Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,093)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-8846 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally....Show more A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8843 1Nasm 1Netwide Assembler Apr 29, 2026 Aug 11, 2025 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach...Show more A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-8854 1Bulletphysics 1Pybullet Dec 8, 2025 Aug 11, 2025 8.4 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD...Show more Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function.Show less
CVE-2025-8746 1Gnu 1Libopts Apr 29, 2026 Aug 9, 2025 1.9 LOW· v4 5.5 MEDIUM· v3 1.7 LOW· v2 A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this at...Show more A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library." This vulnerability only affects products that are no longer supported by the maintainer.Show less
CVE-2025-6633 1Autodesk 13ds Max Nov 13, 2025 Aug 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute...Show more A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2025-23319 1Nvidia 1Triton Inference Server Aug 12, 2025 Aug 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability m...Show more NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.Show less
CVE-2025-23318 1Nvidia 1Triton Inference Server Aug 12, 2025 Aug 6, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code exe...Show more NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure.Show less
CVE-2025-21461 1Qualcomm 24Fastconnect 6900 Firmware Fastconnect 7800 FirmwareSm6650 Firmware+21 more Aug 19, 2025 Aug 6, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption when programming registers through virtual CDM.
CVE-2025-21021 1Samsung 1Blockchain Keystore Aug 15, 2025 Aug 6, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21020 1Samsung 1Blockchain Keystore Aug 15, 2025 Aug 6, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-21017 1Samsung 1Blockchain Keystore Aug 15, 2025 Aug 6, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-54627 1Huawei 1Harmonyos Aug 20, 2025 Aug 6, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2025-54616 1Huawei 1Harmonyos Aug 12, 2025 Aug 6, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Out-of-bounds array access vulnerability in the ArkUI framework. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2024-45183 1Samsung 7Exynos 1280 Firmware Exynos 1330 FirmwareExynos 1380 Firmware+4 more Oct 27, 2025 Aug 4, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write.
CVE-2025-48499 - - Aug 4, 2025 Aug 4, 2025 6.9 MEDIUM· v4 5.3 MEDIUM· v3 N/A· v2 Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an...Show more Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.Show less
CVE-2025-20698 1Google 1Android Aug 18, 2025 Aug 4, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is no...Show more In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.Show less
CVE-2025-20697 1Google 1Android Aug 18, 2025 Aug 4, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is no...Show more In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.Show less
CVE-2025-20696 5Google LinuxfoundationOpenwrt+2 more 5Android OpenwrtRdk B+2 more Aug 18, 2025 Aug 4, 2025 N/A· v4 6.8 MEDIUM· v3 N/A· v2 In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges ne...Show more In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09915215; Issue ID: MSV-3801.Show less
CVE-2025-54574 1Squid Cache 1Squid Nov 5, 2025 Aug 1, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has be...Show more Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.Show less
CVE-2025-4422 - - Jul 31, 2025 Jul 30, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.l...Show more The vulnerability was identified in the code developed specifically for Lenovo. Please visit "Lenovo Product Security Advisories and Announcements" webpage for more information about the vulnerability. https://support.lenovo.com/us/en/product_security/homeShow less

Previous 1...666768...705 Next