Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-3758

Summary
Assigner-OpenHarmony
Assigner Org ID-0cf5dd6e-1214-4398-a481-30441e48fafd
Published At-07 May, 2024 | 06:27
Updated At-01 Aug, 2024 | 20:20
Rejected At-
Credits

Hmdfs has a heap buffer overflow vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:OpenHarmony
Assigner Org ID:0cf5dd6e-1214-4398-a481-30441e48fafd
Published At:07 May, 2024 | 06:27
Updated At:01 Aug, 2024 | 20:20
Rejected At:
▼CVE Numbering Authority (CNA)
Hmdfs has a heap buffer overflow vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.

Affected Products
Vendor
OpenHarmony (OpenAtom Foundation)OpenHarmony
Product
OpenHarmony
Default Status
unaffected
Versions
Affected
  • From v4.0.0 before v4.0.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122 Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-122
Description: CWE-122 Heap-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md
N/A
Hyperlink: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md
x_transferred
Hyperlink: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:scy@openharmony.io
Published At:07 May, 2024 | 07:15
Updated At:02 Jan, 2025 | 19:04

in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in TCB through heap buffer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
OpenAtom Foundation
openatom
>>openharmony>>Versions before 4.0.1(exclusive)
cpe:2.3:o:openatom:openharmony:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-122Secondaryscy@openharmony.io
CWE-787Primarynvd@nist.gov
CWE ID: CWE-122
Type: Secondary
Source: scy@openharmony.io
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.mdscy@openharmony.io
Vendor Advisory
https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.mdaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md
Source: scy@openharmony.io
Resource:
Vendor Advisory
Hyperlink: https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-05.md
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1213Records found
CVE-2025-22835
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-3.8||LOW
EPSS-0.02% / 3.77%
||
7 Day CHG~0.00%
Published-04 Mar, 2025 | 03:44
Updated-11 Mar, 2025 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.

Action-Not Available
Vendor-OpenHarmony (OpenAtom Foundation)
Product-OpenHarmony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-47398
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-8.8||HIGH
EPSS-0.03% / 6.08%
||
7 Day CHG~0.00%
Published-07 Jan, 2025 | 07:57
Updated-07 Jan, 2025 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos_a has an out-of-bounds write vulnerability

in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write.

Action-Not Available
Vendor-OpenHarmony (OpenAtom Foundation)
Product-OpenHarmony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-45382
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-3.3||LOW
EPSS-0.03% / 7.88%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 03:03
Updated-16 Oct, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Liteos_a has an Out-of-bounds Write vulnerability

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-37077
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-8.2||HIGH
EPSS-1.45% / 80.00%
||
7 Day CHG~0.00%
Published-02 Jul, 2024 | 08:14
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an out-of-bounds write vulnerability

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-36243
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-8.2||HIGH
EPSS-1.45% / 80.00%
||
7 Day CHG~0.00%
Published-02 Jul, 2024 | 08:13
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an out-of-bounds read vulnerability

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds read and write.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmonyopenharmony
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-38701
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 20.38%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:39
Updated-16 Sep, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IPC in communication subsystem has a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.

OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-36260
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-8.2||HIGH
EPSS-1.45% / 80.00%
||
7 Day CHG~0.00%
Published-02 Jul, 2024 | 08:13
Updated-09 Sep, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arkcompiler Ets Runtime has an out-of-bounds write vulnerability

in OpenHarmony v4.0.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps through out-of-bounds write.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36423
Matching Score-6
Assigner-OpenHarmony
ShareView Details
Matching Score-6
Assigner-OpenHarmony
CVSS Score-7.4||HIGH
EPSS-0.10% / 29.15%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:39
Updated-17 Sep, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect configuration of the cJSON library lead a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.

OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-16
Not Available
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36477
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddWlanMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36498
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36493
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.11%
||
7 Day CHG-0.03%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n350rt_firmwaren350rtn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36464
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.11%
||
7 Day CHG-0.02%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36505
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG-0.07%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37074
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG-0.08%
Published-25 Aug, 2022 | 14:00
Updated-03 Aug, 2024 | 10:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function switch_debug_info_set.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-gr-1200w_firmwaregr-120wn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22423
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.12%
||
7 Day CHG~0.00%
Published-03 Aug, 2021 | 17:21
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. Local attackers may exploit this vulnerability to cause integer overflow.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22335
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.82%
||
7 Day CHG~0.00%
Published-03 Jun, 2021 | 19:25
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Memory Buffer Improper Operation Limit vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may cause exceptions in image processing.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiEMUI;Magic UI
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36470
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.68%
||
7 Day CHG+0.01%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0329
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.86%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 16:50
Updated-03 Aug, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-171400004

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22555
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-8.3||HIGH
EPSS-82.42% / 99.18%
||
7 Day CHG~0.00%
Published-07 Jul, 2021 | 11:20
Updated-16 Sep, 2024 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap Out-Of-Bounds Write in Netfilter IP6T_SO_SET_REPLACE

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

Action-Not Available
Vendor-n/aNetApp, Inc.Brocade Communications Systems, Inc. (Broadcom Inc.)Linux Kernel Organization, Inc
Product-aff_500f_firmwareh615c_firmwarefas_8700aff_a400_firmwareh610s_firmwaresolidfireh610sfas_8700_firmwarelinux_kernelhci_management_nodeh610caff_a400h615cfas_8300_firmwareaff_a250aff_500ffabric_operating_systemfas_8300h610c_firmwareaff_a250_firmwareLinux Kernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-4656
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.33%
||
7 Day CHG~0.00%
Published-18 Jul, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does not properly allocate memory, which might allow local users to trigger a heap-based buffer overflow, and consequently cause a denial of service or gain privileges, via a long report.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kernelubuntu_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-19452
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.68%
||
7 Day CHG~0.00%
Published-21 Feb, 2020 | 14:34
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM privileges.

Action-Not Available
Vendor-patriotmemoryn/a
Product-viper_rgb_drivern/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17242
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.86%
||
7 Day CHG~0.00%
Published-08 Oct, 2019 | 11:18
Updated-05 Aug, 2024 | 01:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f.

Action-Not Available
Vendor-n/aIrfanView
Product-irfanviewn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-3843
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.89%
||
7 Day CHG~0.00%
Published-28 May, 2021 | 12:14
Updated-07 Aug, 2024 | 03:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.

Action-Not Available
Vendor-ettercap-projectn/a
Product-ettercapettercap
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3577
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.87%
||
7 Day CHG~0.00%
Published-20 Oct, 2022 | 00:00
Updated-08 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelKernel
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-12186
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.04% / 10.14%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 23:31
Updated-10 Dec, 2024 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Hotel Management System Available Room hotelnew.c stack-based overflow

A vulnerability was found in code-projects Hotel Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file hotelnew.c of the component Available Room Handler. The manipulation of the argument admin_entry leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Source Code & Projects
Product-hotel_management_systemHotel Management Systemhotel_management_system
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-12185
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.04% / 10.14%
||
7 Day CHG~0.00%
Published-04 Dec, 2024 | 23:31
Updated-10 Dec, 2024 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
code-projects Hotel Management System Administrator Login Password stack-based overflow

A vulnerability has been found in code-projects Hotel Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Administrator Login Password Handler. The manipulation of the argument Str2 leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-Source Code & Projects
Product-hotel_management_systemHotel Management Systemhotel_management_system
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21812
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 22:39
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a static sized buffer without any length checks resulting in a stack-buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.

Action-Not Available
Vendor-attn/a
Product-xmillAT&T
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-12354
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.04% / 10.26%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 01:31
Updated-10 Dec, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Phone Contact Manager System User Menu MenuDisplayStart buffer overflow

A vulnerability, which was classified as critical, was found in SourceCodester Phone Contact Manager System 1.0. Affected is the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation leads to buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-razormistSourceCodester
Product-phone_contact_manager_systemPhone Contact Manager Systemphone_shop_sales_managements_system_using_php_with_source_code
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11262
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.01% / 2.15%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 22:31
Updated-21 Nov, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Student Record Management System View All Student Marks main stack-based overflow

A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as critical. Affected by this vulnerability is the function main of the component View All Student Marks. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-razormistSourceCodester
Product-student_record_management_systemStudent Record Management Systemstudent_record_management_system
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21813
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 22:40
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow.

