Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-38427

Summary
Assigner-icscert
Assigner Org ID-7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At-05 May, 2022 | 15:25
Updated At-16 Apr, 2025 | 16:23
Rejected At-
Credits

RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:icscert
Assigner Org ID:7d14cffa-0d7d-4270-9dc0-52cabd5a23a6
Published At:05 May, 2022 | 15:25
Updated At:16 Apr, 2025 | 16:23
Rejected At:
▼CVE Numbering Authority (CNA)
RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.

Affected Products
Vendor
RTI
Product
Connext DDS Professional
Versions
Affected
  • From 4.2x through 6.1.0 (custom)
Vendor
RTI
Product
Connext DDS Secure
Versions
Affected
  • From 4.2x through 6.1.0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.16.6MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Version: 3.1
Base score: 6.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

RTI recommends users apply the available patches for these issues. A patch is available on the RTI customer portal or by contacting RTI Support. Also, contact RTI Support for mitigations, including how to use RTI DDS Secure to mitigate against the network amplification issue.

Configurations
Workarounds
Exploits
Credits
Federico Maggi (Trend Micro Research), Ta-Lun Yen, and Chizuru Toyama (TXOne Networks, Trend Micro) reported these vulnerabilities to CISA. In addition, Patrick Kuo, Mars Cheng (TXOne Networks, Trend Micro), Víctor Mayoral-Vilches (Alias Robotics), and Erik Boasson (ADLINK Technology) also contributed to this research.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
N/A
https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2F
N/A
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
Resource: N/A
Hyperlink: https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2F
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
x_refsource_CONFIRM
x_transferred
https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2F
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2F
Resource:
x_refsource_CONFIRM
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ics-cert@hq.dhs.gov
Published At:05 May, 2022 | 17:15
Updated At:05 Feb, 2025 | 13:26

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.6MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Secondary
Version: 3.1
Base score: 6.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
rti
rti
>>connext_professional>>Versions from 4.2.0(inclusive) to 6.1.0(inclusive)
cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*
rti
rti
>>connext_secure>>Versions from 4.2.0(inclusive) to 6.1.0(inclusive)
cpe:2.3:a:rti:connext_secure:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-121Secondaryics-cert@hq.dhs.gov
CWE-787Primarynvd@nist.gov
CWE ID: CWE-121
Type: Secondary
Source: ics-cert@hq.dhs.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2Fics-cert@hq.dhs.gov
Permissions Required
Vendor Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02ics-cert@hq.dhs.gov
Third Party Advisory
US Government Resource
https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2Faf854a3a-2127-422b-91ae-364da2661108
Permissions Required
Vendor Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
Hyperlink: https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2F
Source: ics-cert@hq.dhs.gov
Resource:
Permissions Required
Vendor Advisory
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
Source: ics-cert@hq.dhs.gov
Resource:
Third Party Advisory
US Government Resource
Hyperlink: https://support.rti.com/s/login/?ec=302&startURL=%2Fs%2F
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Vendor Advisory
Hyperlink: https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

1336Records found
CVE-2020-27347
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-8.8||HIGH
EPSS-0.14% / 34.67%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 02:20
Updated-17 Sep, 2024 | 00:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
tmux stack buffer overflow in function input_csi_dispatch_sgr_colon

In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.

Action-Not Available
Vendor-tmux_projecttmuxUbuntu
Product-tmuxtmux
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30426
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.84%
||
7 Day CHG~0.00%
Published-22 Sep, 2022 | 23:06
Updated-27 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.

Action-Not Available
Vendor-n/aAcer Inc.
Product-veriton_x4620gaspire_z3-615veriton_m2611veriton_m2110gaspire_x3475aspire_tc-120veriton_e430_firmwareveriton_m4620g_firmwareveriton_s6620g_firmwareveriton_z2650gveriton_m2120gveriton_n2620gaspire_1600x_firmwareaspire_u5-620_firmwareveriton_m2611gveriton_z2650g_firmwareap130_f2_firmwareaspire_x1935_firmwareveriton_n4630gaspire_z3-615_firmwareaspire_xc100veriton_m4620_firmwareveriton_x2611_firmwareaspire_x3475_firmwareveriton_x2611aspire_x3995_firmwareveriton_m2110g_firmwareveriton_e430gveriton_n4620gveriton_n4630g_firmwareaspire_tc-105_firmwareaspire_mc605_firmwareveriton_x6620g_firmwareveriton_e430g_firmwareveriton_x6620gveriton_m6620gaspire_7600u_firmwareveriton_m2611g_firmwareveriton_m2611_firmwareveriton_b630_49_firmwareaspire_xc100_firmwareaspire_7600uveriton_b630_49veriton_m2120g_firmwareaspire_1600xveriton_x4620g_firmwareveriton_n4620g_firmwareveriton_n2620g_firmwarealtos_t110_f3_firmwareaspire_1602m_firmwareveriton_e430aspire_x3995aspire_tc-105aspire_u5-620veriton_m4620gaspire_xc600veriton_m6620g_firmwareaspire_tc-120_firmwareaspire_1602maspire_xc600_firmwareveriton_s6620gaspire_mc605altos_t110_f3aspire_x1935veriton_x2611gveriton_x2611g_firmwareveriton_m4620ap130_f2n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0896
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.11%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05671206.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32908
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 8.71%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 00:00
Updated-29 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osmacostvosipadoswatchosmacOSiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1029
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.80%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In setClientStateLocked of SurfaceFlinger.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-193034677

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0628
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-18 Aug, 2021 | 14:44
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In OMA DRM, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05722454; Issue ID: ALPS05722454.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6580, MT6735, MT6739, MT6755S, MT6757, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6877, MT6885
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0903
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.11%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05656488.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11919
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.37%
||
7 Day CHG~0.00%
Published-27 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a potential heap overflow and memory corruption due to improper error handling in SOC infrastructure.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11463
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.13%
||
7 Day CHG~0.00%
Published-12 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3). A buffer overflow in the service command application could allow a local attacker to execute code with elevated privileges. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-sinumerik_808d_v4.8sinumerik_840d_sl_v4.7sinumerik_828d_v4.7_firmwaresinumerik_808d_v4.7_firmwaresinumerik_840d_sl_v4.7_firmwaresinumerik_840d_sl_v4.8_firmwaresinumerik_828d_v4.7sinumerik_840d_sl_v4.8sinumerik_808d_v4.8_firmwaresinumerik_808d_v4.7SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D sl V4.7, SINUMERIK 840D sl V4.8
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-33218
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 9.83%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive

Memory corruption in Automotive due to improper input validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareapq8064au_firmwareqca6595qca6564ausa8155_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540psa8295p_firmwareqca6574asa6145pqca6584au_firmwareapq8096auqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000papq8064ausa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwareqca6564asa8295pSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1099
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7||HIGH
EPSS-0.18% / 39.34%
||
7 Day CHG~0.00%
Published-21 Jul, 2021 | 02:55
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin) that could allow an attacker to cause stack-based buffer overflow and put a customized ROP gadget on the stack. Such an attack may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

Action-Not Available
Vendor-NVIDIA Corporation
Product-virtual_gpuNVIDIA Virtual GPU Software
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32493
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.22%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 19:25
Updated-15 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.

