Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2003-1455

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-23 Oct, 2007 | 01:00
Updated At-08 Aug, 2024 | 02:28
Rejected At-
Credits

Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:23 Oct, 2007 | 01:00
Updated At:08 Aug, 2024 | 02:28
Rejected At:
â–¼CVE Numbering Authority (CNA)

Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/7582
vdb-entry
x_refsource_BID
http://sourceforge.net/project/shownotes.php?release_id=138437
x_refsource_CONFIRM
http://www.securityfocus.com/bid/7590
vdb-entry
x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/12101
vdb-entry
x_refsource_XF
Hyperlink: http://www.securityfocus.com/bid/7582
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=138437
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/7590
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/12101
Resource:
vdb-entry
x_refsource_XF
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/7582
vdb-entry
x_refsource_BID
x_transferred
http://sourceforge.net/project/shownotes.php?release_id=138437
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/7590
vdb-entry
x_refsource_BID
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/12101
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.securityfocus.com/bid/7582
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=138437
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/7590
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/12101
Resource:
vdb-entry
x_refsource_XF
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2003 | 05:00
Updated At:16 Apr, 2026 | 00:27

Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
poptop
poptop
>>pptp_server>>1.1.4b1
cpe:2.3:a:poptop:pptp_server:1.1.4b1:*:*:*:*:*:*:*
poptop
poptop
>>pptp_server>>1.1.4b2
cpe:2.3:a:poptop:pptp_server:1.1.4b2:*:*:*:*:*:*:*
poptop
poptop
>>pptp_server>>1.1.4b3
cpe:2.3:a:poptop:pptp_server:1.1.4b3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://sourceforge.net/project/shownotes.php?release_id=138437cve@mitre.org
Patch
http://www.securityfocus.com/bid/7582cve@mitre.org
Patch
http://www.securityfocus.com/bid/7590cve@mitre.org
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/12101cve@mitre.org
N/A
http://sourceforge.net/project/shownotes.php?release_id=138437af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/7582af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/7590af854a3a-2127-422b-91ae-364da2661108
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/12101af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=138437
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/7582
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/7590
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/12101
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sourceforge.net/project/shownotes.php?release_id=138437
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/7582
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/7590
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/12101
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

478Records found
CVE-2003-1359
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.28% / 51.59%
||
7 Day CHG~0.00%
Published-17 Oct, 2007 | 01:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.

Action-Not Available
Vendor-n/aAvaya LLCHP Inc.
Product-hp-uxpredictive_dialer_systemn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-4010
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.22%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org Foundation
Product-debian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6856
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.35%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer we can control the execution path to the point where a global variable will be written to a user controlled address. We can take advantage of this condition to zero-out the pointer to the security descriptor in the object header of a privileged process or modify the security descriptor itself and run code in the context of a process running as SYSTEM.

Action-Not Available
Vendor-n/aSophos Ltd.
Product-safeguard_lan_crypt_clientsafeguard_easy_device_encryption_clientsafeguard_enterprise_clientn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-4008
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.35%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org Foundation
Product-debian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-1999-0069
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.69% / 72.08%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Solaris ufsrestore buffer overflow.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/asunos
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-1999-0027
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.35% / 57.38%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

root privileges via buffer overflow in eject command on SGI IRIX systems.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-0542
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.52% / 67.12%
||
7 Day CHG~0.00%
Published-30 Oct, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-http_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-0449
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.32% / 54.88%
||
7 Day CHG~0.00%
Published-05 Feb, 2009 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.

Action-Not Available
Vendor-n/aKaspersky Lab
Product-kaspersky_anti-virusn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-3196
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.25% / 48.13%
||
7 Day CHG~0.00%
Published-15 Dec, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with SYSTEM privileges.

Action-Not Available
Vendor-rawether_projectPrinting Communications Assoc., Inc. (PCAUSA)Microsoft Corporation
Product-rawetherwindowsASUS PCE-AC56 WLAN Card Utilities
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6851
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.35%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x80206040. By crafting an input buffer we can control the execution path to the point where the constant DWORD 0 will be written to a user-controlled address. We can take advantage of this condition to zero-out the pointer to the security descriptor in the object header of a privileged process or modify the security descriptor itself and run code in the context of a process running as SYSTEM.

Action-Not Available
Vendor-n/aSophos Ltd.
Product-safeguard_lan_crypt_clientsafeguard_easy_device_encryption_clientsafeguard_enterprise_clientn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6857
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.35%
||
7 Day CHG~0.00%
Published-09 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 06:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context.

Action-Not Available
Vendor-n/aSophos Ltd.
Product-safeguard_lan_crypt_clientsafeguard_easy_device_encryption_clientsafeguard_enterprise_clientn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-7522
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.69%
||
7 Day CHG~0.00%
Published-04 May, 2018 | 17:00
Updated-17 Sep, 2024 | 00:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.

