Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,094)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-24139 1Apple 1Macos Apr 2, 2026 Jan 27, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Ventura 13.7.5. Parsing a maliciously crafted file may lead to an unexpected app t...Show more The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, macOS Ventura 13.7.5. Parsing a maliciously crafted file may lead to an unexpected app termination.Show less
CVE-2025-24122 1Apple 1Macos Apr 2, 2026 Jan 27, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to m...Show more A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to modify protected parts of the file system.Show less
CVE-2025-24118 1Apple 2Ipados Macos Nov 3, 2025 Jan 27, 2025 N/A· v4 7.1 HIGH· v3 N/A· v2 The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.
CVE-2024-54543 1Apple 7Ipados Iphone OsMacos+4 more Apr 2, 2026 Jan 27, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafte...Show more The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.Show less
CVE-2024-54523 1Apple 5Ipados Iphone OsMacos+2 more Apr 2, 2026 Jan 27, 2025 N/A· v4 6.3 MEDIUM· v3 N/A· v2 The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54522 1Apple 5Ipados Iphone OsMacos+2 more Apr 2, 2026 Jan 27, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54520 1Apple 1Macos Apr 2, 2026 Jan 27, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files.
CVE-2024-54517 1Apple 5Ipados Iphone OsMacos+2 more Apr 2, 2026 Jan 27, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, watchOS 11.2. An app may be able to corrupt coprocessor memory.
CVE-2024-54509 1Apple 1Macos Apr 2, 2026 Jan 27, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or...Show more An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory.Show less
CVE-2025-0753 1Axiosys 1Bento4 Feb 28, 2025 Jan 27, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based...Show more A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2025-0751 1Axiosys 1Bento4 Feb 28, 2025 Jan 27, 2025 6.9 MEDIUM· v4 6.5 MEDIUM· v3 7.5 HIGH· v2 A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It...Show more A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-55194 1Openimageio 1Openimageio Jan 29, 2025 Jan 23, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h.
CVE-2024-55192 1Openimageio 1Openimageio Feb 5, 2025 Jan 23, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*).
CVE-2024-50664 1Gpac 1Gpac Feb 11, 2025 Jan 23, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box.
CVE-2024-49749 1Google 1Android Apr 22, 2025 Jan 21, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for...Show more In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-49748 1Google 1Android Apr 22, 2025 Jan 21, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User int...Show more In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-49745 1Google 1Android Apr 22, 2025 Jan 21, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...Show more In growData of Parcel.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-49738 1Google 1Android Apr 22, 2025 Jan 21, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-43096 1Google 1Android Apr 22, 2025 Jan 21, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. U...Show more In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2024-24423 1Linuxfoundation 1Magma Mar 18, 2025 Jan 21, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at /nas/ies/EsmMessageContainer...Show more The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_esm_message_container function at /nas/ies/EsmMessageContainer.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.Show less

Previous 1...99100101...705 Next