Action-Not Available
Vendor-Dell Inc.
Product-latitude_5401vostro_5391_firmwareinspiron_3470latitude_e7270inspiron_7570vostro_3669inspiron_5590_firmwareinspiron_5477_firmwareg7_17_7790_firmwareoptiplex_3280_aio_firmwarelatitude_7380_firmwarevostro_3888xps_13_9370inspiron_5570inspiron_7490vostro_3888_firmwarelatitude_e5270precision_7540wyse_7040_thin_clientwyse_5070inspiron_5490_firmwarealienware_area_51m_r1_firmwarelatitude_5590optiplex_5080latitude_5511latitude_7390_2-in-1latitude_7214_rugged_extreme_firmwareprecision_5530_2-in-1inspiron_7580_firmwarealienware_x14_firmwarealienware_m15_r1_firmwareprecision_7720vostro_5581_firmwarealienware_m17_r3_firmwarelatitude_5300alienware_x14precision_5530_firmwareoptiplex_5050alienware_aurora_r11latitude_7300optiplex_3050_aioprecision_3620_toweroptiplex_5055_firmwareprecision_3431_toweroptiplex_3060_firmwareinspiron_7000inspiron_3782latitude_3590_firmwarelatitude_7490_firmwarealienware_m15_r2latitude_5310_2-in-1_firmwareinspiron_7490_firmwarexps_8950precision_5720_aiolatitude_7400latitude_5591inspiron_3471latitude_3390optiplex_5050_firmwareprecision_7520_firmwareoptiplex_7071_firmwareinspiron_7586optiplex_3040_firmwareoptiplex_5070g5_5000optiplex_3280_aioxps_15_9575_2-in-1inspiron_5491_2-in-1_firmwareoptiplex_3090_firmwarexps_13_9370_firmwarevostro_3581_firmwarevostro_3581latitude_9410inspiron_7777optiplex_7070optiplex_7080_firmwarelatitude_5420_rugged_firmwareinspiron_5491_aio_firmwarelatitude_5310vostro_5391latitude_3301inspiron_5594latitude_5420_ruggedvostro_3268_firmwarealienware_aurora_r8inspiron_7000_firmwarelatitude_7220_rugged_extreme_tabletalienware_x15_r1latitude_7390_2-in-1_firmwarelatitude_5495inspiron_5400latitude_7480_firmwarelatitude_e5470_firmwarevostro_5591vostro_5090latitude_3190latitude_7220ex_rugged_extreme_tablet_firmwarealienware_aurora_r8_firmwareinspiron_5580_firmwareinspiron_3881_firmwarelatitude_5488latitude_7380optiplex_5480_all-in-one_firmwareprecision_3540alienware_aurora_r11_firmwarealienware_x17_r2_firmwareinspiron_3580_firmwareinspiron_3781_firmwarewyse_5070_firmwarevostro_3670_firmwarelatitude_7214_rugged_extremeinspiron_3280_firmwarelatitude_3310latitude_7414_rugged_extreme_firmwarelatitude_5290_2-in-1precision_7520wyse_5470_all-in-one_firmwareinspiron_5482precision_7820_toweroptiplex_3090latitude_7290latitude_7212_rugged_extreme_tablet_firmwarealienware_area_51m_r1precision_7540_firmwareinspiron_3582inspiron_7700_aiolatitude_7480vostro_3401_firmwareinspiron_7391_firmwarevostro_3881wyse_5470_firmwareedge_gateway_5000_firmwareinspiron_5593inspiron_7580vostro_5390_firmwareinspiron_5770alienware_m17_r2_firmwarelatitude_3580precision_5820_tower_firmwareinspiron_3493_firmwarelatitude_3190_2-in-1_firmwareinspiron_5480_firmwareinspiron_3590latitude_7210_2-in-1optiplex_xe3_firmwareinspiron_7590vostro_5880vostro_3268optiplex_7070_firmwarevostro_3584optiplex_xe3precision_5510latitude_3301_firmwareinspiron_7370vostro_3481_firmwareinspiron_3502latitude_5491optiplex_7040inspiron_7386alienware_aurora_r12optiplex_5480_all-in-oneinspiron_5591_2-in-1_firmwarelatitude_5400alienware_aurora_r13_firmwarelatitude_5410inspiron_7373_firmwareprecision_3541xps_8940optiplex_7050_firmwareprecision_7730_firmwarelatitude_3379_firmwarelatitude_5401_firmwareprecision_3551alienware_m17_r3precision_5820_towerprecision_7730inspiron_7380precision_3640_tower_firmwarelatitude_7275_2-in-1_firmwareg7_17_7790embedded_box_pc_3000inspiron_7570_firmwarelatitude_5400_firmwareinspiron_7391alienware_m17_r4vostro_3671_firmwareoptiplex_7460_all_in_one_firmwareprecision_3440precision_7510_firmwareg5_5000_firmwareoptiplex_7470_all-in-oneinspiron_5680_firmwarealienware_m15_r3_firmwareinspiron_3671_firmwareprecision_3550_firmwarevostro_3668_firmwarelatitude_3310_firmwareinspiron_3781optiplex_3050_firmwarealienware_aurora_r10_firmwareinspiron_7590_firmwareinspiron_7791_firmwareprecision_7740_firmwareinspiron_15_3567alienware_m15_r2_firmwarelatitude_7389vostro_3681inspiron_5570_firmwareprecision_7920_towerlatitude_7400_2-in-1_firmwareinspiron_3481inspiron_3780_firmwareinspiron_3582_firmwarelatitude_5411_firmwareinspiron_3470_firmwareinspiron_3593optiplex_7070_ultraprecision_7740inspiron_3481_firmwareprecision_5530latitude_7275_2-in-1latitude_7310_firmwareinspiron_3790_firmwarexps_13_7390_firmwarelatitude_9510inspiron_5770_firmwareinspiron_7586_firmwarelatitude_3180_firmwarevostro_3681_firmwarealienware_m17_r1_firmwarevostro_3580_firmwareinspiron_3581_firmwarelatitude_9510_firmwarelatitude_3490_firmwarelatitude_5300_2-in-1_firmwarevostro_3668vostro_3670edge_gateway_3000latitude_5280inspiron_5490inspiron_3501_firmwarelatitude_5300_firmwarewyse_7040_thin_client_firmwareinspiron_3880inspiron_5580latitude_5480_firmwareinspiron_3277precision_3930_rackprecision_7550vostro_3490inspiron_5391inspiron_5598inspiron_3482xps_7590_firmwareinspiron_15_2-in-1_5582_firmwareoptiplex_3080alienware_m17_r1latitude_3480inspiron_3782_firmwarexps_13_9300_firmwarealienware_m15_r4optiplex_7460_all_in_onevostro_3671inspiron_7591latitude_7310inspiron_7790inspiron_7790_firmwarelatitude_3379vostro_3584_firmwareoptiplex_7480_all-in-onechengming_3990_firmwareprecision_3520_firmwareinspiron_5594_firmwarechengming_3980precision_3551_firmwareoptiplex_7070_ultra_firmwareinspiron_7700_aio_firmwareoptiplex_7060latitude_5290_firmwareinspiron_15_2-in-1_5582latitude_7424_rugged_extremeoptiplex_7480_all-in-one_firmwareg5_5090_firmwarelatitude_7390g3_15_3590latitude_3390_firmwareprecision_3240_compactprecision_7750_firmwarealienware_aurora_r12_firmwarelatitude_5285_2-in-1_firmwareprecision_7510vostro_3401chengming_3991_firmwarevostro_3480_firmwarevostro_7590_firmwarealienware_aurora_r10precision_3510_firmwareinspiron_7370_firmwarelatitude_7389_firmwareoptiplex_7470_all-in-one_firmwarelatitude_e7470precision_3630_tower_firmwareinspiron_3581inspiron_5400_firmwarelatitude_5488_firmwareinspiron_5583precision_3541_firmwareinspiron_5591_2-in-1alienware_m15_r1alienware_x15_r2inspiron_5680vostro_3881_firmwareinspiron_7373latitude_7200_2-in-1latitude_5511_firmwarevostro_3490_firmwareoptiplex_7040_firmwareinspiron_5493precision_3550latitude_7370latitude_7370_firmwarexps_13_7390_2-in-1_firmwareoptiplex_5070_firmwarealienware_aurora_r13latitude_3310_2-in-1inspiron_5390_firmwarelatitude_5490alienware_m17_r2vostro_3070_firmwareinspiron_7390_firmwareprecision_5720_aio_firmwarexps_7590latitude_3190_2-in-1optiplex_7071edge_gateway_5000vostro_3481inspiron_7786latitude_9410_firmwarevostro_7590latitude_e7270_firmwarelatitude_5280_firmwarelatitude_3180latitude_5300_2-in-1latitude_7424_rugged_extreme_firmwarelatitude_e5470optiplex_3070_firmwarelatitude_7410_firmwarevostro_3667alienware_x15_r2_firmwarelatitude_e7470_firmwareoptiplex_5260_all-in-oneprecision_7720_firmwarelatitude_5310_2-in-1inspiron_5491_aioinspiron_3780inspiron_7380_firmwarelatitude_7390_firmwarelatitude_5500_firmwareprecision_7710latitude_5410_firmwarevostro_5090_firmwarexps_13_7390g3_15_5590_firmwareinspiron_3502_firmwareinspiron_5584precision_3520inspiron_7573_firmwarelatitude_5495_firmwarelatitude_e5570inspiron_3880_firmwareg5_5090optiplex_3050precision_7820_tower_firmwareoptiplex_5055optiplex_5080_firmwarelatitude_e5270_firmwareinspiron_5493_firmwarevostro_3471inspiron_3480_firmwarealienware_m15_r3optiplex_5060_firmwarevostro_3590vostro_5390vostro_5590_firmwareprecision_7530_firmwarealienware_m17_r4_firmwarealienware_x17_r1inspiron_3790vostro_3583_firmwarelatitude_3190_firmwareinspiron_5494g7_17_7590g3_3779_firmwarexps_13_9300latitude_5500precision_7550_firmwareinspiron_5477chengming_3991inspiron_5480xps_8950_firmwarelatitude_5290_2-in-1_firmwareinspiron_3471_firmwarevostro_3669_firmwareinspiron_7791latitude_5501latitude_7400_firmwareprecision_7710_firmwarelatitude_3590vostro_3501chengming_3990vostro_3583alienware_x17_r2latitude_5491_firmwarevostro_5880_firmwareinspiron_3493optiplex_3060optiplex_5060latitude_5285_2-in-1chengming_3988_firmwareinspiron_5482_firmwarewyse_5470_all-in-oneinspiron_5583_firmwarelatitude_5580_firmwareinspiron_3477_firmwarelatitude_3189xps_15_9575_2-in-1_firmwarevostro_3580precision_7750inspiron_14_3467_firmwareembedded_box_pc_5000embedded_box_pc_3000_firmwareinspiron_3580vostro_3267_firmwarevostro_3470_firmwareg3_3579inspiron_7386_firmwareoptiplex_7080alienware_aurora_r9alienware_area_51m_r2_firmwarealienware_m15_r4_firmwareg3_15_5590latitude_5480optiplex_3046latitude_5414_rugged_firmwarelatitude_7300_firmwarealienware_x15_r1_firmwarelatitude_5510wyse_5470vostro_3501_firmwareinspiron_3593_firmwareinspiron_5481inspiron_5494_firmwareprecision_3440_firmwareprecision_5530_2-in-1_firmwarealienware_x17_r1_firmwarexps_8930inspiron_7786_firmwarelatitude_3310_2-in-1_firmwarelatitude_7410inspiron_3590_firmwarelatitude_5501_firmwarexps_13_7390_2-in-1latitude_5411optiplex_7450_firmwareoptiplex_7450xps_13_9365_2-in-1optiplex_3050_aio_firmwareinspiron_15_3567_firmwareg3_3579_firmwareg7_17_7590_firmwarelatitude_3480_firmwarelatitude_3189_firmwarevostro_3590_firmwareinspiron_5498inspiron_7591_firmwarelatitude_5290latitude_5289_firmwarechengming_3980_firmwareinspiron_5491_2-in-1latitude_3120_firmwarelatitude_5590_firmwareinspiron_5590vostro_3267inspiron_14_3467g3_15_3590_firmwareinspiron_3671inspiron_5498_firmwareprecision_5540inspiron_3480latitude_3490precision_3930_rack_firmwareinspiron_3670inspiron_3793_firmwareprecision_3430_tower_firmwareinspiron_7390latitude_3300_firmwarelatitude_7400_2-in-1precision_3640_towervostro_5581inspiron_3490latitude_7210_2-in-1_firmwarelatitude_5510_firmwareinspiron_3670_firmwarelatitude_7212_rugged_extreme_tabletlatitude_e5570_firmwarelatitude_7220_rugged_extreme_tablet_firmwareprecision_3540_firmwareinspiron_7777_firmwareoptiplex_3046_firmwareinspiron_3482_firmwarelatitude_5289precision_3431_tower_firmwarevostro_3471_firmwareoptiplex_3080_firmwareprecision_5510_firmwareprecision_3420_towerinspiron_3881xps_13_9380latitude_7220ex_rugged_extreme_tabletlatitude_7414_rugged_extremeprecision_3420_tower_firmwarealienware_area_51m_r2latitude_5490_firmwarelatitude_5591_firmwareinspiron_3501latitude_5310_firmwarevostro_3070inspiron_3793precision_3430_towerinspiron_5481_firmwarechengming_3988xps_15_7590inspiron_3477latitude_3300latitude_5580precision_3620_tower_firmwareinspiron_5584_firmwareedge_gateway_3000_firmwareinspiron_3277_firmwareinspiron_5401_firmwareinspiron_7573precision_5540_firmwarevostro_5590xps_8940_firmwarelatitude_3120vostro_3480optiplex_5260_all-in-one_firmwareinspiron_5593_firmwarelatitude_7200_2-in-1_firmwarevostro_3582_firmwareprecision_3630_towerlatitude_3580_firmwareinspiron_5598_firmwarevostro_3470latitude_5414_ruggedalienware_aurora_r9_firmwareoptiplex_3070inspiron_3280optiplex_3040latitude_7290_firmwareprecision_7530xps_8930_firmwarexps_13_9365_2-in-1_firmwareinspiron_5391_firmwarexps_15_7590_firmwareembedded_box_pc_5000_firmwareoptiplex_7050inspiron_3490_firmwareprecision_3510xps_13_9380_firmwarelatitude_7490inspiron_5390optiplex_7060_firmwareprecision_3240_compact_firmwareg3_3779inspiron_5401vostro_3582vostro_3667_firmwareprecision_7920_tower_firmwarevostro_5591_firmwareCPG BIOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33103
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.10%
||
7 Day CHG~0.00%
Published-01 Jul, 2022 | 11:36
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

