Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,113)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-47431 1Adobe 1Substance 3d Painter Nov 13, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue re...Show more Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47430 1Adobe 1Substance 3d Painter Nov 13, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47429 1Adobe 1Substance 3d Painter Nov 13, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47428 1Adobe 1Substance 3d Painter Nov 13, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47427 1Adobe 1Substance 3d Painter Nov 13, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-8534 1Citrix 2Netscaler Application Delivery Controller Netscaler Gateway Jul 25, 2025 Nov 12, 2024 8.4 HIGH· v4 8.1 HIGH· v3 N/A· v2 Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be...Show more Memory safety vulnerability leading to memory corruption and Denial of Service in NetScaler ADC and Gateway if the appliance must be configured as a Gateway (VPN Vserver) with RDP Feature enabled OR the appliance must be configured as a Gateway (VPN Vserver) and RDP Proxy Server Profile is created and set to Gateway (VPN Vserver) OR the appliance must be configured as a Auth Server (AAA Vserver) with RDP Feature enabledShow less
CVE-2024-47452 1Adobe 1Illustrator Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte...Show more Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47451 1Adobe 1Illustrator Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte...Show more Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47450 1Adobe 1Illustrator Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires use...Show more Illustrator versions 28.7.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47443 1Adobe 1After Effects Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47442 1Adobe 1After Effects Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47441 1Adobe 1After Effects Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires...Show more After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-45114 1Adobe 1Illustrator Nov 14, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte...Show more Illustrator versions 28.7.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-33505 1Fortinet 3Fortianalyzer FortimanagerFortimanager Cloud Jan 31, 2025 Nov 12, 2024 N/A· v4 7.3 HIGH· v3 N/A· v2 A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 th...Show more A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specially crafted http requestsShow less
CVE-2024-31496 1Fortinet 3Fortianalyzer Fortianalyzer Big DataFortimanager Jan 21, 2025 Nov 12, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and...Show more A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.Show less
CVE-2024-49528 1Adobe 1Animate Nov 18, 2024 Nov 12, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...Show more Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Show less
CVE-2024-47909 1Ivanti 2Connect Secure Policy Secure Nov 18, 2024 Nov 12, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.
CVE-2024-47907 1Ivanti 1Connect Secure Nov 18, 2024 Nov 12, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service.
CVE-2024-47905 1Ivanti 2Connect Secure Policy Secure Nov 18, 2024 Nov 12, 2024 N/A· v4 4.9 MEDIUM· v3 N/A· v2 A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service.
CVE-2024-52531 1Gnome 1Libsoup Nov 3, 2025 Nov 11, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_co...Show more GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).Show less

Previous 1...121122123...706 Next