CWE-787
Out-of-bounds Write
BaseDraftLikelihood: High
Description
The product writes data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
CVEs mapped to this weakness (1,368)
page 37 of 69| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-26988 | Hig | 0.51 | 7.8 | 0.00 | May 1, 2024 | In the Linux kernel, the following vulnerability has been resolved: init/main.c: Fix potential static_command_line memory overflow We allocate memory of size 'xlen + strlen(boot_command_line) + 1' for static_command_line, but the strings copied into static_command_line are extra_command_line and command_line, rather than extra_command_line and boot_command_line. When strlen(command_line) > strlen(boot_command_line), static_command_line will overflow. This patch just recovers strlen(command_line) which was miss-consolidated with strlen(boot_command_line) in the commit f5c7310ac73e ("init/main: add checks for the return value of memblock_alloc*()") | |
| CVE-2024-3299 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2024 | Out-Of-Bounds Write, Use of Uninitialized Resource and Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted SLDDRW or SLDPRT file. NOTE: this vulnerability was SPLIT from CVE-2024-1847. | |
| CVE-2024-3298 | Hig | 0.51 | 7.8 | 0.00 | Apr 4, 2024 | Out-Of-Bounds Write and Type Confusion vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF. NOTE: this vulnerability was SPLIT from CVE-2024-1847. | |
| CVE-2024-1848 | Hig | 0.51 | 7.8 | 0.00 | Mar 22, 2024 | Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, DWG, DXF, IPT, JT, SAT, SLDDRW, SLDPRT, STL, STP, X_B or X_T file. | |
| CVE-2024-23270 | Hig | 0.51 | 7.8 | 0.00 | Mar 8, 2024 | The issue was addressed with improved memory handling. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges. | |
| CVE-2024-23265 | Hig | 0.51 | 7.8 | 0.00 | Mar 8, 2024 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An app may be able to cause unexpected system termination or write kernel memory. | |
| CVE-2023-6931 | Hig | 0.51 | 7.8 | 0.00 | Dec 19, 2023 | A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation. A perf_event's read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b. | |
| CVE-2022-30790 | Hig | 0.51 | 7.8 | 0.00 | Jun 8, 2022 | Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. | |
| CVE-2019-13106 | Hig | 0.51 | 7.8 | 0.01 | Aug 6, 2019 | Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution. | |
| CVE-2019-13104 | Hig | 0.51 | 7.8 | 0.00 | Aug 6, 2019 | In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem. | |
| CVE-2018-19762 | Hig | 0.51 | 7.8 | 0.00 | Nov 30, 2018 | There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact. | |
| CVE-2017-17806 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization. | |
| CVE-2017-14969 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x83000084, a related issue to CVE-2017-17114. | |
| CVE-2017-14962 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In IKARUS anti.virus before 2.16.18, the ntguard.sys driver contains an Out of Bounds Write vulnerability because of not validating input values from IOCtl 0x83000058, a related issue to CVE-2017-17112. | |
| CVE-2017-4943 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vulnerability via the 'showlog' plugin. Successful exploitation of this issue could result in a low privileged user gaining root level privileges over the appliance base OS. | |
| CVE-2017-17789 | Hig | 0.51 | 7.8 | 0.01 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer overflow in read_channel_data in plug-ins/common/file-psp.c. | |
| CVE-2017-17785 | Hig | 0.51 | 7.8 | 0.00 | Dec 20, 2017 | In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c. | |
| CVE-2017-2886 | Hig | 0.51 | 7.8 | 0.00 | Dec 11, 2017 | A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this vulnerability. | |
| CVE-2017-13166 | Hig | 0.51 | 7.8 | 0.00 | Dec 6, 2017 | An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167. | |
| CVE-2017-16879 | Hig | 0.51 | 7.8 | 0.00 | Nov 22, 2017 | Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted terminfo file, as demonstrated by tic. |