Action-Not Available
Vendor-denxn/a
Product-u-bootn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0977
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.85%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In phNxpNHal_DtaUpdate of phNxpNciHal_dta.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-183487770

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-1124
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.3||HIGH
EPSS-0.28% / 50.98%
||
7 Day CHG~0.00%
Published-23 May, 2018 | 13:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users.

Action-Not Available
Vendor-procps-ng_project[UNKNOWN]Canonical Ltd.Red Hat, Inc.openSUSEDebian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxprocps-ngenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopstruxureware_data_center_expertleapprocps-ng
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1732
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-89.81% / 99.54%
||
7 Day CHG-0.39%
Published-25 Feb, 2021 | 23:01
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Windows Win32k Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2004windows_10_1909windows_10_2004windows_10_20h2windows_server_2019windows_10_1809windows_server_20h2windows_server_1909windows_10_1803Windows Server version 20H2Windows 10 Version 1809Windows Server, version 1909 (Server Core installation)Windows Server 2019 (Server Core installation)Windows 10 Version 20H2Windows 10 Version 2004Windows 10 Version 1803Windows Server version 2004Windows Server 2019Windows 10 Version 1909Win32k
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1106
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.38%
||
7 Day CHG~0.00%
Published-11 Aug, 2021 | 21:32
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system.

Action-Not Available
Vendor-NVIDIA Corporation
Product-jetson_agx_xaviershield_experiencejetson_tx2_nxjetson_tx2jetson_linuxjetson_tx1shield_tvjetson_nano_2gbjetson_nanojetson_xavier_nxJetson AGX Xavier series, Jetson Xavier NX, Jetson TX2 series, Jetson TX2 NX, Jetson Nano, Jetson Nano 2GB, Jetson TX1Shield TV
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1044
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.32%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In eicOpsDecryptAes128Gcm of acropora/app/identity/identity_support.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195570681References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-1100
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.88%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 19:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

Action-Not Available
Vendor-zshzshCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_workstationzshenterprise_linux_desktopzsh
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0427
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.28%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 18:23
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174488848

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.10%
||
7 Day CHG~0.00%
Published-28 May, 2018 | 04:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0540
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.85%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 11:02
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In halWrapperDataCallback of hal_wrapper.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169328517

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0490
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.80%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 16:42
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183464868

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0426
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.28%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 18:22
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In parsePrimaryFieldFirstUidAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174485572

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0489
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.59%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 16:42
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183464866

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0354
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-02 Feb, 2021 | 23:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11; Patch ID: ALPS05431161.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11237
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.60% / 68.36%
||
7 Day CHG~0.00%
Published-18 May, 2018 | 16:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.

Action-Not Available
Vendor-n/aRed Hat, Inc.GNUNetApp, Inc.Canonical Ltd.Oracle Corporation
Product-enterprise_linux_serverubuntu_linuxelement_software_managemententerprise_linux_workstationvirtualization_hostdata_ontap_edgeglibccommunications_session_border_controllerenterprise_linux_desktopenterprise_communications_brokern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0545
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 11:03
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169258884