Action-Not Available
Vendor-attn/a
Product-xmillAT&T
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28578
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.11% / 30.19%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Services

Memory corruption in Core Services while executing the command for removing a single event listener.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareimmersive_home_214sd865_5gqca6595ipq6028_firmwareqca8081_firmwareqcn9001snapdragon_670_mobilesnapdragon_x50_5g_modem-rf_systemwcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024ar9380qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700qcn6422_firmwareqcn5124_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwareipq8078a_firmwareqam8295pwcd9341sd626_firmwareipq5312snapdragon_x12_lte_modemsnapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwaresa9000p_firmwaresc8180xp-acafsnapdragon_850_mobile_computefastconnect_6800_firmwarefsm10055sd835_firmwarevideo_collaboration_vc1_platform_firmwaresa8770pqcn9000snapdragon_678_mobile_firmwaresa8540pqsm8250_firmwareqsm8350_firmwareqcn6432video_collaboration_vc1_platformqep8111sa7255psnapdragon_730_mobile_firmwarewcd9385_firmwareqca6421vision_intelligence_200qca6310ipq8074a_firmwareipq8076awcd9360snapdragon_680_4g_mobilesa6155pqca6564au_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psnapdragon_835_mobilesnapdragon_888_5g_mobile_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaresd835snapdragon_4_gen_2_mobile_firmwareqca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070snapdragon_695_5g_mobile_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwareqca6420wcn3910csrb31024snapdragon_x70_modem-rf_system_firmwaremdm9250_firmwaresnapdragon_712_mobilesnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_835_mobile_firmwarewcn3660bqca6574aqca6174awcd9340qcs8250_firmwareqcm2290qdu1210snapdragon_auto_5g_modem-rf_gen_2qcn6122_firmwareqcn5154_firmwaresm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwareqcn5122_firmwareqcn9024pmp8074vision_intelligence_300_firmwareqca6574snapdragon_x75_5g_modem-rf_systemqamsrv1hqcn6412_firmwaresdx57mqcs410qcm2290_firmwarevision_intelligence_100sa8155pqca8072_firmwaresnapdragon_765g_5g_mobile_firmwarewsa8830smart_display_200_firmwareipq5312_firmwaresm8550pqcf8000_firmwaresa6145psnapdragon_625_mobile_firmwareimmersive_home_318_firmwareqcn6122sa8255p_firmwaresnapdragon_4_gen_2_mobilesnapdragon_7c_compute_firmwareqrb5165m_firmwaresa8650p_firmwareimmersive_home_216_firmwareqca9985immersive_home_316snapdragon_865\+_5g_mobile_firmwareipq8071aqcn6112wcn3950_firmwareqrb5165nfastconnect_6200sm7325p_firmwaresd460wcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwareqdx1011snapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwareqcn6023_firmwareqcn5164_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesc8180xp-acaf_firmwareqcn9072qcn6224_firmwarevision_intelligence_100_firmwareqca6431sd660_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwaresdx57m_firmwareimmersive_home_216srv1msxr2130_firmwaresnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165msc8380xpqca6320qca4024_firmwareqca0000_firmwaresd888_firmwareqcs6125_firmwareqca9992_firmwareqca9990ipq8070qcn9074wsa8815_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwareipq8173snapdragon_665_mobilesm7250p_firmwarewcn3999ipq6010_firmwarewcn3950snapdragon_730g_mobile_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca9986qcn9070_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresnapdragon_720g_mobilesm7250pcsrb31024_firmwareipq6018sa8155sd_8cx_firmwaresc8180x-acafsd888fsm10055_firmwareqru1062_firmwarefsm10056sd460_firmwaresnapdragon_675_mobile_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareipq8065qru1062qca6310_firmwaresd626fastconnect_6800qcs7230snapdragon_865_5g_mobile_firmwareipq5302_firmwareqcn9001_firmwarewcd9371fastconnect_6900_firmwarerobotics_rb5_firmwareqca8075_firmwareqcf8000sc8180x-aaab_firmwarevideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwareqcn6402_firmwareqca6698aq_firmwareqcs2290qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3999_firmwaresa8255pqcs7230_firmwarewcd9390_firmwareqcn5024qep8111_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobileimmersive_home_326qdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfflight_rb5_5g_firmwaressg2125pqru1052csra6640_firmwareqamsrv1mqam8650p_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemipq8076_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqdu1010_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660wsa8815qam8775pqca9377snapdragon_ar2_gen_1_firmwareqcm4325_firmwareqcn6412qcm4290_firmwaresnapdragon_720g_mobile_firmwareqca9888_firmwareqca9889qcn5024_firmwareqcn9002_firmwareimmersive_home_318ipq5010qcn9274_firmwaresnapdragon_710_mobilesg4150p_firmwareqru1052_firmwarecsra6620_firmwareqcs8550ipq8068_firmwaresa8650psnapdragon_626_mobileqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresnapdragon_xr1wcd9375qca9889_firmwaresnapdragon_ar2_gen_1snapdragon_636_mobilesa8145psd_675snapdragon_8\+_gen_1_mobile_firmwarecsr8811smart_display_200qdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareqcm8550_firmwareqcs410_firmwarerobotics_rb3sa6150p_firmwaresw5100pipq9574qcn9000_firmwareqcn6102_firmwaresxr1120qcn9022qcs610_firmwarewcd9335wcd9370qca8072snapdragon_7c_gen_2_compute_firmwareqca6696wcd9341_firmwareqcn9003_firmwareipq8076wcn6740_firmwareipq6018_firmwaresnapdragon_750g_5g_mobileqca9984_firmwareqcn6023snapdragon_685_4g_mobilesnapdragon_780g_5g_mobilevision_intelligence_200_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqca9994_firmwareqdu1110snapdragon_auto_4g_modemipq8078asnapdragon_690_5g_mobile_firmwareqca6574auwcd9390csra6640snapdragon_778g_5g_mobile_firmwaresrv1hqcn9100_firmwarewcn3660b_firmwareqcn5122sd730snapdragon_690_5g_mobileqcn6024_firmwaresnapdragon_636_mobile_firmwareqca9886_firmwaresnapdragon_712_mobile_firmwaresnapdragon_625_mobileqcm6125_firmwarec-v2x_9150ssg2115pqcc710qcn6132_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwareqcn5054315_5g_iot_modem_firmwarefastconnect_6900qcn6402snapdragon_w5\+_gen_1_wearable_firmwareimmersive_home_326_firmwareqru1032_firmwareipq5332_firmwareqcn5052fsm10056_firmwareqca9980qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwareipq8064sa8155_firmwareqcn5164qca6335qcs4490snapdragon_730_mobilemdm9250wsa8845snapdragon_626_mobile_firmwareqcn6100_firmwareqca6421_firmwareqcm6125sc8180x-adcsr8811_firmwarewsa8810qcn5021qdu1000_firmwareqsm8250srv1h_firmwareqcn6100qca6595ausnapdragon_888_5g_mobilesm7315_firmwareqdu1010wcd9326_firmwaresnapdragon_845_mobile_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobileqdu1210_firmwareqca9986_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqcn9012wcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresdx71msnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareipq9570snapdragon_8\+_gen_2_mobilesa8195pqca6335_firmwareqcm6490ipq5302sa8540p_firmwaresnapdragon_662_mobileqcn9274ipq8076a_firmwaresa8775pipq9570_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresmart_audio_400qcn9024_firmwarewsa8845hsa6150pwcd9326sa8155p_firmwaresnapdragon_630_mobileqca6564aqcn9074_firmwaresnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computeipq8174sc8180x\+sdx55_firmwareipq8174_firmwarear8035ipq8072aqamsrv1m_firmwaresa6155qcm4325qcn6224sc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250snapdragon_480\+_5g_mobilesd670wcn3680bsa8145p_firmwaresa8150p_firmwarefastconnect_6700_firmwarewcn3990qcn9002ipq8078qcs6490qcs8250snapdragon_695_5g_mobileipq9554_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqca6678aqqcn6432_firmwareqcn5022_firmwaresc8180xp-aaab_firmwareqca9992ipq9554qca6564ausc8180xp-adsm6250p_firmwaresc8280xp-abbbsa8195p_firmwareqcm4290qcn5054_firmwareqca9888ipq5332sd_455_firmwarear8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwareipq8072a_firmwaresnapdragon_xr2\+_gen_1sm4125qcm4490_firmwareqru1032vision_intelligence_400_firmwareqcn6112_firmwareqcs6125flight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_870_5g_mobilesnapdragon_678_mobilesd_455qca9886qcn6132sm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqcn6102qca6584auqca6320_firmwareqcn6274_firmwareqcn9011_firmwaresw5100_firmwarewcn6740snapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareqcn6422snapdragon_675_mobileimmersive_home_214_firmwareipq8070awcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230pqca9990_firmwaresnapdragon_xr2_5gsa8150pqcn9003immersive_home_3210qcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x35_5g_modem-rf_systemsc8180x-aaabsxr1230psd662_firmwareipq6010sw5100aqt1000snapdragon_4_gen