Action-Not Available
Vendor-
Product-triconex_tricon_mp_3008triconex_tricon_mp_3008_firmwareTriconex Tricon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3771
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.65%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 23:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3772.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2003-1375
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.36% / 57.89%
||
7 Day CHG~0.00%
Published-19 Oct, 2007 | 10:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-36342
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 12.19%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-23 Feb, 2026 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-embedded_box_pc_5000_firmwarealienware_aurora_r12_firmwarealienware_17_r4_firmwarelatitude_7200_2-in-1_firmwareprecision_3561_firmwareinspiron_5477_aiodell_g15_5510inspiron_15_3573_firmwarevostro_5501vostro_3401inspiron_3580inspiron_3480optiplex_3240_all-in-onelatitude_7520inspiron_3470_firmwarelatitude_9510_firmwareinspiron_5301_firmwaredell_g5_5590_firmwarelatitude_5310_firmwarevostro_3669vostro_14_5471_firmwarelatitude_3320vostro_13_5370latitude_5410_firmwarelatitude_7410inspiron_7706_2-in-1dell_g5_5590inspiron_3880_firmwareoptiplex_xe3inspiron_5770inspiron_7400precision_7550latitude_5488vostro_5490_firmwarelatitude_rugged_7424inspiron_5598latitude_7275_2-in-1_firmwareinspiron_5583_firmwarelatitude_3551_firmwareprecision_3440_firmwareinspiron_13_7378vostro_14_3478_firmwareinspiron_15_5578_firmwarelatitude_5500_firmwarealienware_area_51m_r1_firmwaredell_g7_7587_firmwarelatitude_e5470_firmwarevostro_3690optiplex_5250_firmwareinspiron_3490_firmwareoptiplex_7490_aiolatitude_5511_firmwareinspiron_3462_firmwareoptiplex_7460_all_in_onelatitude_3190_2-in-1latitude_5480_firmwareinspiron_5401inspiron_7400_firmwareprecision_7560inspiron_5590precision_3620_tower_firmwareoptiplex_7450_firmwareinspiron_7386inspiron_15_7573vostro_3562latitude_rugged_5424dell_g3_3590latitude_7310latitude_3500vostro_3470inspiron_7506_2-in-1_firmwarevostro_14_5468inspiron_3480_aioprecision_3930_rack_firmwareinspiron_7791latitude_5300_firmwaredell_g5_5000_firmwarevostro_3881_firmwareprecision_5530_2-in-1latitude_7290latitude_7414_rugged_extremevostro_5481latitude_5290_2-in-1_firmwarealienware_aurora_r8latitude_3590inspiron_7610_firmwarealienware_aurora_r12latitude_3480_firmwareinspiron_15_5582latitude_rugged_7220latitude_7380_firmwarelatitude_12_5289_2-in-1vostro_3581_firmwareinspiron_5410inspiron_3671inspiron_5409_firmwareoptiplex_7050_firmwareoptiplex_7090_tower_firmwareinspiron_14_3473inspiron_14_3473_firmwareprecision_7740precision_3450vostro_5880_firmwareoptiplex_3240_all-in-one_firmwareprecision_5820_tower_firmwarelatitude_3400inspiron_7500alienware_x15_r1vostro_5502_firmwaredell_g3_3779inspiron_5408inspiron_5580_firmwareoptiplex_5070inspiron_5480latitude_5420_firmwareprecision_3540latitude_5591vostro_3660precision_3541precision_3620_towervostro_5590_firmwarevostro_3400optiplex_7440_aio_firmwareinspiron_5391latitude_5175_firmwarelatitude_7480latitude_7210_2-in-1_firmwarelatitude_7400_2-in-1_firmwareinspiron_7777_aiovostro_15_5510_firmwarevostro_3401_firmwarelatitude_5400_firmwareinspiron_3502optiplex_7070precision_3431_tower_firmwaredell_g15_5511_firmwareinspiron_5400_2-in-1_firmwareinspiron_3782_firmwarevostro_3481_firmwarelatitude_5590_firmwareoptiplex_7090_uff_firmwareoptiplex_3050_firmwarevostro_3890optiplex_7780_all-in-onechengming_3980_firmwareprecision_5750_firmwareoptiplex_3046inspiron_5401_firmwarevostro_15_3578_firmwarevostro_3669_firmwarelatitude_9410inspiron_3593vostro_15_7580inspiron_7590precision_3520vostro_14_3468_firmwarealienware_15_r3_firmwareprecision_5510_firmwaredell_g5_5090dell_g7_7700vostro_15_3568alienware_m15_r4latitude_7480_firmwarelatitude_e5570latitude_7400_2-in-1alienware_m15_r1latitude_13_7390_2-in-1vostro_5090inspiron_3780_firmwarelatitude_5590alienware_13_r3_firmwarelatitude_5501latitude_rugged_7220exvostro_3670latitude_3400_firmwaredell_g3_3579vostro_5890latitude_7300optiplex_5080inspiron_3880latitude_5591_firmwarevostro_3582_firmwarelatitude_5501_firmwareinspiron_13_7370optiplex_5490_aiovostro_5581_firmwarelatitude_e5570_firmwareinspiron_3268vostro_3671_firmwarevostro_5402_firmwareinspiron_5580precision_7540vostro_15_5510precision_5540_firmwarevostro_3583inspiron_3477_aio_firmwareoptiplex_7070_uff_firmwareinspiron_7790_firmwarevostro_5591_firmwarealienware_m15_r3alienware_m17_r4_firmwarelatitude_5510inspiron_5481_firmwareprecision_3440inspiron_7380_firmwaredell_g7_7500_firmwareinspiron_13_7370_firmwarelatitude_5401vostro_5301latitude_rugged_7220_firmwarevostro_5490alienware_17_r5_firmwarelatitude_7320dell_g15_5511inspiron_3482_firmwareinspiron_5482_firmwarevostro_3584inspiron_15_7572_firmwarelatitude_e5270optiplex_3070latitude_3301vostro_3400_firmwareoptiplex_5040_firmwarevostro_5300inspiron_15_3567_firmwareinspiron_14_5410_firmwareinspiron_3472_firmwareinspiron_7786optiplex_7071alienware_area_51m_r1latitude_13_7389_2-in-1_firmwarelatitude_e5270_firmwareprecision_7730vostro_3890_firmwareinspiron_5406_2-in-1_firmwarelatitude_5580inspiron_15_5518optiplex_3080vostro_5502vostro_15_3568_firmwareinspiron_5598_firmwareinspiron_5490inspiron_5584vostro_3481precision_7760vostro_3501precision_7730_firmwaredell_g7_7587inspiron_5406_2-in-1vostro_5391_firmwarelatitude_12_7280_ultrabooklatitude_7320_detachable_firmwareoptiplex_7070_uffalienware_x15_r1_firmwareprecision_3550inspiron_7586_firmwarelatitude_5290_firmwarelatitude_3520latitude_3510inspiron_5593precision_5820_towerlatitude_5520inspiron_3670_firmwareinspiron_14_3467_firmwareoptiplex_3090latitude_5411_firmwareinspiron_13_7000_firmwarelatitude_5290_2-in-1inspiron_3668_firmwareoptiplex_7050inspiron_5300optiplex_7780_all-in-one_firmwarelatitude_5285_2-in-1optiplex_5260_all-in-oneinspiron_7501_firmwarevostro_3583_firmwareinspiron_5477_aio_firmwareinspiron_5391_firmwareinspiron_7580_firmwareoptiplex_7440_aioinspiron_7390_firmwarealienware_15_r3optiplex_5040precision_5510alienware_aurora_r11latitude_5401_firmwareinspiron_15_5566inspiron_15_gaming_7577_firmwaredell_g5_5500latitude_13_7370_ultrabookalienware_17_r5latitude_14_rugged_5414vostro_3671inspiron_5402_firmwareinspiron_7590_firmwarelatitude_5500inspiron_3582inspiron_7591_firmwareoptiplex_5270_all-in-onevostro_7500_firmwareinspiron_3472optiplex_3060_firmwarelatitude_5179_firmwareprecision_7530inspiron_5493_firmwareinspiron_5591_2-in-1_firmwarevostro_15_3572inspiron_3668precision_7560_firmwareinspiron_3881_firmwareinspiron_7490_firmwareprecision_5720_aiovostro_3501_firmwareinspiron_3476_firmwareinspiron_3781_firmwareinspiron_3790_firmwarelatitude_12_rugged_extreme_7214inspiron_3462vostro_15_5410_firmwareinspiron_3511_firmwarevostro_3668latitude_5421latitude_5280latitude_rugged_5420latitude_3310inspiron_5508precision_3240_cffinspiron_5491_2-in-1_firmwareoptiplex_3050_aio_firmwareoptiplex_5480_all-in-one_firmwarealienware_m17_r1_firmwareinspiron_5593_firmwarelatitude_5480vostro_5591inspiron_5481vostro_7510_firmwareoptiplex_3060inspiron_5310_firmwareinspiron_5491_2-in-1dell_g7_7700_firmwareinspiron_3471_firmwarelatitude_3420_firmwarevostro_5090_firmwareoptiplex_7480_all-in-oneoptiplex_3070_firmwarevostro_3581inspiron_13_7000vostro_5301_firmwarevostro_15_5410latitude_5490precision_5530latitude_7380inspiron_3481inspiron_3510inspiron_7391_firmwareinspiron_17_7773_firmwarealienware_area_51m_r2_firmwareoptiplex_3090_firmwarevostro_5300_firmwarevostro_5310_firmwareinspiron_5584_firmwarevostro_7590latitude_5175vostro_5590alienware_m17_r1precision_5530_2-in-1_firmwareinspiron_3502_firmwarelatitude_3570_firmwareinspiron_7391inspiron_7390latitude_9420_firmwareinspiron_5480_firmwarevostro_14_3468dell_g15_5510_firmwarevostro_3490_firmwaredell_g7_7588_firmwareinspiron_5370precision_3560_firmwaredell_g7_7500optiplex_5080_firmwarealienware_m17_r3_firmwareinspiron_13_5379latitude_5510_firmwaredell_g5_5090_firmwarevostro_3888_firmwareinspiron_15_5518_firmwarealienware_x17_r1_firmwareinspiron_3671_firmwarelatitude_3490latitude_3510_firmwareinspiron_5300_firmwarelatitude_3190vostro_15_7570alienware_15_r4precision_7920_tower_firmwareinspiron_7501inspiron_5502_firmwarelatitude_5320_firmwareinspiron_13_7373_firmwareinspiron_5490_aiooptiplex_3050_aiochengming_3988_firmwareinspiron_7706_2-in-1_firmwareinspiron_3576inspiron_13_5378inspiron_13_5378_firmwarechengming_3988latitude_12_7280_ultrabook_firmwareinspiron_3582_firmwarevostro_3582inspiron_3782latitude_12_5289_2-in-1_firmwarelatitude_5290inspiron_3490latitude_5421_firmwareprecision_7510alienware_area_51m_r2optiplex_5270_all-in-one_firmwareprecision_5520vostro_3580_firmwarelatitude_5420inspiron_13_7378_firmwaredell_g7_7790latitude_5285_2-in-1_firmwarevostro_3480_firmwareinspiron_7300_firmwarelatitude_5400inspiron_3280_firmwarelatitude_rugged_7220ex_firmwareprecision_3630_tower_firmwarealienware_m17_r4latitude_5320inspiron_5491_aio_firmwareinspiron_5409vostro_3590optiplex_5090_towerinspiron_3501inspiron_3482inspiron_7510_firmwarelatitude_3380_firmwarevostro_5401precision_7920_toweroptiplex_7460_all_in_one_firmwareinspiron_5509_firmwarevostro_3471vostro_14_5471inspiron_3780latitude_5288_firmwarevostro_3268_firmwarevostro_15_7580_firmwareinspiron_7510precision_3450_firmwareprecision_3541_firmwareinspiron_5570_firmwarealienware_15_r4_firmwaredell_g3_3500_firmwareinspiron_13_5379_firmwareprecision_3420_tower_firmwarechengming_3990_firmwareinspiron_5591_2-in-1latitude_7320_detachableinspiron_7306_2-in-1latitude_3580latitude_3380latitude_7210_2-in-1vostro_5391inspiron_5590_firmwareinspiron_7380optiplex_7470_all-in-oneinspiron_3480_firmwareinspiron_15_7572inspiron_3481_firmwarelatitude_3120_firmwareprecision_7510_firmwarelatitude_7290_firmwareinspiron_3580_firmwareinspiron_3576_firmwareinspiron_5402vostro_3580latitude_7410_firmwareinspiron_7791_firmwareinspiron_5493inspiron_5501_firmwarelatitude_3490_firmwarelatitude_13_7389_2-in-1precision_7540_firmwareoptiplex_5060latitude_7390precision_5550_firmwareinspiron_15_5566_firmwareprecision_7520latitude_e7470_firmwarelatitude_rugged_5420_firmwareprecision_7760_firmwareinspiron_7700_aio_firmwarelatitude_5491inspiron_14_5410inspiron_15_5579precision_7550_firmwareprecision_7720_firmwarevostro_15_3578vostro_15_7570_firmwaredell_g3_3779_firmwarelatitude_5490_firmwareoptiplex_7770_all-in-one_firmwarelatitude_3500_firmwareinspiron_3593_firmwarevostro_15_3572_firmwarealienware_aurora_r8_firmwarealienware_m15_r2optiplex_7770_all-in-onedell_g3_3500latitude_3520_firmwarelatitude_7490_firmwareoptiplex_7760_aioinspiron_3277_aiolatitude_5310latitude_3470vostro_3590_firmwarelatitude_7390_firmwareinspiron_5400_aio_firmwarelatitude_3480chengming_3980inspiron_3590_firmwareinspiron_5400_aiochengming_3990inspiron_3471inspiron_13_7373precision_7530_firmwareinspiron_5301latitude_12_rugged_tablet_7212optiplex_7080inspiron_3493_firmwarevostro_3470_firmwareinspiron_7506_2-in-1inspiron_7300_2-in-1_firmwareinspiron_3470inspiron_3268_firmwarelatitude_3190_2-in-1_firmwarevostro_3681latitude_3320_firmwareinspiron_7306_2-in-1_firmwareoptiplex_5060_firmwareoptiplex_5050inspiron_3476chengming_3977_firmwareinspiron_5501optiplex_5090