Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2009-0449

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Feb, 2009 | 20:00
Updated At-07 Aug, 2024 | 04:31
Rejected At-
Credits

Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Feb, 2009 | 20:00
Updated At:07 Aug, 2024 | 04:31
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1
x_refsource_MISC
http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip
x_refsource_MISC
http://www.securitytracker.com/id?1021661
vdb-entry
x_refsource_SECTRACK
http://www.wintercore.com/advisories/advisory_W020209.html
x_refsource_MISC
http://www.securityfocus.com/archive/1/500606/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/33561
vdb-entry
x_refsource_BID
http://secunia.com/advisories/33788
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1
Resource:
x_refsource_MISC
Hyperlink: http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip
Resource:
x_refsource_MISC
Hyperlink: http://www.securitytracker.com/id?1021661
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.wintercore.com/advisories/advisory_W020209.html
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/500606/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/bid/33561
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/33788
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1
x_refsource_MISC
x_transferred
http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip
x_refsource_MISC
x_transferred
http://www.securitytracker.com/id?1021661
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.wintercore.com/advisories/advisory_W020209.html
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/500606/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/bid/33561
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/33788
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securitytracker.com/id?1021661
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.wintercore.com/advisories/advisory_W020209.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/500606/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/bid/33561
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/33788
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Feb, 2009 | 07:00
Updated At:11 Oct, 2018 | 21:01

Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Kaspersky Lab
kaspersky_lab
>>kaspersky_anti-virus>>6.0
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:workstations:*:*:*:*:*
Kaspersky Lab
kaspersky_lab
>>kaspersky_anti-virus>>2008
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:2008:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zipcve@mitre.org
N/A
http://secunia.com/advisories/33788cve@mitre.org
Vendor Advisory
http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/500606/100/0/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/33561cve@mitre.org
Exploit
http://www.securitytracker.com/id?1021661cve@mitre.org
N/A
http://www.wintercore.com/advisories/advisory_W020209.htmlcve@mitre.org
N/A
Hyperlink: http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/33788
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/500606/100/0/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/33561
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.securitytracker.com/id?1021661
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.wintercore.com/advisories/advisory_W020209.html
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

482Records found
CVE-2015-3697
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-0365
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.16% / 37.33%
||
7 Day CHG~0.00%
Published-18 Jan, 2008 | 22:00
Updated-07 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments to (1) IOCTL functions in the Firewall module or (2) SSDT hook handler functions in the Registry module.