_1_mobile_firmwarec-v2x_9150_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315snapdragon_660_mobileqca6564a_firmwarewcd9385qca9994qsm8350snapdragon_888\+_5g_mobilesnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwaresd662snapdragon_680_4g_mobile_firmwareqcs4290sxr1230p_firmwaresnapdragon_865\+_5g_mobilesg8275psdx71m_firmwaresm6250psdx55_firmwareipq8071a_firmwarewcn3615_firmwaresxr2130ipq6028qcm4490qcn9100snapdragon_480\+_5g_mobile_firmwarerobotics_rb5qca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_670_mobile_firmwareaqt1000_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qfw7124qca6595au_firmwareqca0000sw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwareqca6797aqqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwaresnapdragon_4_gen_1_mobilesnapdragon_865_5g_mobileipq8074aimmersive_home_3210_firmwaresd675snapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca8386qca6391snapdragon_x70_modem-rf_systemipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295psnapdragon_x50_5g_modem-rf_system_firmwaresc8280xp-abbb_firmwarefastconnect_7800snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwarevision_intelligence_300snapdragon_765g_5g_mobilewcn3988_firmwareimmersive_home_316_firmwareqamsrv1h_firmwareipq8070_firmwareqcn5154sd_8cxvision_intelligence_400ssg2115p_firmwarewsa8835_firmwareqcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_w5\+_gen_1_wearableqcs610Snapdragonsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_720g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarewsa8832_firmwareqca6431_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwareipq8070_firmwareqcn6102_firmwaresd888_firmwareqcn9024_firmwareqcn9070_firmwarewsa8835_firmwareqcn6422_firmwaresd670_firmwarecsr8811_firmwarefastconnect_6700_firmwareipq8076a_firmwaresnapdragon_x12_lte_modem_firmwareqcn9022_firmwaremdm9250_firmwaresa8155p_firmwareqcn6224_firmwareqca6420_firmwareqcn5052_firmwareqcn5164_firmwarecsrb31024_firmwareimmersive_home_3210_platform_firmwareqca9994_firmwareqca9377_firmwaresd626_firmwaresm7315_firmwareqcn6100_firmwareqcn6402_firmwarevision_intelligence_400_platform_firmwaresd835_firmwarewcd9385_firmwareqca9990_firmwarefastconnect_7800_firmwarepmp8074_firmwareipq8078_firmwaressg2125p_firmwarewcd9360_firmwarecsra6620_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqamsrv1m_firmwareipq8070a_firmwareqcn6274_firmwareipq5302_firmwareqcn5152_firmwareqam8650p_firmwarec-v2x_9150_firmwareqsm8250_firmwarewcn3950_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcn6432_firmwaresrv1m_firmwareimmersive_home_316_platform_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn5024_firmwaresa8195p_firmwareqcn9003_firmwareipq8173_firmwarewcn3910_firmwareqcn9012_firmwaresd_8cx_firmwareqcn9100_firmwareqdx1011_firmwaresw5100_firmwaresa9000p_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmware315_5g_iot_modem_firmwarewsa8845_firmwaresd660_firmwareqca8075_firmwareqca6574au_firmwaresdx71m_firmwareqcn9274_firmwareipq8071a_firmwareqca6678aq_firmwaresm4125_firmwareqcn5122_firmwareipq8068_firmwarewcn3980_firmwareqca4024_firmwaresnapdragon_626_mobile_platform_firmwareqcn9000_firmwareqcm6125_firmwarewcn3660b_firmwareqca6696_firmwareimmersive_home_326_platform_firmwareqsm8350_firmwareqcn5054_firmwaresnapdragon_xr1_platform_firmwareqca8337_firmwareqca9985_firmwareqcn5154_firmwarefsm10056_firmwareqca6595au_firmwareqamsrv1h_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_ar2_gen_1_platform_firmwareipq9570_firmwarewcd9395_firmwareqdu1010_firmwaresg4150p_firmwareqca6174a_firmwareqcn9072_firmwareqca6391_firmwaresnapdragon_x70_modem-rf_system_firmwareipq6010_firmwarewcd9370_firmwarewsa8840_firmwareqam8775p_firmwarewcd9371_firmwarerobotics_rb3_platform_firmwareqca9986_firmwaresw5100p_firmwareqcm4325_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8830_firmwareqam8295p_firmwareqca6320_firmwareqca6574_firmwaresd_675_firmwareqca9984_firmwarewcd9335_firmwaresnapdragon_630_mobile_platform_firmwareqcn6112_firmwarear8031_firmwareqcm4490_firmwareqcn6023_firmwareqca8072_firmwareqcm2290_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_662_mobile_platform_firmwareipq5028_firmwareqdx1010_firmwareqcs610_firmwareipq6028_firmwarewsa8815_firmwareipq8072a_firmwarewcn3990_firmwareipq9574_firmwareqrb5165m_firmwareqca6430_firmwaresd865