8 HIGH
In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2022-40080 1 Acer 2 Aspire E5-475g, Aspire E5-475g Firmware 2025-03-19 N/A 7.8 HIGH
Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges.
CVE-2021-43529 1 Mozilla 1 Thunderbird 2025-03-19 N/A 9.8 CRITICAL
Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures.
CVE-2021-32142 1 Libraw 1 Libraw 2025-03-19 N/A 7.8 HIGH
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
CVE-2024-43096 2025-03-19 N/A 8.8 HIGH
In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-24422 1 Linuxfoundation 1 Magma 2025-03-19 N/A 7.5 HIGH
The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a stack overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
CVE-2022-23815 1 Amd 32 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150u and 29 more 2025-03-18 N/A 7.5 HIGH
Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution.
CVE-2020-17538 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2025-03-18 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2020-16296 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2025-03-18 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2025-24154 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2025-03-18 N/A 9.1 CRITICAL
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3. An attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVE-2024-44552 1 Tenda 2 Ax1806, Ax1806 Firmware 2025-03-18 N/A 9.8 CRITICAL
Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv.
CVE-2024-27383 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2025-03-18 N/A 6.7 MEDIUM
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_get_scan_extra_ies(), there is no input validation check on default_ies coming from userspace, which can lead to a heap overwrite.
CVE-2021-32419 1 Schismtracker 1 Schism Tracker 2025-03-18 N/A 5.3 MEDIUM
An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c.
CVE-2025-20633 1 Mediatek 5 Mt7603, Mt7615, Mt7622 and 2 more 2025-03-18 N/A 8.8 HIGH
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491.
CVE-2024-57581 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-18 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.
CVE-2024-57580 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-18 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.