Action-Not Available
Vendor-core_security_technologiesn/a
Product-core_forcen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3695
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3699
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3698
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5764
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.90%
||
7 Day CHG~0.00%
Published-25 Jan, 2008 | 00:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3800
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 22.48%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DiskImages component in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption and application crash) via a malformed DMG image.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3702
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.18%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3772
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 16.33%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOFireWireFamily in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3769 and CVE-2015-3771.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3700
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.18%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3696
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6227
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.32% / 54.72%
||
7 Day CHG~0.00%
Published-04 Dec, 2007 | 18:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating system to overwrite the TranslationBlock (code_gen_buffer) buffer, and probably have unspecified other impacts related to an "overflow," via certain Windows executable programs, as demonstrated by qemu-dos.com.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-4036
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.10% / 29.05%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3701
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.14% / 34.68%
||
7 Day CHG~0.00%
Published-03 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3702.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-36343
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.91%
||
7 Day CHG~0.00%
Published-24 Jan, 2022 | 20:10
Updated-16 Sep, 2024 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-inspiron_15_7570_firmwarelatitude_5401optiplex_7770_all-in-oneinspiron_3470latitude_e7270inspiron_7300_firmwarelatitude_3520precision_3561_firmwareinspiron_5590_firmwarelatitude_12_7280_ultrabook_firmwarelatitude_5179latitude_7380_firmwareinspiron_5570inspiron_7490latitude_14_rugged_5414latitude_e5270alienware_15_r3_firmwarelatitude_9420inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080inspiron_5400_aioinspiron_5502latitude_5511dell_g7_7590_firmwareinspiron_7501inspiron_7300_2-in-1inspiron_7777_aioprecision_5530_2-in-1precision_5550inspiron_7580_firmwarealienware_m15_r1_firmwaredell_g5_5000_firmwarealienware_m17_r3_firmwarelatitude_5300latitude_3380_firmwareoptiplex_7760_aioprecision_5530_firmwareoptiplex_5040latitude_rugged_5420inspiron_13_7370_firmwareoptiplex_5050alienware_aurora_r11latitude_7320latitude_3470inspiron_15_gaming_7577latitude_7300optiplex_3050_aioprecision_3620_towerprecision_3431_toweroptiplex_3060_firmwareinspiron_5490_aio_firmwarelatitude_3420inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_13_7370_ultrabooklatitude_12_rugged_tablet_7212_firmwareprecision_5520inspiron_7490_firmwareinspiron_5409precision_5720_aiolatitude_7400latitude_5591optiplex_5270_all-in-one_firmwareinspiron_5477_aio_firmwaredell_g3_3579inspiron_3471inspiron_3511_firmwareinspiron_13_7000_firmwarelatitude_3390optiplex_5050_firmwareoptiplex_7071_firmwareinspiron_14_5410latitude_5175_firmwareinspiron_13_7370inspiron_7586optiplex_3040_firmwarelatitude_3400optiplex_5070dell_g15_5510_firmwarelatitude_3420_firmwareinspiron_13_5378_firmwareinspiron_5491_2-in-1_firmwareinspiron_3277_aio_firmwareoptiplex_3090_firmwareoptiplex_3240_all-in-oneinspiron_7506_2-in-1_firmwarelatitude_7320_detachable_firmwarelatitude_9410optiplex_7070latitude_3570dell_g7_7700_firmwareoptiplex_7080_firmwareinspiron_5491_aio_firmwareinspiron_15_5578_firmwarelatitude_5310latitude_rugged_7424_firmwarelatitude_3301inspiron_5594alienware_aurora_r8alienware_x15_r1precision_3450latitude_7480_firmwareinspiron_7777_aio_firmwareoptiplex_7090_uff_firmwarelatitude_e5470_firmwarechengming_3977latitude_3190inspiron_3510_firmwarelatitude_13_7390_2-in-1_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_rugged_7424latitude_5488latitude_5521latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwareinspiron_7510_firmwareinspiron_3580_firmwarelatitude_7520inspiron_3781_firmwareinspiron_15_gaming_7577_firmwareinspiron_3510inspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1inspiron_5482precision_7820_toweroptiplex_3090latitude_7290dell_g3_3500_firmwarealienware_area_51m_r1inspiron_5402inspiron_3582inspiron_7700_aiolatitude_7480inspiron_7391_firmwareinspiron_5593latitude_5420_firmwareprecision_3561inspiron_7580inspiron_3668inspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3668_