_5g_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6426_firmwaresnapdragon_auto_4g_modem_firmwaresc8380xp_firmwaresdx55_firmwaresmart_audio_400_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6421_firmwarefsm10055_firmwareimmersive_home_214_platform_firmwareqam8255p_firmwareqca6310_firmwaresa8650p_firmwarear9380_firmwareqcn6132_firmwareqcn6412_firmwareqca6574a_firmwaresd_455_firmwareqcs4490_firmwareqcn5124_firmwareipq8065_firmwaresdx57m_firmwaresa8150p_firmwareqcs7230_firmwaresrv1h_firmwaresd855_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresa8255p_firmwaresm7325p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_855_mobile_platform_firmwareqcm6490_firmwareipq8064_firmwareipq8076_firmwareipq8074a_firmwarefastconnect_6200_firmwareqca8386_firmwaresm6250_firmwaresa6155_firmwaresm7250p_firmwaresnapdragon_675_mobile_platform_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8770p_firmwaresnapdragon_710_mobile_platform_firmwaresnapdragon_636_mobile_platform_firmwarecsra6640_firmwaresxr1120_firmwarewcd9341_firmwarewsa8845h_firmwareqca9992_firmwareqcm8550_firmwareqdu1110_firmwareqca6436_firmwaresd662_firmwareqca6595_firmwareqca0000_firmwaresa7255p_firmwarewcd9326_firmwareqcn9011_firmwaresnapdragon_4_gen_2_mobile_platform_firmwarevision_intelligence_300_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6564a_firmwareqca6335_firmwareqca9889_firmwaresnapdragon_625_mobile_platform_firmwareipq6018_firmwaresnapdragon_690_5g_mobile_platform_firmwareipq9554_firmwareqca9980_firmwarewcd9340_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcs6125_firmwareqcc710_firmwareqcf8000_firmwaresa6155p_firmwareqcn9002_firmwareqcn9074_firmwarewcn6740_firmwaresd_8_gen1_5g_firmwareqcs8550_firmwaresa8540p_firmwareipq5312_firmwareqca6564au_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9001_firmwaresm6250p_firmwareqep8111_firmwareqcn6122_firmwaresa8775p_firmwareimmersive_home_318_platform_firmwarewcn3615_firmwarewcd9390_firmwareaqt1000_firmwaresm8550p_firmwarewcn3999_firmwareqcs6490_firmwaresnapdragon_850_mobile_compute_platform_firmwaresd675_firmwareipq8078a_firmwaresa6145p_firmwaresnapdragon_835_mobile_pc_platform_firmwaresa8295p_firmwaresnapdragon_845_mobile_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa6150p_firmwaresxr1230p_firmwareqfw7124_firmwareipq8174_firmwarefastconnect_6900_firmwareqdu1000_firmwareqca9888_firmwaresxr2130_firmwarewcd9380_firmwareqca6584au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwareimmersive_home_216_platform_firmwareqcn5021_firmwareqfw7114_firmwaresd730_firmwaresxr2230p_firmwaressg2115p_firmwaresg8275p_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8145p_firmwaresd460_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwareqdu1210_firmwareqcs4290_firmwareqca9886_firmwareqru1062_firmwareqcs2290_firmwaresnapdragon_460_mobile_platform_firmwareqca6797aq_firmwarewcn3680b_firmwareipq5010_firmwaresnapdragon_712_mobile_platform_firmwaresnapdragon_665_mobile_platform_firmwareqru1032_firmwareqcs410_firmwareipq5332_firmwareqcm4290_firmwareqcs8250_firmwarewcd9375_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-1394
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.50% / 65.09%
||
7 Day CHG~0.00%
Published-12 Nov, 2019 | 18:52
Updated-04 Aug, 2024 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408, CVE-2019-1434.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0646
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7||HIGH
EPSS-0.02% / 2.77%
||
7 Day CHG~0.00%
Published-17 Jan, 2024 | 15:16
Updated-01 Aug, 2025 | 15:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Action-Not Available
Vendor-Red Hat, Inc.Linux Kernel Organization, Inc
Product-enterprise_linuxlinux_kernelRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 9.0 Extended Update SupportRed Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.4 Telecommunications Update ServiceRHOL-5.8-RHEL-9Red Hat Enterprise Linux 8.2 Telecommunications Update ServiceRed Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 8.2 Update Services for SAP Solutions
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0409
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.99%
||
7 Day CHG~0.00%
Published-18 Jan, 2024 | 15:40
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xorg-x11-server: selinux context corruption

