Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,093)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-1656 1Autodesk 1Revit Aug 19, 2025 Apr 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data,...Show more A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2025-1277 1Autodesk 1Revit Aug 19, 2025 Apr 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the cu...Show more A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.Show less
CVE-2025-1276 1Autodesk 17Advance Steel AutocadAutocad Architecture+14 more Aug 19, 2025 Apr 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption...Show more A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2025-1275 1Autodesk 12Advance Steel AutocadAutocad Architecture+9 more Aug 19, 2025 Apr 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitiv...Show more A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2025-1274 1Autodesk 1Revit Aug 19, 2025 Apr 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute ar...Show more A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2025-1273 1Autodesk 1Revit Aug 19, 2025 Apr 15, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data,...Show more A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2025-1292 1Google 1Chrome Oct 6, 2025 Apr 15, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the...Show more Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.Show less
CVE-2025-1122 1Google 1Chrome Oct 6, 2025 Apr 15, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_R...Show more Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.Show less
CVE-2025-3538 1Dlink 1Di 8100 Firmware Jul 16, 2025 Apr 13, 2025 8.7 HIGH· v4 8.8 HIGH· v3 8.3 HIGH· v2 A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback lea...Show more A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-56406 1Perl 1Perl Oct 16, 2025 Apr 13, 2025 N/A· v4 8.4 HIGH· v3 N/A· v2 A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the l...Show more A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`. $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;' Segmentation fault (core dumped) It is believed that this vulnerability can enable Denial of Service and possibly Code Execution attacks on platforms that lack sufficient defenses.Show less
CVE-2025-26479 1Dell 1Powerscale Onefs Jul 15, 2025 Apr 10, 2025 N/A· v4 3.1 LOW· v3 N/A· v2 Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues.
CVE-2025-2632 1Ni 1Labview Aug 18, 2025 Apr 9, 2025 8.5 HIGH· v4 7.8 HIGH· v3 N/A· v2 Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an atta...Show more Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW reading CPU info from cache that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.Show less
CVE-2025-2631 1Ni 1Labview Aug 18, 2025 Apr 9, 2025 8.5 HIGH· v4 7.8 HIGH· v3 N/A· v2 Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker...Show more Out of bounds write vulnerability due to improper bounds checking in NI LabVIEW in InitCPUInformation() that may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI. This vulnerability affects NI LabVIEW 2025 Q1 and prior versions.Show less
CVE-2025-29988 1Dell 26114 Plus 2 In 1 Db04250 Firmware 14 Plus Db14250 Firmware16 Plus 2 In 1 Db06250 Firmware+258 more Jan 12, 2026 Apr 9, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 Dell Client Platform BIOS contains a Stack-based Buffer Overflow Vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.
CVE-2025-30304 1Adobe 1Framemaker Apr 11, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi...Show more Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-30299 1Adobe 1Framemaker Apr 11, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...Show more Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-30298 1Adobe 1Framemaker Apr 11, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu...Show more Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-30297 1Adobe 1Framemaker Apr 11, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requi...Show more Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-30295 1Adobe 1Framemaker Apr 11, 2025 Apr 8, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue...Show more Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2025-27487 1Microsoft 17Remote Desktop Client Windows 10 1507Windows 10 1607+14 more Jul 7, 2025 Apr 8, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

Previous 1...848586...705 Next