VYPR

CWE-823

Use of Out-of-range Pointer Offset

BaseIncomplete

Description

The product performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-129

CVEs mapped to this weakness (24)

page 1 of 2
  • CVE-2026-21732CriMar 20, 2026
    risk 0.62cvss 9.6epss 0.00

    A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits…

  • CVE-2017-20211HigNov 12, 2025
    risk 0.56cvss epss 0.01

    UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A…

  • CVE-2026-28764HigMay 21, 2026
    risk 0.51cvss 7.8epss 0.00

    MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability

  • CVE-2025-25180HigJul 14, 2025
    risk 0.51cvss 7.8epss 0.00

    Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages…

  • CVE-2024-52939HigFeb 22, 2025
    risk 0.51cvss 7.8epss 0.00

    Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.

  • CVE-2024-47900HigJan 31, 2025
    risk 0.51cvss 7.8epss 0.00

    Software installed and run as a non-privileged user may conduct improper GPU system calls to access OOB kernel memory.

  • CVE-2024-52938HigJan 13, 2025
    risk 0.51cvss 7.8epss 0.00

    Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory.

  • CVE-2016-2161HigJul 27, 2017
    risk 0.50cvss 7.5epss 0.21

    In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests.

  • CVE-2025-11232HigOct 29, 2025
    risk 0.49cvss 7.5epss 0.00

    To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the…

  • CVE-2024-12577HigFeb 22, 2025
    risk 0.47cvss 7.3epss 0.00

    Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

  • CVE-2024-47895HigJan 13, 2025
    risk 0.46cvss 7.1epss 0.00

    Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.

  • CVE-2024-47894HigJan 13, 2025
    risk 0.46cvss 7.1epss 0.00

    Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to read data outside the Guest's virtualised GPU memory.

  • CVE-2026-23764MedJan 22, 2026
    risk 0.44cvss epss 0.00

    VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a…

  • CVE-2024-52937MedJan 13, 2025
    risk 0.44cvss 6.7epss 0.00

    Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.

  • CVE-2026-42946MedMay 13, 2026
    risk 0.42cvss 6.5epss 0.01

    A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may result in excessive memory allocation or an over-read of data. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) ability to…

  • CVE-2026-41907HigApr 24, 2026
    risk 0.42cvss 7.5epss 0.00

    uuid is for the creation of RFC9562 (formerly RFC4122) UUIDs. Prior to 14.0.0, v3, v5, and v6 accept external output buffers but do not reject out-of-range writes (small buf or large offset). This allows silent partial writes into caller-provided buffers. This vulnerability is…

  • CVE-2024-47893MedMay 17, 2025
    risk 0.42cvss 6.5epss 0.00

    Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory.

  • CVE-2026-20022MedMar 4, 2026
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled…

  • CVE-2025-46806MedJun 2, 2025
    risk 0.38cvss epss 0.00

    A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.

  • CVE-2024-52936MedJan 13, 2025
    risk 0.29cvss 4.4epss 0.00

    Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to write data outside the Guest's virtualised GPU memory.