A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.

Action-Not Available
Vendor-tigervncFedora ProjectRed Hat, Inc.X.Org Foundation
Product-enterprise_linux_desktopxwaylandenterprise_linuxx_serverenterprise_linux_for_power_big_endianenterprise_linux_for_power_little_endianenterprise_linux_serverfedoraenterprise_linux_for_scientific_computingenterprise_linux_workstationenterprise_linux_for_ibm_z_systemstigervncRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32917
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.10%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 00:00
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-05||Apply updates per vendor instructions.

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

Action-Not Available
Vendor-Apple Inc.
Product-ipadosiphone_osmacosiOSmacOSiOS, iPadOS, and macOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0962
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.18% / 40.25%
||
7 Day CHG~0.00%
Published-27 Jan, 2024 | 12:31
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
obgm libcoap Configuration File coap_oscore.c get_split_entry stack-based overflow

A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function get_split_entry of the file src/coap_oscore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-252206 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-libcoapobgm
Product-libcoaplibcoap
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-10397
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-7.7||HIGH
EPSS-0.19% / 41.17%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 19:33
Updated-05 Aug, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.

Action-Not Available
Vendor-openafsOpenAFS
Product-openafsOpenAFS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-6931
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.25%
||
7 Day CHG~0.00%
Published-19 Dec, 2023 | 14:09
Updated-13 Feb, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds write in Linux kernel's Performance Events system component

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.

Action-Not Available
Vendor-Debian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxKernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-21815
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG~0.00%
Published-13 Aug, 2021 | 22:43
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to strcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflow. An attacker can provide malicious input to trigger this vulnerability.