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1inspiron_3472latitude_3551optiplex_xe3_firmwareinspiron_7590optiplex_7070_firmwareoptiplex_5270_all-in-oneoptiplex_xe3precision_5510latitude_3301_firmwareinspiron_3502latitude_5491latitude_9520_firmwareoptiplex_7040inspiron_7386alienware_aurora_r12latitude_5520_firmwareoptiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400latitude_5410precision_3541optiplex_7050_firmwarelatitude_3379_firmwarelatitude_5401_firmwarealienware_m17_r3precision_5820_towerinspiron_3477_aio_firmwareinspiron_7380inspiron_7610latitude_7275_2-in-1_firmwaredell_g7_7588dell_g3_3779inspiron_5400_2-in-1dell_g7_7790_firmwareoptiplex_7770_all-in-one_firmwarelatitude_5400_firmwareinspiron_7610_firmwareinspiron_5400_2-in-1_firmwareinspiron_7391alienware_m17_r4optiplex_7460_all_in_one_firmwarelatitude_rugged_7220ex_firmwareprecision_3440optiplex_7470_all-in-oneoptiplex_5250_firmwareinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3576inspiron_3671_firmwareinspiron_7500_2-in-1_firmwareprecision_3550_firmwarelatitude_3310_firmwareinspiron_3781inspiron_3576_firmwareinspiron_5300_firmwareinspiron_3472_firmwarelatitude_3570_firmwareoptiplex_3050_firmwareinspiron_7590_firmwareinspiron_7791_firmwaredell_g7_7588_firmwareoptiplex_5090_towerinspiron_15_3567alienware_m15_r2_firmwareprecision_7920_towerdell_g7_7500_firmwareinspiron_5570_firmwarelatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareprecision_3530inspiron_3582_firmwarelatitude_5411_firmwarelatitude_3510_firmwareinspiron_3470_firmwareinspiron_3593inspiron_5370inspiron_15_5518_firmwarelatitude_13_7370_ultrabook_firmwareinspiron_3481_firmwareprecision_5530latitude_7275_2-in-1dell_g15_5511latitude_7310_firmwareoptiplex_7440_aioinspiron_15_5579_firmwareinspiron_7306_2-in-1inspiron_3790_firmwarelatitude_9510optiplex_3280_all-in-oneinspiron_5770_firmwareinspiron_7586_firmwaredell_g7_7590latitude_3180_firmwarealienware_m17_r1_firmwareinspiron_3581_firmwareinspiron_17_7773latitude_9510_firmwareinspiron_5406_2-in-1optiplex_5490_aio_firmwaredell_g5_5090latitude_3490_firmwarelatitude_5300_2-in-1_firmwareoptiplex_7070_uffinspiron_3511inspiron_5410inspiron_13_7373_firmwarelatitude_5280latitude_5179_firmwareoptiplex_7780_all-in-oneinspiron_5490inspiron_15_5578inspiron_3501_firmwarelatitude_5300_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareprecision_3930_rackinspiron_5391inspiron_5598inspiron_3482dell_g3_3579_firmwarelatitude_5320_firmwareoptiplex_3080alienware_m17_r1latitude_3480precision_3240_cff_firmwareinspiron_3782_firmwareprecision_5750alienware_m15_r4latitude_rugged_5424_firmwareoptiplex_7460_all_in_oneinspiron_13_7373inspiron_7591inspiron_5477_aiolatitude_7310inspiron_14_5410_firmwareinspiron_7790latitude_5421_firmwareinspiron_7500inspiron_7790_firmwarealienware_13_r3latitude_3379optiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980inspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_13_5379_firmwareoptiplex_7480_all-in-one_firmwareoptiplex_3240_all-in-one_firmwarelatitude_7390latitude_3390_firmwareinspiron_3462_firmwarealienware_aurora_r12_firmwarelatitude_3520_firmwareinspiron_5490_aiolatitude_5285_2-in-1_firmwarechengming_3991_firmwareprecision_3510_firmwareinspiron_7400inspiron_7500_2-in-1dell_g5_5590_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareoptiplex_5040_firmwareinspiron_3581inspiron_13_7378inspiron_15_5566_firmwarelatitude_5488_firmwarealienware_17_r5_firmwareinspiron_3480_aio_firmwareoptiplex_7090_uffinspiron_5583inspiron_7500_firmwareprecision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1inspiron_15_7572inspiron_7506_2-in-1dell_g7_7587_firmwareinspiron_3476_firmwareinspiron_3480_aioinspiron_5680latitude_7200_2-in-1latitude_5511_firmwareinspiron_15_7573_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550inspiron_3891_firmwarelatitude_7420_firmwareoptiplex_5070_firmwareinspiron_5501alienware_15_r4inspiron_5390_firmwarelatitude_3310_2-in-1optiplex_5090_tower_firmwaredell_g7_7500dell_g3_3590_firmwarelatitude_5490alienware_m17_r2inspiron_7390_firmwareprecision_5720_aio_firmwarelatitude_3190_2-in-1optiplex_7071inspiron_3277_aioinspiron_3891inspiron_7786latitude_9410_firmwarelatitude_5310_2_in_1_firmwarelatitude_12_5289_2-in-1_firmwarelatitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180inspiron_7300_2-in-1_firmwareinspiron_7706_2-in-1_firmwaredell_g7_7790inspiron_3268latitude_12_rugged_extreme_7214_firmwarelatitude_5300_2-in-1latitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarelatitude_12_rugged_tablet_7212latitude_e7470_firmwareoptiplex_5260_all-in-onedell_g3_3500inspiron_3476optiplex_7090_tower_firmwareinspiron_5491_aioinspiron_13_5378inspiron_3780inspiron_7380_firmwareinspiron_3462latitude_7390_firmwaredell_g3_3590latitude_5500_firmwarelatitude_5410_firmwarelatitude_3400_firmwarelatitude_3510precision_3560_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_17_7773_firmwarelatitude_e5570latitude_13_7389_2-in-1_firmwareinspiron_3880_firmwareinspiron_5310_firmwareinspiron_5501_firmwareoptiplex_3050precision_7820_tower_firmwareoptiplex_5080_firmwareinspiron_15_7570latitude_e5270