_tower_firmwareinspiron_7472latitude_14_rugged_5414_firmwareinspiron_5594_firmwarevostro_3510chengming_3991inspiron_3781inspiron_15_7570inspiron_15_3567vostro_3667_firmwarelatitude_3189_firmwarelatitude_3180_firmwareoptiplex_3050optiplex_3280_all-in-one_firmwarevostro_3490latitude_12_rugged_tablet_7212_firmwarelatitude_3379_firmwareprecision_7520_firmwarevostro_3670_firmwarelatitude_3310_2-in-1latitude_5300_2-in-1latitude_5179latitude_7490latitude_3570inspiron_7591inspiron_5594inspiron_3511latitude_3180latitude_3190_firmwarevostro_3268latitude_e7470vostro_3584_firmwarelatitude_3300_firmwareprecision_7710_firmwarevostro_5401_firmwarelatitude_7414_rugged_extreme_firmwareprecision_3630_towervostro_3070_firmwarevostro_15_5568_firmwarelatitude_7275_2-in-1precision_3640vostro_13_5370_firmwarelatitude_7300_firmwareoptiplex_3280_all-in-oneoptiplex_7090_uffvostro_5481_firmwaredell_g7_7590_firmwarevostro_5890_firmwareinspiron_5498latitude_7400_firmwareinspiron_3280vostro_3510_firmwareoptiplex_5250inspiron_3881inspiron_3501_firmwareoptiplex_7080_firmwarelatitude_5491_firmwarelatitude_9420dell_g5_5500_firmwarelatitude_rugged_5424_firmwareoptiplex_7760_aio_firmwareinspiron_15_7573_firmwarevostro_3660_firmwareinspiron_5491_aiovostro_3681_firmwarelatitude_3590_firmwareoptiplex_5490_aio_firmwarealienware_aurora_r11_firmwarelatitude_5520_firmwareinspiron_5498_firmwarelatitude_9520_firmwarelatitude_13_7390_2-in-1_firmwareoptiplex_3046_firmwareinspiron_5410_firmwareprecision_7750_firmwarevostro_3267_firmwareinspiron_3581_firmwarelatitude_rugged_7424_firmwaredell_g3_3590_firmwarelatitude_12_7285alienware_m15_r2_firmwareprecision_3430_tower_firmwareinspiron_5390_firmwarelatitude_3379latitude_7420_firmwarevostro_5491inspiron_3480_aio_firmwareoptiplex_7040_firmwareprecision_7710alienware_m15_r1_firmwarealienware_13_r3optiplex_7490_aio_firmwarelatitude_7310_firmwareinspiron_15_gaming_7577vostro_3562_firmwarevostro_14_5468_firmwarelatitude_12_rugged_extreme_7214_firmwarelatitude_3551vostro_5390_firmwarelatitude_5300_2-in-1_firmwareprecision_3420_towerinspiron_3581latitude_3410precision_3520_firmwareinspiron_5494latitude_5310_2_in_1vostro_5501_firmwarelatitude_9410_firmwareinspiron_7500_2-in-1latitude_5411vostro_3471_firmwareinspiron_7580inspiron_3891_firmwareinspiron_5770_firmwarevostro_3070latitude_7320_firmwareoptiplex_5480_all-in-oneoptiplex_xe3_firmwareinspiron_15_3573precision_5530_firmwareinspiron_7300inspiron_3891optiplex_3040_firmwareembedded_box_pc_5000optiplex_7450vostro_5402vostro_14_3478inspiron_7777_aio_firmwareprecision_3240_cff_firmwareinspiron_5509vostro_3500inspiron_7790precision_3430_towerinspiron_5390latitude_3390latitude_5300inspiron_17_7773latitude_5521_firmwareinspiron_7300_2-in-1latitude_3300optiplex_5070_firmwarealienware_17_r4vostro_5310vostro_7510vostro_3500_firmwarevostro_7500inspiron_7386_firmwarevostro_3690_firmwarealienware_m15_r3_firmwareinspiron_3590latitude_5521latitude_9510optiplex_7070_firmwareoptiplex_7090_toweralienware_aurora_r9_firmwarelatitude_7400vostro_15_5568latitude_5288vostro_3881precision_3530precision_3930_rackinspiron_3670inspiron_5508_firmwareinspiron_7500_2-in-1_firmwareoptiplex_5050_firmwarelatitude_5488_firmwareinspiron_3790alienware_m15_r4_firmwarechengming_3977optiplex_3040optiplex_3080_firmwareinspiron_7472_firmwareinspiron_5401_aio_firmwarelatitude_3470_firmwareprecision_7720inspiron_5401_aiolatitude_3420inspiron_14_3467inspiron_5583latitude_3310_firmwareoptiplex_7480_all-in-one_firmwareinspiron_3793_firmwarelatitude_3410_firmwaredell_g7_7588precision_5720_aio_firmwarelatitude_5511precision_3510precision_7820_tower_firmwareinspiron_5408_firmwarelatitude_3189latitude_7200_2-in-1vostro_3668_firmwareprecision_3510_firmwareprecision_7820_towerinspiron_15_5582_firmwarealienware_m17_r3inspiron_15_7570_firmwarealienware_x17_r1dell_g7_7590inspiron_5400_2-in-1inspiron_5482inspiron_7700_aiovostro_7590_firmwarealienware_m17_r2latitude_5410latitude_7420optiplex_5260_all-in-one_firmwareprecision_5520_firmwareinspiron_5494_firmwareinspiron_5310precision_3640_firmwarelatitude_5280_firmwareinspiron_5490_aio_firmwareoptiplex_7060inspiron_3510_firmwareprecision_5550vostro_3888precision_3560latitude_3301_firmwarelatitude_e7270latitude_3120precision_3540_firmwarelatitude_12_7285_firmwareoptiplex_7040precision_3550_firmwareinspiron_15_5579_firmwareoptiplex_7470_all-in-one_firmwareprecision_7750alienware_aurora_r9dell_g3_3579_firmwarelatitude_3580_firmwareinspiron_5570precision_3530_firmwareprecision_7740_firmwaredell_g5_5000vostro_5491_firmwareinspiron_7586vostro_5390precision_3431_towerprecision_3561vostro_5880inspiron_3793latitude_3390_firmwareinspiron_15_5578inspiron_5680vostro_3667latitude_e7270_firmwareprecision_5750inspiron_7500_firmwareinspiron_7490chengming_3991_firmwareinspiron_3277_aio_firmwarelatitude_5580_firmwareinspiron_5680_firmwareoptiplex_7060_firmwareinspiron_7786_firmwareinspiron_5490_firmwarelatitude_7520_firmwarelatitude_3310_2-in-1_firmwarevostro_5581latitude_5310_2_in_1_firmwarelatitude_13_7370_ultrabook_firmwareinspiron_5370_firmwarealienware_m17_r2_firmwareinspiron_5502vostro_3480latitude_9520precision_5540inspiron_3493optiplex_7071_firmwarelatitude_e5470inspiron_7610dell_g7_7790_firmwarevostro_3267inspiron_3477_aioCPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2008-6252
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.41% / 61.66%
||
7 Day CHG~0.00%
Published-24 Feb, 2009 | 18:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the smc program in smcFanControl 2.1.2 allows local users to execute arbitrary code and gain privileges via a long -k option.