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0116
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.16%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel Corporation
Product-xeon_e-2286gcore_i7-7700t_firmwarecore_i3-10100core_i7-8850h_firmwarecore_i5-1038ng7core_i9-7900xcore_i5-11400core_i7-10710u_firmwarexeon_e-2174g_firmwarexeon_d-1633ncore_i9-11900_firmwarexeon_w-1270p_firmwarexeon_d-2173it_firmwarexeon_d-2145nt_firmwarexeon_platinum_8153xeon_e-2246gcore_i9-9960xcore_i5-6350hqcore_i3-6300txeon_w-2123core_i7-9700k_firmwarecore_i5-8500t_firmwarecore_i3-9300t_firmwarecore_i5-11260hxeon_e-2236xeon_platinum_8280_firmwarexeon_e-2374g_firmwarexeon_w-1270exeon_silver_4209t_firmwarecore_i5-6500tcore_i5-7500core_i5-6260uxeon_bronze_3104_firmwarecore_i9-9900kf_firmwarecore_i5-7440hqxeon_gold_6142fatom_c3758core_i7-8709gcore_i9-11900kfxeon_gold_6230txeon_silver_4210rxeon_w-1270xeon_e-2254me_firmwarecore_i5-8200ycore_i5-10500t_firmwarecore_i5-9400t_firmwarecore_i7-8809g_firmwarecore_i5-8260ucore_i5-11400fxeon_gold_6226r_firmwarexeon_silver_4116_firmwarecore_i5-7287u_firmwarecore_i9-10900xxeon_gold_6256_firmwarecore_m7-6y75xeon_w-3335xeon_w-11555mrecore_i5-10500hcore_i7-6800k_firmwarecore_i5-10600kfcore_i5-1035g1_firmwarexeon_w-2123_firmwarexeon_e-2146gxeon_silver_4112xeon_gold_6140core_i5-11500he_firmwarecore_i5-8210y_firmwarecore_i7-6650u_firmwarecore_i3-10100exeon_w-3365_firmwarexeon_platinum_8168_firmwarecore_i7-10700kf_firmwarexeon_e-2286g_firmwareatom_c3538core_i7-9700txeon_gold_6238core_i5-7600tcore_i7-4820katom_c3508xeon_w-2195_firmwarexeon_platinum_8256xeon_w-2275_firmwarexeon_gold_6130fxeon_e-2276mxeon_d-2163itcore_i3-1120g4core_i7-3930kcore_i5-11400hxeon_w-2235_firmwarexeon_d-1623nxeon_gold_6230n_firmwarecore_i7-10810ucore_i3-10300tcore_i3-8100xeon_gold_6140_firmwarecore_i5-1130g7core_i7-6560u_firmwarexeon_e-2378g_firmwarecore_i9-11900core_i5-6585rxeon_gold_6144xeon_platinum_8160f_firmwarecore_i5-9600kxeon_gold_5218r_firmwarecore_i3-7100core_m5-6y54core_i7-7600u_firmwarexeon_gold_5118core_i7-9700kf_firmwarecore_i5-1145g7core_i5-9300hcore_i5-10500exeon_silver_4214y_firmwarecore_i9-10850kcore_i5-6600t_firmwarecore_i5-8500bcore_i3-7100e_firmwarexeon_d-2143itxeon_silver_4209txeon_e-2226gecore_i5-8250u_firmwarecore_i7-7820hk_firmwarexeon_w-1390_firmwarexeon_gold_6212uxeon_w-2175_firmwarecore_i5-6600core_i3-8100hcore_i3-7300t_firmwarecore_i9-11900fcore_i7-9700f_firmwarexeon_d-2177nt_firmwarecore_i7-3930k_firmwarecore_i9-10920xcore_i9-11950hxeon_gold_6138pcore_i7-6500u_firmwarecore_i3-8130u_firmwarecore_i5-10310ucore_i7-6950x_firmwarecore_i7-8557ucore_i3-6320core_i3-8350k_firmwarecore_i9-9820x_firmwarecore_i3-1115gre_firmwarecore_i5-6440eqcore_i5-1030g7xeon_d-1602_firmwarecore_i9-10980hkxeon_w-11155mlexeon_d-1559_firmwarecore_i7-10700k_firmwarecore_i3-10305_firmwarexeon_e-2274gcore_i3-7100u_firmwarecore_i3-10325_firmwarexeon_gold_6138t_firmwarecore_i7-10510y_firmwarecore_i7-11800h_firmwarecore_i7-1060g7_firmwarecore_i5-6287uxeon_w-3323core_i7-8500yxeon_platinum_8276_firmwarecore_i7-1068ng7_firmwarecore_i5-7400_firmwarecore_i3-1110g4_firmwarexeon_w-2133_firmwarecore_i7-6700te_firmwareatom_c3808core_i5-9600xeon_gold_6134xeon_w-3375core_i5-8600tcore_i5-7200u_firmwarexeon_gold_6258r_firmwarecore_i3-10320_firmwarexeon_gold_5218bxeon_e-2288gxeon_w-1370pcore_i7-7500uxeon_e-2274g_firmwarexeon_gold_6148f_firmwarexeon_gold_5218rxeon_e-2124g_firmwarexeon_w-2235xeon_w-3175xxeon_w-3225core_i3-7101tecore_i7-7700xeon_d-1540core_i3-11100hexeon_gold_6246r_firmwarecore_i5-6440eq_firmwarexeon_gold_6246rcore_i5-7300hqxeon_d-1513ncore_i5-10505_firmwareatom_c3558_firmwarecore_i9-9900xcore_i9-9900t_firmwarecore_i5-9600_firmwarecore_i7-9700ecore_i9-11900kf_firmwarexeon_e-2254mexeon_platinum_8260l_firmwarecore_i7-8500y_firmwarecore_i7-6700t_firmwarecore_i7-6700tcore_i5-6442eq_firmwarexeon_w-3235_firmwarexeon_platinum_9222atom_c3336_firmwarecore_i3-10105tcore_i3-8100h_firmwarecore_i7-10510u_firmwarecore_i7-6820hk_firmwarecore_i7-7700_firmwarecore_i3-1000g4core_i3-7100t_firmwarecore_i9-10900kfcore_i3-9100hlcore_i7-11390h_firmwarecore_i9-9980hk_firmwareatom_c3858xeon_e-2144gxeon_gold_5119t_firmwarecore_i5-8300h_firmwarexeon_w-11555mlecore_i5-8279u_firmwarecore_i5-8500b_firmwarecore_i3-6102exeon_w-1390txeon_silver_4216core_i5-1140g7core_i7-11700kfcore_i7-10610ucore_i7-6770hqxeon_platinum_8276lxeon_gold_6138tcore_i7-7740xcore_i7-7y75xeon_e-2124gatom_c3850core_i5-11500txeon_platinum_9221_firmwarecore_i7-4930kcore_i7-11600h_firmwarecore_i5-9400core_i5-11400h_firmwarecore_i7-6600uatom_c3508_firmwarexeon_gold_6138core_i7-1185grexeon_gold_6146_firmwarecore_i5-8500_firmwarexeon_d-1557core_i5-1145gre_firmwareatom_c3436lcore_i3-10105f_firmwarexeon_w-3245mxeon_d-1637_firmwarexeon_w-11555mle_firmwarecore_i5-7300hq_firmwarexeon_w-1350atom_c3708core_i7-6500ucore_i5-1035g1xeon_w-3345_firmwarecore_i7-11850hxeon_w-1290xeon_e-2314_firmwarecore_i3-10110ucore_i7-8665u_firmwarecore_i7-8086k_firmwarexeon_w-2223_firmwarexeon_gold_6234atom_c3336xeon_gold_6142f_firmwarecore_i3-10100y_firmwarecore_i7-7567u_firmwarecore_i3-9100e_firmwarexeon_gold_6130_firmwarecore_i5-7442eq_firmwarexeon_gold_6136_firmwarexeon_gold_6252n_firmwarecore_i7-4930mxxeon_w-1250core_i9-10900core_i7-1065g7_firmwarexeon_silver_4116t_firmwarecore_i5-7360ucore_i5-1145g7_firmwarecore_i5-7300ucore_i7-11375h_firmwarexeon_silver_4109t_firmwarecore_i5-6600tcore_i5-6500t_firmwarecore_i3-7100h_firmwarecore_i7-8565ucore_i9-10940x_firmwarecore_i7-6600u_firmwarexeon_silver_4110xeon_bronze_3206r_firmwarexeon_w-3323_firmwarecore_i7-7700kxeon_platinum_8176core_i5-11500h_firmwarecore_i3-10100fcore_i9-9900_firmwarexeon_gold_5217core_i7-6850kcore_i7-9750hf_firmwarexeon_gold_5120tcore_i7-6870hq_firmwarexeon_gold_6210ucore_i5-7200uxeon_gold_5115xeon_d-1548_firmwarecore_i7-9700fcore_i5-8265u_firmwarecore_i7-6820hqcore_i5-10210ucore_i3-7300_firmwarexeon_w-11155mre_firmwarecore_i7-7740x_firmwarecore_i5-8400bcore_i3-7100hxeon_gold_5215core_i3-6100uxeon_bronze_3106_firmwarecore_i5-10400t_firmwarecore_i9-9900kscore_i5-6350hq_firmwarexeon_d-1531_firmwarexeon_d-1527_firmwarecore_i9-7920xxeon_d-1633n_firmwarecore_i9-7960x_firmwarecore_i5-11600kxeon_d-1513n_firmwarecore_i9-8950hkcore_i5-6360uxeon_gold_6126_firmwarecore_i5-10600tcore_i5-10600kf_firmwarexeon_w-1290_firmwarecore_i5-7640xxeon_w-3275mcore_i5-9500te_firmwarecore_i7-7700k_firmwarexeon_e-2386g_firmwarexeon_e-2176m_firmwarexeon_gold_6250lxeon_gold_6209ucore_i9-10900e_firmwarexeon_e-2278g_firmwarecore_i9-9920xxeon_d-2146nt_firmwarecore_i7-7660uxeon_e-2278gel_firmwarexeon_platinum_8158xeon_d-1518_firmwarecore_i7-7700hqcore_i7-6820hq_firmwarexeon_e-2244g_firmwarecore_i3-1120g4_firmwarecore_i7-6900k_firmwarexeon_e-2236_firmwarexeon_gold_6238l_firmwarecore_i5-6402pcore_m3-7y30core_i5-8269u_firmwarexeon_w-11155mrecore_i3-6100t_firmwarexeon_w-2135xeon_gold_6252core_i5-1140g7_firmwarecore_i7-11700kxeon_e-2276mlxeon_silver_4214rcore_i9-10920x_firmwarecore_i3-7101e_firmwarecore_i9-9880h_firmwarexeon_silver_4210r_firmwarecore_i7-6700hqcore_i7-5820k_firmwarecore_i3-8300core_i5-6500_firmwarecore_i3-7102e_firmwarexeon_e-2334_firmwarexeon_gold_6230rxeon_e-2276me_firmwarecore_i5-8400txeon_gold_6132_firmwarexeon_silver_4116txeon_w-1370p_firmwarecore_i5-11600kf_firmwarecore_i7-1065g7core_i7-9800xxeon_silver_4208xeon_e-2136_firmwarexeon_w-1270_firmwarexeon_gold_6210u_firmwarecore_i5-1130g7_firmwarecore_i7-6660u_firmwarexeon_gold_6126txeon_silver_4116fas\/aff_biosxeon_w-1250ecore_i5-8257u_firmwarecore_i5-1038ng7_firmwarexeon_platinum_8160fcore_i3-6100te_firmwarecore_i9-11900h_firmwarecore_i7-6567ucore_i5-9400f_firmwarecore_i7-8706g_firmwarexeon_gold_5215lcore_i5-7287uxeon_gold_6154_firmwarexeon_e-2146g_firmwarecore_i7-3970xxeon_gold_6126f_firmwarecore_i7-3960xxeon_platinum_8253_firmwarecore_i5-6600_firmwarexeon_e-2126g_firmwarecore_i5-1135g7_firmwarecore_i5-9600t_firmwarexeon_w-1350p_firmwarecore_i7-10610u_firmwarecore_i5-10500e_firmwarecore_i5-1145grexeon_w-3265mxeon_gold_6240lxeon_d-1529_firmwarexeon_gold_6248core_i5-11600k_firmwarexeon_e-2378_firmwarexeon_gold_6240l_firmwarexeon_platinum_8176f_firmwarecore_i3-8145ucore_i3-9300xeon_d-2173itcore_i7-7567ucore_i7-10870h_firmwarecore_i3-6098p_firmwarecore_i5-1155g7core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kxeon_platinum_8160tcore_i7-6920hq_firmwarexeon_gold_6252_firmwarecore_i7-3820xeon_e-2144g_firmwarecore_i7-10700te_firmwarecore_i7-10700ecore_i3-7320core_i7-3940xmxeon_gold_6126fcore_i5-6200u_firmwarecore_m5-6y57xeon_e-2388gcore_i7-9700te_firmwarexeon_platinum_8268xeon_e-2226gcore_i7-6700texeon_gold_6240rcore_i3-10100te_firmwarexeon_gold_6238_firmwarexeon_gold_6152_firmwarexeon_silver_4215rxeon_e-2278gcore_i9-10900ecore_i3-9100core_i5-8600core_i5-8250ucore_i9-11980hkxeon_w-3265core_m3-8100y_firmwarecore_i7-3940xm_firmwarecore_i5-10500tecore_i7-6700_firmwarecore_i7-7500u_firmwarecore_i5-10210y_firmwarecore_i7-8700k_firmwarecore_i3-6100texeon_gold_5119tcore_i7-8700bcore_i5-10500txeon_w-1250texeon_gold_6208ucore_i3-9100texeon_gold_6130f_firmwarecore_i5-9300hf_firmwarecore_m5-6y57_firmwareatom_c3338core_i5-11500t_firmwarecore_i3-6006u_firmwarexeon_gold_6242core_i7-10700kxeon_d-1627xeon_e-2186mcore_i3-8109u_firmwareatom_c3708_firmwarexeon_gold_6250_firmwarexeon_d-1623n_firmwarecore_i3-9350k_firmwarecore_i7-11370hcore_i5-7442eqcore_i7-8665uecore_i3-8130ucore_i3-7167ucore_i3-8300txeon_d-1528_firmwarecore_i5-11500hcore_i5-11600tatom_c3308_firmwarecore_i9-9900kxeon_gold_6240_firmwarecore_i7-5930kcore_i5-10400fcore_i7-1160g7core_i3-6157u_firmwarexeon_w-2265_firmwarexeon_e-2278ge_firmwarecore_i5-9400_firmwarexeon_gold_6226rxeon_bronze_3204xeon_w-1270e_firmwarexeon_e-2276m_firmwarecore_i3-7350k_firmwarexeon_d-1567core_i5-8400t_firmwarexeon_w-3365xeon_w-2135_firmwarexeon_gold_6142_firmwarecore_i7-9850hlatom_c3538_firmwarexeon_e-2286m_firmwarecore_i5-6300ucore_i5-8400hcore_m3-6y30core_i7-11850he_firmwarexeon_w-2175xeon_d-2141i_firmwarexeon_silver_4214r_firmwarexeon_silver_4108xeon_w-3335_firmwarecore_i3-10110ycore_i7-7820hkcore_i5-9300h_firmwarexeon_w-11855mxeon_gold_6240ycore_i3-6100xeon_gold_6238lxeon_w-1390xeon_gold_5218n_firmwarecore_i7-11700t_firmwarecloud_backupcore_i7-11700fcore_i7-8665ucore_m7-6y75_firmwarecore_i3-10305tcore_i3-9350kf_firmwarexeon_gold_6130t_firmwarecore_i7-5960x_firmwarexeon_w-1370_firmwarecore_i5-7440eq_firmwarexeon_d-1649n_firmwarecore_i3-8140ucore_i7-8086kcore_i5-7360u_firmwarecore_i3-8350kcore_i5-10600kxeon_gold_5222core_i7-10850hxeon_gold_6256core_i5-6360u_firmwarexeon_d-1523ncore_i3-1005g1_firmwarecore_i9-9900x_firmwarecore_i3-9100hl_firmwarecore_i5-10500te_firmwareatom_c3338rcore_i3-10300t_firmwarecore_i3-8100bcore_i3-6167ucore_i5-8279ucore_i3-10100f_firmwarexeon_gold_5118_firmwarecore_i5-8600kcore_i7-8700tcore_i3-7100_firmwarecore_i3-9320_firmwarexeon_d-1541xeon_d-1543n_firmwarexeon_d-1622xeon_gold_5222_firmwarecore_i5-6685r_firmwarecore_i7-8700t_firmwarecore_i5-6500te_firmwarecore_i5-1030g7_firmwarecore_i5-8600t_firmwarexeon_w-2223core_i7-6970hqcore_i7-1185g7e_firmwarexeon_gold_6238tatom_c3955core_i5-8500core_i5-11260h_firmwarecore_i5-9400h_firmwareatom_c3758r_firmwarecore_i5-10400f_firmwarecore_i7-6560ucore_i9-10980xe_firmwarexeon_gold_6240r_firmwarecore_i5-8257uxeon_gold_6212u_firmwarexeon_gold_6208u_firmwarecore_i7-8569ucore_i9-9900tcore_i7-10700t_firmwarecore_i5-6685ratom_c3558xeon_w-2133xeon_platinum_8260lxeon_e-2336_firmwarecore_i5-6287u_firmwarexeon_platinum_8270xeon_gold_6248r_firmwarecore_i5-8500txeon_gold_6132core_i7-4930k_firmwarexeon_w-11555mre_firmwarecore_i5-6400txeon_d-2166ntcore_i3-10305core_i7-9850he_firmwarecore_i3-6100h_firmwarexeon_w-1390pcore_i3-9100_firmwarecore_i7-6700core_i7-6820hkcore_i7-7560u_firmwarexeon_gold_6262vcore_i7-10710ucore_i5-10300hcore_i5-10210ycore_i7-1165g7_firmwarexeon_silver_4210_firmwarexeon_w-1270texeon_e-2224core_i9-9900ks_firmwarexeon_e-2124_firmwarexeon_gold_6238rxeon_silver_4110_firmwarexeon_platinum_8170core_i3-1125g4_firmwarexeon_e-2278gelxeon_d-1553ncore_i5-1030g4xeon_gold_6222v_firmwarecore_i9-10980hk_firmwarexeon_d-2166nt_firmwarecore_i5-10400_firmwarexeon_gold_6242r_firmwarexeon_w-2155core_i5-6600k_firmwarecore_i7-6700hq_firmwarexeon_platinum_8153_firmwarecore_i3-7102exeon_w-11155mle_firmwarexeon_silver_4216_firmwarecore_i3-1115g4e_firmwarexeon_gold_5122core_i9-10900k_firmwarexeon_gold_5215l_firmwareatom_c3758rxeon_w-2225_firmwarexeon_gold_6230core_i7-6870hqatom_c3950core_i3-9100exeon_silver_4109tcore_