_firmwareinspiron_5493_firmwarelatitude_rugged_5420_firmwareinspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwareinspiron_13_7000latitude_3470_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790latitude_rugged_5424inspiron_15_5566latitude_3190_firmwareinspiron_5494dell_g3_3779_firmwarelatitude_5500inspiron_15_5582inspiron_5508_firmwarelatitude_3500_firmwaredell_g15_5511_firmwarechengming_3991latitude_5288_firmwareinspiron_5400_aio_firmwareinspiron_5480inspiron_7501_firmwareoptiplex_7760_aio_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwareinspiron_7791latitude_5501latitude_7400_firmwarelatitude_3590precision_3450_firmwareinspiron_7472_firmwarechengming_3990inspiron_5301optiplex_7090_towerlatitude_5491_firmwareinspiron_3493precision_5750_firmwareoptiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarelatitude_3410_firmwarelatitude_5520inspiron_7510inspiron_7400_firmwareoptiplex_7490_aio_firmwareprecision_3530_firmwarelatitude_3320inspiron_5583_firmwarelatitude_5580_firmwarelatitude_3189precision_3240_cffinspiron_7472latitude_5175inspiron_14_3467_firmwareembedded_box_pc_5000latitude_3320_firmwareinspiron_3580inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9inspiron_15_5518alienware_area_51m_r2_firmwarelatitude_13_7390_2-in-1alienware_m15_r4_firmwarelatitude_5480alienware_15_r3inspiron_5310latitude_14_rugged_5414_firmwareoptiplex_3046latitude_13_7389_2-in-1inspiron_15_5582_firmwarealienware_x15_r1_firmwarelatitude_7300_firmwarelatitude_5421latitude_9420_firmwarelatitude_5510inspiron_5401_aio_firmwareinspiron_3593_firmwareoptiplex_7780_all-in-one_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwareinspiron_7786_firmwareprecision_3640_firmwarelatitude_3310_2-in-1_firmwareinspiron_15_5579latitude_5320inspiron_3477_aiolatitude_5310_2_in_1latitude_7410inspiron_3590_firmwarelatitude_5501_firmwareoptiplex_3280_all-in-one_firmwarelatitude_5411latitude_12_rugged_extreme_7214optiplex_7450_firmwareinspiron_7306_2-in-1_firmwareoptiplex_7450optiplex_3050_aio_firmwaredell_g5_5090_firmwaredell_g7_7587inspiron_15_3567_firmwareinspiron_5509latitude_3480_firmwarelatitude_3189_firmwarelatitude_7320_detachablelatitude_9520alienware_17_r5inspiron_15_3573_firmwareinspiron_5406_2-in-1_firmwareinspiron_5498optiplex_7440_aio_firmwarelatitude_7420inspiron_7591_firmwarelatitude_5290inspiron_5300inspiron_7706_2-in-1inspiron_5508precision_5550_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_15_7572_firmwareinspiron_5590inspiron_5301_firmwareinspiron_14_3467inspiron_3671inspiron_5408_firmwareinspiron_5498_firmwareprecision_5540alienware_17_r4inspiron_15_3573inspiron_14_3473inspiron_3480latitude_7520_firmwarelatitude_3490precision_3930_rack_firmwaredell_g5_5590inspiron_3670latitude_5420inspiron_7300inspiron_3793_firmwareinspiron_5402_firmwareinspiron_7390latitude_12_7280_ultrabookprecision_3430_tower_firmwarelatitude_3300_firmwarealienware_15_r4_firmwarelatitude_7400_2-in-1inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwareoptiplex_7490_aioinspiron_5410_firmwarelatitude_e5570_firmwareinspiron_5408precision_3540_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_12_7285_firmwarelatitude_3380dell_g5_5500precision_3431_tower_firmwaredell_g7_7700optiplex_3080_firmwarelatitude_3410precision_5510_firmwarelatitude_rugged_7220precision_3420_towerinspiron_3881latitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2dell_g5_5000latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501alienware_13_r3_firmwarelatitude_3500latitude_5310_firmwareinspiron_3793precision_3430_towerinspiron_5481_firmwareprecision_5520_firmwareoptiplex_5490_aiochengming_3988latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareprecision_5540_firmwareinspiron_5401_firmwaredell_g5_5500_firmwareinspiron_3268_firmwarelatitude_7320_firmwarelatitude_12_7285latitude_3120latitude_12_5289_2-in-1latitude_rugged_7220_firmwareprecision_3560inspiron_5401_aioprecision_3640alienware_17_r4_firmwareoptiplex_5260_all-in-one_firmwarelatitude_rugged_7220exinspiron_5509_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarealienware_aurora_r9_firmwareoptiplex_3070inspiron_13_7378_firmwareinspiron_3280optiplex_3040latitude_7290_firmwareinspiron_5370_firmwarelatitude_3551_firmwarechengming_3977_firmwareinspiron_5391_firmwareinspiron_5502_firmwareembedded_box_pc_5000_firmwareinspiron_15_7573optiplex_7050inspiron_3490_firmwareinspiron_5409_firmwareprecision_3510inspiron_13_5379inspiron_5390latitude_5288latitude_7490optiplex_7060_firmwareoptiplex_7070_uff_firmwarelatitude_5521_firmwareinspiron_5401inspiron_14_3473_firmwareoptiplex_5250precision_7920_tower_firmwaredell_g15_5510CPG BIOS
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2007-5848
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.27% / 50.24%
||
7 Day CHG~0.00%
Published-19 Dec, 2007 | 21:00
Updated-07 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2360
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-5.87% / 90.22%
||
7 Day CHG~0.00%
Published-10 Jun, 2015 | 01:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-15||Apply updates per vendor instructions.