Action-Not Available
Vendor-smcfancontroln/a
Product-smcfancontroln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3110
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.04% / 13.38%
||
7 Day CHG~0.00%
Published-12 Oct, 2010 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aopenSUSENovell
Product-suse_linuxopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-3330
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.2||HIGH
EPSS-1.47% / 81.12%
||
7 Day CHG~0.00%
Published-04 Nov, 2011 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the UnitelWay Windows Device Driver, as used in Schneider Electric Unity Pro 6 and earlier, OPC Factory Server 3.34, Vijeo Citect 7.20 and earlier, Telemecanique Driver Pack 2.6 and earlier, Monitor Pro 7.6 and earlier, and PL7 Pro 4.5 and earlier, allows local users, and possibly remote attackers, to execute arbitrary code via an unspecified system parameter.

Action-Not Available
Vendor-n/aSchneider Electric SE
Product-vijeo_citectopc_factory_servermonitor_prounity_protelemecanique_driver_packpl7_pron/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-7083
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.38% / 59.29%
||
7 Day CHG~0.00%
Published-11 Dec, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7084.

Action-Not Available
Vendor-n/aApple Inc.
Product-tvosiphone_osmac_os_xwatchosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10012
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.45%
||
7 Day CHG~0.00%
Published-05 Jan, 2017 | 00:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.