i3-7300xeon_d-1548core_i7-10510yxeon_bronze_3106core_i5-7y57_firmwarecore_i7-7820x_firmwarexeon_platinum_8260yxeon_e-2276ml_firmwarexeon_d-1653natom_c3338_firmwarecore_i9-10900_firmwarecore_i5-6300u_firmwarecore_i5-1155g7_firmwarexeon_gold_5218txeon_e-2374gxeon_e-2254ml_firmwarexeon_d-1557_firmwarecore_i5-9500t_firmwarexeon_gold_5218ncore_i7-8709g_firmwarexeon_d-2163it_firmwarexeon_w-2295_firmwarexeon_d-1531core_i7-10875h_firmwarexeon_e-2278gexeon_d-1533n_firmwarexeon_silver_4214yxeon_platinum_8156xeon_w-10855mxeon_d-2177ntcore_i7-6785r_firmwarexeon_w-3275_firmwarecore_i5-10600t_firmwarexeon_platinum_8270_firmwarecore_i7-11700k_firmwarecore_i5-10300h_firmwarexeon_w-3235core_i9-10900txeon_d-1571_firmwarexeon_e-2126gcore_i7-10700tecore_i9-10900kcore_i5-10600_firmwarexeon_gold_5220rxeon_w-11955mxeon_w-1290ecore_i5-10400tcore_i7-6820eq_firmwarecore_i7-1185g7core_i7-9700kfxeon_d-1541_firmwarexeon_w-1290te_firmwarexeon_platinum_9221xeon_d-2142itcore_i5-7600k_firmwarecore_i9-11980hk_firmwarexeon_platinum_9222_firmwarecore_i5-8305g_firmwarecore_i3-8100b_firmwarecore_i9-10900te_firmwarecore_i9-11900kcore_i3-8300t_firmwarexeon_gold_6150_firmwarecore_i3-7167u_firmwarecore_i7-10700_firmwarecore_i3-1005g1core_i7-1068ng7core_m3-6y30_firmwarecore_i7-1185gre_firmwarecore_i7-7820eq_firmwarexeon_d-1637core_i5-9400fcore_i5-11320h_firmwarexeon_d-1539_firmwarecore_i5-9500f_firmwarecore_i7-6800kcore_i7-7560uxeon_gold_5120core_i7-8550u_firmwarecore_i5-11600kfxeon_d-1602core_i5-8365uxeon_w-2245xeon_d-2145ntcore_i5-9600kfxeon_e-2288g_firmwarecore_i5-6267u_firmwarexeon_w-1250te_firmwarexeon_e-2224gcore_i5-8600_firmwarecore_i3-8100_firmwarecore_i5-8269ucore_i3-11100he_firmwarexeon_gold_6254_firmwarexeon_gold_5220_firmwarecore_i5-7600t_firmwarecore_i9-11900hcore_i7-9700t_firmwarecore_i7-1185g7ecore_i7-8665ue_firmwarecore_i7-4820k_firmwarecore_i7-7820hq_firmwarexeon_silver_4208_firmwarexeon_d-1521core_i3-8145uexeon_w-2155_firmwarecore_i5-8265ucore_i7-10700txeon_e-2246g_firmwarexeon_platinum_8170_firmwarecore_i9-9900kfcore_i5-6300hqcore_i5-6402p_firmwarexeon_silver_4114tcore_i7-10750hxeon_e-2226ge_firmwarexeon_gold_6134_firmwarecore_i7-1160g7_firmwarecore_i5-8400b_firmwarecore_i7-8706gcore_i7-5930k_firmwarecore_i7-11850h_firmwarecore_i3-6300core_i5-7400t_firmwarexeon_silver_4215xeon_gold_6230ncore_i5-8365u_firmwareatom_c3750xeon_platinum_8280l_firmwarecore_i7-1195g7core_i9-10885hcore_i5-7440eqcore_i5-9500_firmwarexeon_e-2386gcore_i3-9100t_firmwarecore_i7-1165g7core_i5-11400_firmwarexeon_gold_6242_firmwarecore_m3-7y32core_i7-11850hexeon_e-2134core_i7-10750h_firmwarexeon_w-1290tecore_i5-1145g7exeon_w-3265_firmwarexeon_d-2142it_firmwarecore_i7-8557u_firmwarecore_m3-7y32_firmwarexeon_w-11865mre_firmwarexeon_e-2176mxeon_gold_6230t_firmwarecore_i3-1000g1_firmwarexeon_gold_6130xeon_gold_5218_firmwarecore_i9-10900t_firmwarexeon_silver_4210txeon_w-3275m_firmwarecore_i5-11400f_firmwarexeon_gold_6138_firmwarecore_i9-11900k_firmwarexeon_e-2134_firmwarecore_i7-1185g7_firmwarexeon_gold_6136core_i7-1180g7_firmwarecore_i5-7267u_firmwarecore_i5-7640x_firmwarexeon_w-3245m_firmwarecore_i5-9600tcore_i9-11900t_firmwarexeon_e-2226g_firmwareatom_c3558rcore_i9-7960xxeon_w-1370xeon_d-1559xeon_platinum_9242_firmwarexeon_e-2174gatom_c3436l_firmwarecore_i7-7y75_firmwarexeon_d-1537xeon_gold_6230_firmwarexeon_gold_6128core_i7-1180g7xeon_e-2176gxeon_gold_6146core_i3-6100hxeon_gold_6254core_i3-10320core_i3-10105fxeon_w-1390t_firmwarexeon_e-2224_firmwarexeon_platinum_8160t_firmwarecore_i3-6098pcore_i5-6400xeon_d-1649nxeon_gold_6148_firmwarecore_i7-10875hcore_i5-6300hq_firmwarexeon_platinum_8156_firmwarecore_i7-1195g7_firmwarecore_i5-10400hcore_i5-9600kf_firmwarecore_i7-9800x_firmwarexeon_w-10885mxeon_gold_6234_firmwarexeon_e-2224g_firmwarexeon_silver_4114_firmwarexeon_gold_6126xeon_d-1527core_i9-9940xcore_i9-9980xe_firmwarecore_i5-6600kcore_i9-7940xxeon_gold_5220r_firmwarecore_i7-9700tecore_i7-6822eq_firmwarexeon_gold_6248rxeon_silver_4214core_i3-6102e_firmwarexeon_w-2125core_i5-6260u_firmwarecore_i9-9900k_firmwarecore_i5-6500tecore_i5-11300hxeon_gold_5220sxeon_platinum_8260core_i7-7800x_firmwarecore_i3-10105t_firmwarecore_i5-6500core_i5-10400h_firmwarexeon_gold_6138f_firmwarexeon_d-2146ntcore_i3-10100txeon_gold_6128_firmwarecore_i3-9100f_firmwarecore_i7-7700hq_firmwarecore_i9-9980hkxeon_e-2244gcore_i5-11500hecore_i3-7100txeon_w-2125_firmwarecore_i5-1035g4_firmwarexeon_platinum_8180core_i7-9850h_firmwarecore_i7-11700_firmwarecore_m5-6y54_firmwarecore_i7-11375hcore_i7-8559ucore_i5-9500ecore_i9-9920x_firmwarexeon_w-1250e_firmwarecore_i7-4960xcore_i7-5960xxeon_d-1521_firmwarecore_i3-6320_firmwarecore_i3-6100e_firmwarexeon_w-1290t_firmwarecore_i7-9750h_firmwarexeon_gold_6209u_firmwarexeon_gold_6138fcore_i3-10325xeon_e-2356gcore_i9-7920x_firmwarecore_i7-8700core_i3-7130ucore_i5-8400xeon_platinum_8276l_firmwarexeon_gold_6262v_firmwarexeon_e-2334core_i7\+8700core_i5-7440hq_firmwarecore_i7-9850hcore_i3-10110u_firmwarecore_i5-7600core_i9-10980xexeon_w-11865mlecore_i9-11900f_firmwarexeon_e-2186gxeon_gold_6226_firmwarecore_i5-8310y_firmwarexeon_silver_4210core_i9-10885h_firmwarexeon_gold_6250l_firmwarexeon_silver_4114t_firmwarecore_i5-11500_firmwarecore_i3-7320_firmwarecore_i7-6770hq_firmwarecore_i7-8569u_firmwarexeon_gold_6240y_firmwareatom_c3955_firmwarexeon_w-1350pxeon_d-2143it_firmwarecore_i5-9400txeon_w-3245_firmwarecore_i7-11800hcore_i7-11370h_firmwarecore_i3-10300xeon_w-1290p_firmwarexeon_w-1250p_firmwarexeon_bronze_3204_firmwarecore_i3-8100t_firmwarecore_i5-7600_firmwarecore_i9-9960x_firmwarecore_i5-10310u_firmwarexeon_gold_6154core_i5-8400_firmwarecore_i7-6567u_firmwarexeon_e-2234_firmwareatom_c3830core_i7-10870hxeon_silver_4215r_firmwarecore_i7-10510ucore_i3-6300t_firmwarexeon_bronze_3104xeon_w-1290pcore_i7-7920hq_firmwarecore_i5-8310ycore_i5-10500h_firmwarexeon_d-1523n_firmwarecore_i3-10300_firmwarexeon_d-2183it_firmwarecore_i5-6440hqxeon_w-3245xeon_e-2324gcore_i7-6660ucore_i9-7980xecore_i3-6100ecore_i7-6970hq_firmwarexeon_w-3345xeon_e-2186m_firmwarexeon_d-1528xeon_w-2295xeon_e-2234core_i3-9100tcore_i5-11300h_firmwarecore_i5-10500core_i7-8850hcore_i9-8950hk_firmwarecore_i5-8400h_firmwarecore_i5-11600_firmwarexeon_d-1622_firmwarexeon_w-11865mrecore_i3-10100_firmwarexeon_silver_4108_firmwarecore_i9-10900texeon_platinum_8260y_firmwarecore_i5-1030g4_firmwarecore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_e-2378core_i7-7820xcore_i7-3970x_firmwarecore_i3-1115g4ecore_i7-7800xcore_i5-9400hxeon_platinum_8253xeon_gold_6252ncore_i3-9320atom_c3308xeon_platinum_8280xeon_platinum_8180_firmwarecore_i7-10700f_firmwarecore_i3-10100t_firmwarexeon_w-2255_firmwarexeon_gold_5220t_firmwarecore_i3-10105core_i5-11400tcore_i7-4940mxxeon_gold_6246core_i9-10900kf_firmwarecore_i7-8550uxeon_w-1350_firmwarecore_i7-10810u_firmwarecore_i9-10940xcore_i7-9700xeon_w-3265m_firmwarexeon_d-1577_firmwarexeon_gold_5122_firmwarecore_i7-9850hecore_i7-10700kfcore_i7-9850hl_firmwarecore_i5-8260u_firmwareatom_c3830_firmwarecore_i5-7500tcore_i5-6440hq_firmwarexeon_d-2187ntxeon_d-1518core_i5-6267ucore_i3-1000g1xeon_w-2225xeon_e-2276mecore_i7-3820_firmwarexeon_silver_4210t_firmwarecore_i5-7y54xeon_gold_5218t_firmwarecore_i7-6950xcore_i5-7400xeon_platinum_8164core_i7-8700b_firmwarexeon_e-2356g_firmwarexeon_platinum_8176fcore_i3-10305t_firmwarexeon_w-10855m_firmwarexeon_gold_5115_firmwarexeon_platinum_8168core_i9-10850k_firmwarecore_i7-7660u_firmwarecore_i5-8365ue_firmwarecore_i3-6167u_firmwarexeon_gold_5217_firmwarecore_i7-11600hcore_i7-7920hqcore_i7-10700core_i9-11950h_firmwarecore_i3-1115g4_firmwarexeon_d-1533ncore_i3-7020ucore_i5-1135g7xeon_w-2195core_i3-8145u_firmwarexeon_e-2136xeon_w-1270pcore_i5-9300hfcore_i5-8600k_firmwarecore_i9-9940x_firmwarexeon_gold_6258rcore_i3-1115g4xeon_platinum_9282core_i5-10400core_i3-7020u_firmwarexeon_d-2161ixeon_w-1250pcore_i7-8700kcore_i3-7130u_firmwarexeon_silver_4215_firmwarexeon_platinum_8160_firmwarexeon_d-2123itcore_i7-11700kf_firmwarecore_i5-8365uecore_i3-8109uxeon_gold_6142core_i3-1110g4atom_c3558r_firmwarecore_i7-4960x_firmwarexeon_bronze_3206rxeon_gold_6148xeon_w-3275xeon_gold_6240xeon_d-2161i_firmwarecore_i5-8200y_firmwarexeon_gold_5220core_i5-8350uxeon_platinum_8256_firmwarecore_i7-8750h_firmwarecore_i3-10100texeon_platinum_8176_firmwareatom_c3758_firmwarecore_i5-10210u_firmwarecore_i7-11390hcore_i3-8140u_firmwarexeon_d-1537_firmwarecore_i5-7y57xeon_w-3375_firmwarecore_i3-9300_firmwarecore_i7-3920xmcore_i5-7260uxeon_d-1540_firmwarecore_i5-10600k_firmwarecore_i5-8259u_firmwarexeon_e-2124core_i7-9750hcore_i3-6100u_firmwareatom_c3808_firmwarecore_i3-10110y_firmwarexeon_e-2186g_firmwarexeon_d-1553n_firmwarecore_i9-7980xe_firmwarexeon_w-1270te_firmwarecore_i7-8559u_firmwarecore_i5-7500_firmwarexeon_gold_6126t_firmwarecore_i5-11500core_i7-11700xeon_platinum_8160xeon_gold_6148fcore_i5-10600xeon_w-2245_firmwarecore_i5-10500_firmwarecore_i5-10310ycore_i5-10310y_firmwareatom_c3858_firmwarexeon_d-1567_firmwarecore_i5-8259uxeon_e-2388g_firmwarexeon_gold_6230r_firmwarexeon_e-2336xeon_gold_6246_firmwarexeon_platinum_8260_firmwarexeon_e-2286mcore_i5-11600t_firmwarecore_i7-6650ucore_i9-9880hcore_i7-4930mx_firmwarecore_i7-8705g_firmwarexeon_platinum_8158_firmwarexeon_gold_6244_firmwarecore_i5-6400_firmwarecore_i5-1035g4core_i7-8650ucore_i5-10200hcore_i7-8705gxeon_platinum_8276xeon_d-1529xeon_gold_5220txeon_e-2324g_firmwarecore_i7-7600uxeon_gold_6244xeon_w-3223_firmwarexeon_gold_6242rcore_i5-1035g7_firmwarecore_i3-7100exeon_w-2275xeon_w-3175x_firmwarecore_i7\+8700_firmwarexeon_w-2265core_i5-9500core_i3-7101ecore_i9-9900xeon_w-10885m_firmwarecore_i3-8145ue_firmwarecore_i9-9820xxeon_gold_5218b_firmwarexeon_gold_6248_firmwarecore_i7-9750hfxeon_d-2141icore_i7-3920xm_firmwarecore_i7-6850k_firmwarecore_i7-3960x_firmwarexeon_e-2176g_firmwarecore_i5-1035g7xeon_gold_6138p_firmwarexeon_e-2254mlcore_i5-8305gcore_i3-9350kcore_i3-1115grecore_i5-11600core_i5-7400tcore_i7-8750hcore_i3-6100txeon_w-2145_firmwarecore_i3-10100e_firmwarexeon_d-2183itxeon_d-2123it_firmwarecore_i5-8300hcore_i9-7940x_firmwarecore_i3-7101te_firmwarecore_i5-9500e_firmwarecore_i9-7900x_firmwarecore_i7-9700e_firmwarecore_i5-9500teatom_c3958xeon_gold_6130txeon_w-1290e_firmwarexeon_d-1520core_i5-1145g7e_firmwarecore_i5-7y54_firmwarexeon_d-2187nt_firmwarexeon_w-1390p_firmwarexeon_w-11955m_firmwarecore_i9-10900f_firmwarexeon_platinum_8280lcore_m3-8100yxeon_gold_5120t_firmwarexeon_silver_4114core_i5-7267ucore_i3-7100uxeon_d-1543ncore_i5-6442eqcore_i7-6700k_firmwarecore_i5-7260u_firmwareatom_c3750_firmwarecore_i7-11700tcore_i5-7300u_firmwarexeon_d-1520_firmwarexeon_platinum_9242core_i7-10700e_firmwarecore_i3-9100te_firmwarecore_i7-6700kcore_i7-6822eqcore_i3-7300tcore_i9-11900tcore_i5-8210ycore_i7-6785rcore_i7-1060g7core_i7-8565u_firmwarexeon_w-11855m_firmwarecore_i5-11400t_firmwarecore_i7-5820kcore_i7-9700_firmwarecore_i7-7700tcore_i7-6900kcore_i9-9980xexeon_platinum_9282_firmwarexeon_gold_5120_firmwarexeon_gold_6250core_i3-9350kfxeon_w-1290tcore_i7-8809gxeon_gold_6226core_i3-10105_firmwarecore_i5-11320hcore_i7-8650u_firmwarexeon_d-1577atom_c3958_firmwarecore_i5-6400t_firmwarecore_i3-6300_firmwarexeon_silver_4214_firmwarecore_i7-10850h_firmwarexeon_platinum_8268_firmwarexeon_e-2314core_i7-8700_firmwarecore_i3-7350kcore_i3-8300_firmwarecore_i5-10505xeon_d-1539core_i7-6820eqcore_i7-6920hqcore_i5-6585r_firmwarexeon_w-2255core_i9-10900x_firmwarecore_i5-7600kcore_m3-7y30_firmwarecore_i3-6006uxeon_gold_5215_firmwarexeon_gold_5220s_firmwarexeon_w-11865mle_firmwarecore_i3-1000g4_firmwarexeon_gold_6144_firmwarecore_i5-8350u_firmwarexeon_e-2276g_firmwarexeon_d-1627_firmwarexeon_gold_5218xeon_w-2145core_i7-4940mx_firmwarecore_i7-11700f_firmwarecore_i3-9100fatom_c3850_firmwarexeon_w-1250_firmwarecore_i5-7500t_firmwarexeon_d-1653n_firmwarecore_i9-10900fcore_i3-1125g4atom_c3950_firmwarexeon_w-3225_firmwarexeon_e-2378gcore_i5-10200h_firmwarecore_i3-8100tcore_i3-6100_firmwarexeon_gold_6238r_firmwarecore_i5-9500txeon_platinum_8164_firmwarexeon_w-3223xeon_gold_6152xeon_gold_6150xeon_e-2276gcore_i5-6200uxeon_gold_6222vcore_i7-10700fxeon_d-1571core_i5-9600k_firmwarexeon_gold_6238t_firmwareatom_c3338r_firmwarexeon_silver_4112_firmwareIntel(R) Processors
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-23554
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.51%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 02:46
Updated-04 Aug, 2024 | 14:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000007e20.