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_rt_8.1windows_vistawindows_server_2003windows_server_2012windows_8.1n/aWin32k
CWE ID-CWE-416
Use After Free
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2549
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-2.05% / 83.14%
||
7 Day CHG~0.00%
Published-14 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_rt_8.1windows_vistawindows_server_2012windows_8.1windows_10n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1897
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.89%
||
7 Day CHG~0.00%
Published-15 Apr, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1898.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1438
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.14%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Panda Security Kernel Memory Access Driver 1.0.0.13 allows attackers to execute arbitrary code with kernel privileges via a crafted size input for allocated kernel paged pool and allocated non-paged pool buffers.

Action-Not Available
Vendor-panda_securityn/a
Product-panda_antivirus_pro_2015panda_global_protection_2015panda_gold_protection_2015panda_internet_security_2015n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1898
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.59%
||
7 Day CHG~0.00%
Published-15 Apr, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1897.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_storage_manager_fastbackn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5729
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.14% / 35.38%
||
7 Day CHG~0.00%
Published-30 Oct, 2007 | 22:00
Updated-07 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability.

Action-Not Available
Vendor-n/aopenSUSEQEMUDebian GNU/Linux
Product-opensusedebian_linuxqemun/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5365
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-41.63% / 97.32%
||
7 Day CHG~0.00%
Published-11 Oct, 2007 | 10:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

Action-Not Available
Vendor-n/aDebian GNU/LinuxSun Microsystems (Oracle Corporation)OpenBSDUbuntuRed Hat, Inc.
Product-linux_advanced_workstationubuntu_linuxdebian_linuxsolarisenterprise_linuxopenbsdopensolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2361
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-0.55% / 66.97%
||
7 Day CHG~0.00%
Published-14 Jul, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (buffer overflow) by leveraging guest OS privileges, aka "Hyper-V Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2012windows_8.1n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-2023
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.8||HIGH
EPSS-0.16% / 37.48%
||
7 Day CHG~0.00%
Published-02 Jan, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM CorporationMicrosoft Corporation
Product-windowsi_accessn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-6151
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 18.34%
||
7 Day CHG~0.00%
Published-15 Dec, 2007 | 01:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1727
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-17.03% / 94.72%
||
7 Day CHG~0.00%
Published-10 Jun, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Pool Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_rt_8.1windows_vistawindows_server_2003windows_server_2012windows_8.1n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-3489
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.75%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 01:40
Updated-16 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux kernel eBPF RINGBUF map oversized allocation

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1).

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1768
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-1.64% / 81.20%
||
7 Day CHG~0.00%
Published-10 Jun, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2003windows_2003_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-3777
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.07% / 21.39%
||
7 Day CHG~0.00%
Published-16 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in blued in the Bluetooth subsystem in Apple OS X before 10.10.5 allow local users to gain privileges via XPC messages.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4795
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.45%
||
7 Day CHG~0.00%
Published-10 Sep, 2007 | 21:00
Updated-07 Aug, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in mkpath in bos.rte.methods in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long ODM name.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8414
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 40.32%
||
7 Day CHG~0.00%
Published-02 Jul, 2019 | 19:56
Updated-05 Aug, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The binary orthrus in /sbin folder of the device handles all the UPnP connections received by the device. It seems that the binary performs a sprintf operation at address 0x0000A3E4 with the value in the command line parameter "-f" and stores it on the stack. Since there is no length check, this results in corrupting the registers for the function sub_A098 which results in memory corruption.