Action-Not Available
Vendor-n/aOpenBSD
Product-opensshn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-31979
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-7.03% / 91.59%
||
7 Day CHG-0.33%
Published-14 Jul, 2021 | 17:53
Updated-29 Oct, 2025 | 16:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7windows_server_2012windows_10_1809windows_rt_8.1windows_10_2004windows_8.1windows_10_1507windows_10_1909windows_server_2008windows_10_21h1windows_server_2004windows_10_1607windows_server_20h2windows_server_2019windows_10_20h2windows_server_2016Windows 10 Version 2004Windows Server 2016 (Server Core installation)Windows Server 2012Windows 8.1Windows Server 2008 Service Pack 2Windows Server 2019 (Server Core installation)Windows 7Windows 10 Version 21H1Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 1909Windows Server 2012 (Server Core installation)Windows Server 2019Windows 10 Version 1507Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows 7 Service Pack 1Windows Server 2012 R2Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2Windows Server 2008 R2 Service Pack 1Windows Server 2016Windows Server version 20H2Windows Server version 2004Windows
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-30289
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.57%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of range check while processing a DIAG command for COEX management in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9628_firmwaremdm9650fsm10055_firmwareqcs4290wcn3950_firmwaremdm9250sa8150p_firmwareqca6420_firmwareqca6595au_firmwareqcs2290sd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sdw2500_firmwaresd_8cx_firmwarewcn3950wcd9326_firmwaremdm9628sd720gmdm9206_firmwareqsw8573_firmwarewcn3615_firmwarewcn3660bsd662sd460_firmwareqca6584qca6574au_firmwarewcn3680b_firmwareqca6595ausdx12_firmwarewcd9375_firmwarewcn3615msm8909wwcn3998_firmwareapq8009w_firmwareqca6420wcn3610_firmwaremdm9207qca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwarewcd9306mdm8207sm6225sd429qca9367qca4004_firmwaremdm9607_firmwaresd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sa6145p_firmwaresd205sd429_firmwaresm6250wcd9306_firmwarewcd9340sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwarefsm10056_firmwarewcd9326wcd9335sa6155pqcs603_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9341qca6696_firmwarewcn3910_firmwarewcd9375sd_8cxaqt1000sa8150psm6250_firmwaremdm9207_firmwareqca4004sda429wsd210sd855_firmwaresd660wcn3620_firmwaresdx20_firmwarewcn3988wsa8815_firmwaresd660_firmwarewcn3620sa8195p_firmwareapq8017qca6564awcn3610mdm9640qcm2290_firmwarewcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wmsm8996au_firmwarewcd9330qca6564ausdx24qet4101_firmwaremsm8909w_firmwareqca6574msm8996ausdm429w_firmwaresd665_firmwarewcd9380sd850sm6250pqualcomm215qcs410qca6574amdm9206qca6174asdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qsw8573mdm9205qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815sd665sd7cwcn3910qca6584_firmwaremdm9650_firmwarewcn3660b_firmwareqca6574a_firmwaresd850_firmwarewcn3980_firmwaresd460sd730sdxr1_firmwarewcd9330_firmwareaqt1000_firmwaresd678_firmwareqcm4290csrb31024_firmwaresdx20qcs603sm6225_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwareqca6564a_firmwareapq8009wwcd9341_firmwareqcm4290_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150sa6145pwcn3680bsdxr1apq8096ausa8145pmdm8207_firmwareqca6696mdm9205_firmwaresd845_firmwarewcd9370_firmwaresa6150psdw2500apq8096au_firmwaresa8155psd675sd845qet4101sd720g_firmwaresdx12qcs410_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-30316
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.93%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678sa6150p_firmwarewsa8830sa8145p_firmwareqcs610fsm10056wcd9360_firmwarecsra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwareqca6595au_firmwaresa6155wcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998wcd9385_firmwarewcn3950sd720gwcn3660bsa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3998_firmwarewcn3610_firmwarewcd9360qca6564au_firmwareqca6584ausa6155p_firmwaresd778gsa515m_firmwareqcs6490sa8155_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwarefsm10056_firmwarewcn6851wcd9335sa6155pqca6174a_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwarewcd9375sa8150psm6250_firmwarewsa8830_firmwaresda429wsd660wcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988sd660_firmwarewcn3620wcn6850_firmwaresa8195p_firmwarewsa8815_firmwarewsa8835_firmwareqcx315qca6564awcn6750_firmwarewcn3610wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sd780gqca6595qca6564auwcn6856_firmwaresd888wsa8835qca6574qcx315_firmwarewcd9380sd888_5gqcs410qca6574awcn6855_firmwareqca6174asm7325wcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwarewsa8815wcn6850wcn3660b_firmwareqca6574a_firmwarewcn3980_firmwareqca6391wcn6740_firmwaresd678_firmwarear8031_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwaresd480wsa8810wcn6855qcs610_firmwaremdm9150wcn6856sa6145pwcn3680bar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sd720g_firmwaresdx12qcs410_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-3645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-10 Oct, 2008 | 10:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the local IPC component in the EAPOLController plugin for configd (Networking component) in Mac OS X 10.4.11 and 10.5.5 allows local users to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-0779
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.48%
||
7 Day CHG~0.00%
Published-04 Mar, 2009 | 11:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in pppdial in IBM AIX 5.3 and 6.1 allows local users to gain privileges via a long "input string."