Action-Not Available
Vendor-n/aIrfanView
Product-irfanviewn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28806
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.18%
||
7 Day CHG~0.00%
Published-04 May, 2022 | 14:10
Updated-03 Aug, 2024 | 06:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM.

Action-Not Available
Vendor-n/aFujitsu Limited
Product-lifebook_e5510lifebook_u7310lifebook_u7311_firmwarelifebook_a3510lifebook_u7511lifebook_e5510_firmwarelifebook_u9310_firmwarelifebook_a3510_firmwarelifebook_e459lifebook_u7510lifebook_e449_firmwarelifebook_e449lifebook_u7511_firmwarelifebook_u7411_firmwarelifebook_u7310_firmwarelifebook_u7410lifebook_u7510_firmwarelifebook_u7311lifebook_u9311lifebook_u9310lifebook_e459_firmwarelifebook_u7411lifebook_u9311_firmwarelifebook_u7410_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0200
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 26.60%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 19:14
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the firmware for Intel(R) Ethernet 700 Series Controllers before version 8.2 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ethernet_controller_v710-at2_firmwareethernet_controller_x710-tm4_firmwareethernet_controller_x710-am2ethernet_controller_xl710-am2_firmwareethernet_controller_x710-bm2_firmwareethernet_controller_x710-am2_firmwareethernet_controller_v710-at2ethernet_controller_xxv710-am1ethernet_controller_xl710-am1ethernet_controller_xl710-bm2ethernet_controller_xxv710-am2_firmwareethernet_controller_xl710-am1_firmwareethernet_controller_x710-bm2ethernet_controller_x710-tm4ethernet_controller_xl710-bm1ethernet_controller_x710-at2_firmwareethernet_controller_xl710-bm1_firmwareethernet_controller_xxv710-am2ethernet_controller_xxv710-am1_firmwareethernet_controller_xl710-am2ethernet_controller_xl710-bm2_firmwareethernet_controller_x710-at2Intel(R) Ethernet 700 Series Controllers
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0353
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 0.76%
||
7 Day CHG~0.00%
Published-02 Feb, 2021 | 23:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05425247.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0573
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.72%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 18:28
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187231635

