Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,088)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-20720 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User inte...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418954; Issue ID: MSV-3569.Show less
CVE-2025-20719 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User inte...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418955; Issue ID: MSV-3570.Show less
CVE-2025-20718 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for expl...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00419945; Issue ID: MSV-3581.Show less
CVE-2025-20717 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00419946; Issue ID: MSV-3582.Show less
CVE-2025-20716 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00421149; Issue ID: MSV-3728.Show less
CVE-2025-20715 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00421152; Issue ID: MSV-3731.Show less
CVE-2025-20714 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 15, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432659; Issue ID: MSV-3902.Show less
CVE-2025-20713 2Mediatek Openwrt 2Openwrt Software Development Kit Oct 16, 2025 Oct 14, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432661; Issue ID: MSV-3904.Show less
CVE-2025-20711 2Mediatek Openwrt 2Openwrt Software Development Kit Jan 13, 2026 Oct 14, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User inte...Show more In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00422399; Issue ID: MSV-3748.Show less
CVE-2025-61859 1Fujielectric 1Monitouch V Sft Oct 27, 2025 Oct 10, 2025 8.4 HIGH· v4 7.8 HIGH· v3 N/A· v2 An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end...Show more An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution.Show less
CVE-2025-61858 1Fujielectric 1Monitouch V Sft Oct 27, 2025 Oct 10, 2025 8.4 HIGH· v4 7.8 HIGH· v3 N/A· v2 An out-of-bounds write vulnerability exists in VS6ComFile!set_AnimationItem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND),...Show more An out-of-bounds write vulnerability exists in VS6ComFile!set_AnimationItem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution.Show less
CVE-2025-61857 1Fujielectric 1Monitouch V Sft Oct 27, 2025 Oct 10, 2025 8.4 HIGH· v4 7.8 HIGH· v3 N/A· v2 An out-of-bounds write vulnerability exists in VS6ComFile!CItemExChange::WinFontDynStrCheck of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnor...Show more An out-of-bounds write vulnerability exists in VS6ComFile!CItemExChange::WinFontDynStrCheck of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution.Show less
CVE-2025-21070 1Samsung 1Notes Oct 16, 2025 Oct 10, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
CVE-2025-21053 1Samsung 1Android Oct 23, 2025 Oct 10, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
CVE-2025-21052 1Samsung 1Android Oct 23, 2025 Oct 10, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
CVE-2025-21051 1Samsung 1Android Oct 23, 2025 Oct 10, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVE-2025-21044 1Samsung 1Android Oct 23, 2025 Oct 10, 2025 N/A· v4 4.4 MEDIUM· v3 N/A· v2 Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-39962 1Linux 1Linux Kernel Feb 26, 2026 Oct 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix untrusted unsigned subtract Fix the following Smatch static checker warning: net/rxrpc/rxgk_app.c:65 rxgk_yfs_decode_ticket() warn:...Show more In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix untrusted unsigned subtract Fix the following Smatch static checker warning: net/rxrpc/rxgk_app.c:65 rxgk_yfs_decode_ticket() warn: untrusted unsigned subtract. 'ticket_len - 10 * 4' by prechecking the length of what we're trying to extract in two places in the token and decoding for a response packet. Also use sizeof() on the struct we're extracting rather specifying the size numerically to be consistent with the other related statements.Show less
CVE-2025-47355 1Qualcomm 27Fastconnect 6700 Firmware Fastconnect 6900 FirmwareFastconnect 7800 Firmware+24 more Nov 5, 2025 Oct 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while invoking remote procedure IOCTL calls.
CVE-2025-47340 1Qualcomm 18Fastconnect 6900 Firmware Fastconnect 7800 FirmwareQcc2072 Firmware+15 more Nov 5, 2025 Oct 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while processing IOCTL call to get the mapping.

Previous 1...565758...705 Next