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2513
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 28.46%
||
7 Day CHG~0.00%
Published-02 Jun, 2008 | 14:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5866
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.04%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_425sd_430_firmwaremdm9607_firmwaremdm9650sd_650_firmwaresd_625sd_210mdm9607sd_650sd_450_firmwaresd_845_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sda660_firmwaresd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sda660sd_210_firmwaresd_652_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-7077
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.28% / 51.42%
||
7 Day CHG~0.00%
Published-11 Dec, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5848
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.27% / 50.56%
||
7 Day CHG~0.00%
Published-19 Dec, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5870
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.47%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_835_firmwaresdx24_firmwaresd_835sda660sda660_firmwaresdx24Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5867
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632mdm9635m_firmwaresd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450mdm9635msd_845mdm9206_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130sd_205_firmwaresd_650_firmwaresd_212sd_427_firmwaresd_712sd_412sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625sd_210mdm9607sd_636_firmwaresd_820_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5917
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.64%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_425_firmwaresd_820asd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450msm8996au_firmwaresda845_firmwaresda660_firmwaresd_425sdx24sd_845sd_430_firmwaresd_430sd_625sd_820_firmwaresd_835_firmwaremsm8996ausd_820sd_835sd_450_firmwaresda660sd_845_firmwaresxr1130_firmwaresxr1130sd_820a_firmwaresda845Snapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-7108
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.97% / 76.91%
||
7 Day CHG~0.00%
Published-11 Dec, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth HCI interface in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4794
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.84%
||
7 Day CHG~0.00%
Published-10 Sep, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5868
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.26%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_820amsm8996au_firmwaresd_670_firmwaresd_425sdx24sd_430_firmwaresd_710_firmwaresd_625sd_820_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaresd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_712_firmwaresda660_firmwaresd_845sd_430sd_670sd_835_firmwaresd_710sd_835sda660sxr1130_firmwaresxr1130Snapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5835
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.43%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If the seq_len is greater then CSR_MAX_RSC_LEN, a buffer overflow in __wlan_hdd_cfg80211_add_key() may occur when copying keyRSC in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5877
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.47%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresd_820amsm8996au_firmwaresdx20mdm9607_firmwaremdm9655_firmwaremdm9650msm8909w_firmwaremdm9607msm8996ausd_210sd_820_firmwaresd_820sd_820a_firmwaremdm9206sd_212_firmwaremdm9655sda660_firmwaremdm9206_firmwaresd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205sd_835sda660sd_210_firmwaresd_600msm8909wsd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6251
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.55%
||
7 Day CHG~0.00%
Published-02 Apr, 2018 | 16:00
Updated-16 Sep, 2024 | 23:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgpu_driverGPU Display Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-6242
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-6.8||MEDIUM
EPSS-11.82% / 93.81%
||
7 Day CHG~0.00%
Published-01 May, 2018 | 20:00
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some NVIDIA Tegra mobile processors released prior to 2016 contain a buffer overflow vulnerability in BootROM Recovery Mode (RCM). An attacker with physical access to the device's USB and the ability to force the device to reboot into RCM could exploit the vulnerability to execute unverified code.

