Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,093)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-30175 1Siemens 5Simatic Pcs Neo Sinec NmsSinema Remote Connect+2 more Oct 3, 2025 May 13, 2025 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal...Show more A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.Show less
CVE-2025-4544 1Dlink 1Di 8100 Firmware May 22, 2025 May 11, 2025 7.5 HIGH· v4 7.2 HIGH· v3 6.8 MEDIUM· v2 A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/...Show more A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max leads to stack-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult.Show less
CVE-2025-47815 1Gnu 1Pspp Jun 12, 2025 May 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c.
CVE-2025-47814 1Gnu 1Pspp Jun 12, 2025 May 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
CVE-2025-4501 1Fabian 1Album Management System Oct 23, 2025 May 10, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffe...Show more A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4500 1Code Projects 1Hotel Management System May 16, 2025 May 10, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roo...Show more A vulnerability, which was classified as critical, has been found in code-projects Hotel Management System 1.0. Affected by this issue is the function Edit of the component Edit Room. The manipulation of the argument roomnumber leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4499 1Fabian 1Simple Hospital Management System Oct 23, 2025 May 10, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argume...Show more A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4498 1Fabian 1Simple Bus Reservation System Oct 23, 2025 May 10, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install of the component Install Bus. The manipulation of the argument bus leads to st...Show more A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install of the component Install Bus. The manipulation of the argument bus leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4480 1Fabian 1Simple College Management System Oct 23, 2025 May 9, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the a...Show more A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4472 1Fabian 1Departmental Store Management System Oct 23, 2025 May 9, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buff...Show more A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-4471 1Fabian 1Jewellery Store Management System Oct 23, 2025 May 9, 2025 4.8 MEDIUM· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipul...Show more A vulnerability, which was classified as critical, has been found in code-projects Jewelery Store Management system 1.0. Affected by this issue is some unknown functionality of the component Search Item View. The manipulation of the argument str2 leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-1330 1Ibm 1Cics Tx Jun 5, 2025 May 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function.
CVE-2025-1329 1Ibm 1Cics Tx Jun 5, 2025 May 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function.
CVE-2025-45797 1Totolink 1A950rg Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/...Show more TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cste_modules/system.so.Show less
CVE-2025-45790 1Totolink 1A3100r Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the priority parameter in the setMacQos interface of /lib/cste_modules/firewall.so.
CVE-2025-45789 1Totolink 1A3100r Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the urlKeyword parameter in setParentalRules.
CVE-2025-45788 1Totolink 1A3100r Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the comment parameter in setMacFilterRules.
CVE-2025-45787 1Totolink 1A3100r Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe comment parameter in setIpPortFilterRules.
CVE-2025-30102 1Dell 1Powerscale Onefs May 16, 2025 May 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.
CVE-2025-45845 1Totolink 1Nr1800x Firmware May 16, 2025 May 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyGuestCfg function.

Previous 1...798081...705 Next