Action-Not Available
Vendor-n/aD-Link Corporation
Product-dcs-1100dcs-1130dcs-1100_firmwaredcs-1130_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4792
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 15.45%
||
7 Day CHG~0.00%
Published-10 Sep, 2007 | 21:00
Updated-07 Aug, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ibstat in devices.common.IBM.ib.rte in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1725
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-5.41% / 89.75%
||
7 Day CHG~0.00%
Published-10 Jun, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_rt_8.1windows_vistawindows_server_2003windows_server_2012windows_8.1n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4791
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.50%
||
7 Day CHG~0.00%
Published-10 Sep, 2007 | 21:00
Updated-07 Aug, 2024 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the swcons command in bos.rte.console in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2005-3504 and CVE-2007-0978.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-0313
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.29% / 51.89%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) implementation of the SubmitCommandVirtual DDI (DxgkDdiSubmitCommandVirtual) where untrusted input is used to reference memory outside of the intended boundary of the buffer leading to denial of service or escalation of privileges.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-gpu_driverwindowsWindows GPU Display Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4217
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.07% / 20.70%
||
7 Day CHG~0.00%
Published-05 Nov, 2007 | 16:00
Updated-07 Aug, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the domacro function in ftp in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long parameter to a macro, as demonstrated by executing a macro via the '$' command.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17112
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.00%
||
7 Day CHG~0.00%
Published-04 Dec, 2017 | 08:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntguard_x64.sys 0.18780.0.0 in IKARUS anti.virus 2.16.15 has a Pool Corruption vulnerability via a 0x83000058 DeviceIoControl request.

Action-Not Available
Vendor-ikarussecurityn/a
Product-anti.virusn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4513
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.18% / 39.77%
||
7 Day CHG~0.00%
Published-05 Nov, 2007 | 16:00
Updated-07 Aug, 2024 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4621
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.00%
||
7 Day CHG~0.00%
Published-05 Nov, 2007 | 16:00
Updated-07 Aug, 2024 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in crontab in IBM AIX 5.2 allows local users to gain privileges via long command line arguments.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4648
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.08% / 24.34%
||
7 Day CHG~0.00%
Published-31 Aug, 2007 | 23:00
Updated-07 Aug, 2024 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write access) for the NvcOa device, which allows local users to gain privileges by (1) triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by (2) sending a crafted KEVENT structure through ioctl 0xBF672028 to overwrite arbitrary memory locations.

Action-Not Available
Vendor-normann/a
Product-norman_virus_controln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-4267
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.66%
||
7 Day CHG~0.00%
Published-15 Nov, 2007 | 01:00
Updated-07 Aug, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0109
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.2||HIGH
EPSS-5.15% / 89.48%
||
7 Day CHG~0.00%
Published-08 Apr, 2013 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service on Windows does not properly handle exceptions, which allows local users to gain privileges or cause a denial of service (memory overwrite) via a crafted application.

Action-Not Available
Vendor-n/aNVIDIA Corporation
Product-display_drivern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-1144
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.2||HIGH
EPSS-0.05% / 14.18%
||
7 Day CHG~0.00%
Published-10 Apr, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the UniformTypeIdentifiers component in Apple OS X before 10.10.3 allows local users to gain privileges via a crafted Uniform Type Identifier.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-3680
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 19.43%
||
7 Day CHG~0.00%
Published-11 Jul, 2007 | 17:00
Updated-07 Aug, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the odm_searchpath function in libodm in IBM AIX 5.2.0 and 5.3.0 allows local users to execute arbitrary code via a long ODMPATH environment variable.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8956
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.75%
||
7 Day CHG~0.00%
Published-12 Dec, 2014 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors.

Action-Not Available
Vendor-k7computingn/a
Product-k7av_sentry_device_drivern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-0530
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.21%
||
7 Day CHG~0.00%
Published-17 Apr, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aELAN Microelectronics Corporation
Product-networkern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-0324
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.54%
||
7 Day CHG~0.00%
Published-15 Feb, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated, leading to denial of service or potential escalation of privileges.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-gpu_driverwindowsWindows GPU Display Driver
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-2893
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.56%
||
7 Day CHG~0.00%
Published-30 May, 2007 | 01:00
Updated-07 Aug, 2024 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register values to exceed the device memory size, aka "RX Frame heap overflow."

Action-Not Available
Vendor-bochs_projectn/a
Product-bochsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-8066
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.51%
||
7 Day CHG~0.00%
Published-23 Apr, 2017 | 05:37
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/net/can/usb/gs_usb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.2 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 9
  • 10
  • Next
Details not found