Action-Not Available
Vendor-attn/a
Product-xmillAT&T
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-11112
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.24% / 47.51%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 18:41
Updated-04 Aug, 2024 | 22:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel CorporationNetApp, Inc.
Product-graphics_drivercloud_backupdata_availability_servicessteelstore_cloud_integrated_storage2019.2 IPU – Intel(R) Graphics Driver for Windows* and Linux
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0023
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.4||HIGH
EPSS-2.84% / 85.67%
||
7 Day CHG~0.00%
Published-16 Feb, 2024 | 19:36
Updated-16 Dec, 2024 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ConvertRGBToPlanarYUV of Codec2BufferUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0408
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.32%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 13:05
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-156999009

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-0090
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.21% / 42.77%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 21:23
Updated-15 Aug, 2024 | 22:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Action-Not Available
Vendor-Citrix (Cloud Software Group, Inc.)Microsoft CorporationCanonical Ltd.Red Hat, Inc.VMware (Broadcom Inc.)NVIDIA CorporationLinux Kernel Organization, Inc
Product-ubuntu_linuxstudiovirtual_gpuhypervisorteslavspherequadrocloud_gaminggeforcertxlinux_kernelgpu_display_driverazure_stack_hcienterprise_linux_kernel-based_virtual_machinenvswindowsGPU display driver, vGPU software, and Cloud Gamingvirtual_gpucloud_gaminggpu_display_driver
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0156
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.08% / 24.57%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 12:54
Updated-08 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation.

Action-Not Available
Vendor-Dell Inc.
Product-digital_deliveryDell Digital Delivery (D3)dell_digital_delivery
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33260
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.03% / 7.56%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack based buffer overflow in Core

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830sda429w_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwareqcs610sw5100pqcc5100wcn6856_firmwarewsa8835wcn3950_firmwarewcd9380sa8150p_firmwaresd888_5gqca6420_firmwareqca6595au_firmwareqcs410wcd9370wcn6855_firmwareqca6430_firmwarewcn3980wcn3998wcd9385_firmwareqam8295pwcn3950sd_8_gen1_5g_firmwarewcn3660bsd855wsa8815wcn6850qam8295p_firmwarewcn3660b_firmwarewcn7850qca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn3980_firmwarewcn3610_firmwareqca6420sa8295pqcc5100_firmwareaqt1000_firmwaresa6155p_firmwareqcs8155wcn7851wcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810wcn6855wcn6851sa6155psw5100p_firmwareqcs610_firmwarewcn7851_firmwarewcn6856sa6145pwcn3680bwcd9385wcd9341qca6696_firmwaresa8145pqca6696wcd9370_firmwareaqt1000sa8150psa6150psa8155pwsa8830_firmwaresda429wsd855_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcs8155_firmwaresw5100_firmwaresm8475qcs410_firmwaresa8295p_firmwarewcn3610Snapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0018
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.03% / 5.29%
||
7 Day CHG~0.00%
Published-16 Feb, 2024 | 19:33
Updated-16 Dec, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0051
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.61%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 16:35
Updated-16 Dec, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0229
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.30% / 52.76%
||
7 Day CHG~0.00%
Published-09 Feb, 2024 | 06:29
Updated-04 Aug, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.

Action-Not Available
Vendor-Red Hat, Inc.X.Org FoundationFedora Project
Product-x_serverenterprise_linux_update_services_for_sap_solutionsenterprise_linux_ausfedoraenterprise_linux_eusenterprise_linuxenterprise_linux_tusxwaylandRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.2 Telecommunications Update ServiceRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat Enterprise Linux 9.0 Extended Update SupportRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 6Red Hat Enterprise Linux 8.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 9.2 Extended Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10595
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.26%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca4531_firmwaremdm9640_firmwaresdm636_firmwareapq8064qca9980_firmwaremsm8996au_firmwaresdx20sdm660sdx24sdm630mdm9607_firmwaremdm9650qca9558qca9558_firmwareqca6574aumdm9607msm8996auqca9880_firmwareqca9980qca9880msm8939_firmwareapq8009_firmwareipq4019_firmwaremdm9207c_firmwaremdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwareqca9886_firmwaremsm8909sdx24_firmwareapq8096ausdm636sdm660_firmwareqca9377qca4531sdm630_firmwaresda660_firmwaremdm9615mdm9206_firmwaremsm8939ipq4019qca9886apq8053apq8096au_firmwaremdm9615_firmwaremdm9650_firmwaresdx20_firmwareipq8064qca6574au_firmwaresda660apq8064_firmwareapq8009qca9379msm8909_firmwareapq8053_firmwareipq8064_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 24
  • 25
  • Next
Details not found