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0153
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.90%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 16:36
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-xeon_e5-2650l_v4xeon_e5-1607_v4_firmwarexeon_e5-2689_v4xeon_e5-1650_v4_firmwarexeon_e5-2630l_v4xeon_e5-2699_v4_firmwarexeon_e5-4640_v4_firmwarexeon_e5-2637_v4_firmwarexeon_e5-2660_v4_firmwarexeon_e5-4669_v4_firmwarexeon_e5-4667_v4xeon_e5-2603_v4_firmwarexeon_e5-2697a_v4xeon_e5-4628l_v4xeon_e5-2687w_v4xeon_e5-2637_v4core_i9-10980xe_firmwarexeon_e5-1650_v4xeon_e5-1620_v4xeon_e5-4669_v4xeon_e5-2689_v4_firmwarexeon_e5-2630_v4_firmwarexeon_e5-2609_v4_firmwarexeon_e5-4610a_v4xeon_e5-2623_v4xeon_e5-2699r_v4_firmwarexeon_e5-2679_v4xeon_e5-4640_v4xeon_e5-2628l_v4xeon_e5-2650_v4xeon_e5-2650_v4_firmwarexeon_e5-4660_v4_firmwarexeon_e5-2630l_v4_firmwarexeon_e5-2687w_v4_firmwarecore_i9-10980xexeon_e5-2690_v4_firmwarexeon_e5-2608l_v4xeon_e5-4650_v4xeon_e5-2697_v4xeon_e5-2660_v4xeon_e5-4610_v4xeon_e5-2680_v4_firmwarexeon_e5-2658_v4_firmwarexeon_e5-4627_v4_firmwarexeon_e5-2658_v4xeon_e5-2679_v4_firmwarexeon_e5-1630_v4_firmwarexeon_e5-2648l_v4_firmwarexeon_e5-4650_v4_firmwarexeon_e5-2667_v4xeon_e5-1680_v4_firmwarexeon_e5-2695_v4_firmwarexeon_e5-4620_v4_firmwarecore_i9-10900x_firmwarexeon_e5-4655_v4_firmwarexeon_e5-2608l_v4_firmwarexeon_e5-4627_v4xeon_e5-2630_v4xeon_e5-1603_v4_firmwarexeon_e5-1630_v4xeon_e5-4610_v4_firmwarexeon_e5-2620_v4core_i9-10920x_firmwarexeon_e5-2609_v4core_i9-10940xxeon_e5-1660_v4xeon_e5-4628l_v4_firmwarexeon_e5-1680_v4xeon_e5-2698_v4_firmwarexeon_e5-2683_v4_firmwarexeon_e5-2618l_v4_firmwarecore_i9-10900xxeon_e5-1607_v4xeon_e5-2643_v4_firmwarexeon_e5-2695_v4xeon_e5-2623_v4_firmwarexeon_e5-2690_v4xeon_e5-2650l_v4_firmwarexeon_e5-2699r_v4core_i9-10940x_firmwarecore_i9-10920xxeon_e5-2699a_v4_firmwarexeon_e5-2640_v4_firmwarexeon_e5-2667_v4_firmwarexeon_e5-2699a_v4xeon_e5-2618l_v4xeon_e5-4667_v4_firmwarexeon_e5-1660_v4_firmwarexeon_e5-2648l_v4xeon_e5-4620_v4xeon_e5-4610a_v4_firmwarexeon_e5-2643_v4xeon_e5-2683_v4xeon_e5-2699_v4xeon_e5-2628l_v4_firmwarexeon_e5-2603_v4xeon_e5-4660_v4xeon_e5-2697_v4_firmwarexeon_e5-2698_v4xeon_e5-1620_v4_firmwarexeon_e5-1603_v4xeon_e5-2620_v4_firmwarexeon_e5-2640_v4xeon_e5-2680_v4xeon_e5-4655_v4xeon_e5-2697a_v4_firmwareIntel(R) Processors
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0576
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.72%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 18:28
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In flv extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187236084