Action-Not Available
Vendor-NVIDIA Corporation
Product-tegra_bootrom_rcmtegra_mobile_processorSome NVIDIA Tegra Mobile Processors
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5912
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.64%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_850_firmwaresd_625_firmwaresd_450msm8996au_firmwaresda660_firmwaresd_845sd_625sd_820_firmwaresd_835_firmwaremsm8996ausd_820sd_835sd_450_firmwaresda660sd_845_firmwaresd_820a_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5830
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.74%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 04:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing the HTT_T2H_MSG_TYPE_MGMT_TX_COMPL_IND message, a buffer overflow can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.71%
||
7 Day CHG~0.00%
Published-10 Sep, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3990
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-9.3||CRITICAL
EPSS-0.17% / 38.21%
||
7 Day CHG~0.00%
Published-05 Feb, 2019 | 22:00
Updated-05 Aug, 2024 | 04:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability.

Action-Not Available
Vendor-wibun/aMicrosoft Corporation
Product-windowswibukeyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5189
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 41.69%
||
7 Day CHG~0.00%
Published-11 Jan, 2018 | 16:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability.

Action-Not Available
Vendor-jungon/a
Product-windrivern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3670
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.56%
||
7 Day CHG~0.00%
Published-01 Aug, 2018 | 15:00
Updated-17 Sep, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a buffer overflow.

Action-Not Available
Vendor-Intel Corporation
Product-intel_smart_sound_technologySmart Sound Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3657
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.26% / 49.77%
||
7 Day CHG~0.00%
Published-12 Sep, 2018 | 19:00
Updated-16 Sep, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Intel AMT in Intel CSME firmware versions before version 12.0.5 may allow a privileged user to potentially execute arbitrary code with Intel AMT execution privilege via local access.

Action-Not Available
Vendor-Intel CorporationSiemens AG
Product-manageability_engine_firmwaresimatic_ipc677d_firmwaresimatic_ipc477e_firmwaresimatic_ipc427e_firmwaresimatic_ipc647d_firmwaresimatic_ipc427esimatic_ipc647dsimatic_ipc547e_firmwaresimatic_ipc627dsimatic_pc547esimatic_ipc847dsimatic_ipc827dsimatic_ipc547gsimatic_field_pg_m5_firmwaresimatic_ipc847d_firmwaresimatic_pc547g_firmwaresimatic_ipc677dsimatic_ipc627d_firmwaresimatic_itp1000_firmwaresimatic_ipc827d_firmwareconverged_security_management_engine_firmwaresimatic_ipc477esimatic_field_pg_m5simatic_itp1000active_management_technology_firmwareIntel(R) Active Management Technology
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3583
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.31%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 04:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow can occur while processing an extscan hotlist event in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9379, QCS605, SD 625, SD 636, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_855mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sdm660sdm630mdm9607_firmwaremdm9650sd_636sd_625msm8909w_firmwaremdm9607msm8996ausd_636_firmwaresd_820_firmwaresd_820sd_820a_firmwareqcs605_firmwaremdm9206qca9379_firmwaresd_625_firmwaresd_855_firmwaresdm630_firmwaresda660_firmwaremdm9206_firmwareqcs605sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sda660msm8909wqca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-20331
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.33%
||
7 Day CHG~0.00%
Published-23 Dec, 2018 | 02:00
Updated-05 Aug, 2024 | 11:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002004 by the ssdt.sys kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation. A failed exploit could lead to denial of service.

Action-Not Available
Vendor-antiyn/a
Product-anti_virus_lab_atooln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1980
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2019 | 22:00
Updated-17 Sep, 2024 | 01:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154078.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-1978
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-11 Mar, 2019 | 22:00
Updated-16 Sep, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 154069.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found