Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,093)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-45844 1Totolink 1Nr1800x Firmware May 16, 2025 May 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiBasicCfg function.
CVE-2025-45843 1Totolink 1Nr1800x Firmware May 16, 2025 May 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid parameter in the setWiFiGuestCfg function.
CVE-2025-45842 1Totolink 1Nr1800x Firmware May 16, 2025 May 8, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the ssid5g parameter in the setWiFiEasyCfg function.
CVE-2025-45841 1Totolink 1Nr1800x Firmware May 16, 2025 May 8, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function.
CVE-2025-1254 1Rti 1Connext Professional Jul 31, 2025 May 8, 2025 7.7 HIGH· v4 7.4 HIGH· v3 N/A· v2 Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0...Show more Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42.Show less
CVE-2025-1252 1Rti 1Connext Professional Jul 31, 2025 May 8, 2025 6.9 MEDIUM· v4 7.1 HIGH· v3 N/A· v2 Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6...Show more Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from 5.3.0 before 5.3., from 4.4d before 5.2..Show less
CVE-2025-37810 2Debian Linux 2Debian Linux Linux Kernel Nov 12, 2025 May 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check...Show more In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3_GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check that event count does not exceed event buffer length, avoiding an out-of-bounds access when memcpy'ing the event. Crash log: Unable to handle kernel paging request at virtual address ffffffc0129be000 pc : __memcpy+0x114/0x180 lr : dwc3_check_event_buf+0xec/0x348 x3 : 0000000000000030 x2 : 000000000000dfc4 x1 : ffffffc0129be000 x0 : ffffff87aad60080 Call trace: __memcpy+0x114/0x180 dwc3_interrupt+0x24/0x34Show less
CVE-2025-41431 1F5 11Big Ip Access Policy Manager Big Ip Advanced Firewall ManagerBig Ip Analytics+8 more Aug 6, 2025 May 7, 2025 8.7 HIGH· v4 7.5 HIGH· v3 N/A· v2 When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in the standby BIG-IP systems in a traffic group. Note: Software versio...Show more When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in the standby BIG-IP systems in a traffic group. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.Show less
CVE-2025-20182 1Cisco 2Adaptive Security Appliance Software Firepower Threat Defense Aug 1, 2025 May 7, 2025 N/A· v4 8.6 HIGH· v3 N/A· v2 A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE...Show more A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when processing IKEv2 messages. An attacker could exploit this vulnerability by sending crafted IKEv2 traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition on the affected device.Show less
CVE-2025-20980 1Google 1Android Oct 2, 2025 May 7, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to cause memory corruption.
CVE-2025-20979 1Google 1Android Oct 2, 2025 May 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in libsavscmn prior to Android 15 allows local attackers to execute arbitrary code.
CVE-2025-20964 1Samsung 1Android May 21, 2025 May 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVE-2025-20963 1Samsung 1Android May 21, 2025 May 7, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory.
CVE-2025-20937 1Samsung 1Android May 13, 2025 May 7, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-32405 1Rt Labs 1P Net May 13, 2025 May 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.
CVE-2025-32404 1Rt Labs 1P Net May 13, 2025 May 7, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet.
CVE-2025-32403 1Rt Labs 1P Net May 13, 2025 May 7, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet.
CVE-2025-32402 1Rt Labs 1P Net May 13, 2025 May 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.
CVE-2025-32401 1Rt Labs 1P Net May 13, 2025 May 7, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet.
CVE-2025-32400 1Rt Labs 1P Net May 13, 2025 May 7, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet.

Previous 1...808182...705 Next