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-28990
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.27%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 18:06
Updated-03 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.

Action-Not Available
Vendor-wasm3_projectn/a
Product-wasm3n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0577
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.62%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 13:46
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In flv extractor, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187161771

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-10878
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.06% / 18.32%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linux_desktopkernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0359
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.39%
||
7 Day CHG~0.00%
Published-02 Feb, 2021 | 23:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05442011.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0439
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.98%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 18:22
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174243830

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0467
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 2.25%
||
7 Day CHG~0.00%
Published-14 Jun, 2021 | 19:35
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-174490700

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0510
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.86%
||
7 Day CHG~0.00%
Published-21 Jun, 2021 | 16:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444622

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-0607
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.02%
||
7 Day CHG~0.00%
Published-22 Jun, 2021 | 11:13
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible hardware port write with user controlled data due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-180950209

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0301
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 2.11%
||
7 Day CHG~0.00%
Published-11 Jan, 2021 | 21:48
Updated-03 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android SoC; Android ID: A-172514667.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0943
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.86%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 19:14
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MMU_MapPages of TBD, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-238916921

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0519
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.28%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 18:28
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-176533109

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0525
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.25%
||
7 Day CHG~0.00%
Published-21 Jun, 2021 | 16:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In memory management driver, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185193929

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0456
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.43%
||
7 Day CHG~0.00%
Published-10 Mar, 2021 | 16:15
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174769927

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0574
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.72%
||
7 Day CHG~0.00%
Published-17 Aug, 2021 | 18:28
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In asf extractor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-187234876

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 26
  • 27
  • Next
Details not found