Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,113)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-45185 1Samsung 18Exynos 1080 Firmware Exynos 1280 FirmwareExynos 1330 Firmware+15 more Jul 1, 2025 Nov 4, 2024 N/A· v4 5.1 MEDIUM· v3 N/A· v2 An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, Modem 5300. There is an o...Show more An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, Modem 5123, Modem 5300. There is an out-of-bounds write due to a heap overflow in the GPRS protocol.Show less
CVE-2024-38410 1Qualcomm 25Fastconnect 6700 Firmware Fastconnect 6900 FirmwareFastconnect 7800 Firmware+22 more Nov 7, 2024 Nov 4, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 Memory corruption while IOCLT is called when device is in invalid state and the WMI command buffer may be freed twice.
CVE-2024-20121 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitat...Show more In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1574.Show less
CVE-2024-20120 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitat...Show more In KeyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08956986; Issue ID: MSV-1575.Show less
CVE-2024-20119 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation....Show more In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062301; Issue ID: MSV-1620.Show less
CVE-2024-20118 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation....Show more In mms, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09062392; Issue ID: MSV-1621.Show less
CVE-2024-20115 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036695; Issue ID: MSV-1713.Show less
CVE-2024-20114 1Google 1Android Mar 13, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09037038; Issue ID: MSV-1714.Show less
CVE-2024-20113 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09036814; Issue ID: MSV-1715.Show less
CVE-2024-20111 1Google 1Android Mar 13, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065033; Issue ID: MSV-1754.Show less
CVE-2024-20110 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065887; Issue ID: MSV-1762.Show less
CVE-2024-20109 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09065928; Issue ID: MSV-1763.Show less
CVE-2024-20108 1Google 1Android Apr 22, 2025 Nov 4, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. P...Show more In atci, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09082988; Issue ID: MSV-1774.Show less
CVE-2024-20104 4Google LinuxfoundationOpenwrt+1 more 4Android OpenwrtRdk B+1 more Apr 24, 2025 Nov 4, 2024 N/A· v4 8.4 HIGH· v3 N/A· v2 In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation....Show more In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.Show less
CVE-2024-10698 1Tenda 1Ac6 Firmware Nov 4, 2024 Nov 2, 2024 8.7 HIGH· v4 9.8 CRITICAL· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads...Show more A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10662 1Tenda 1Ac15 Firmware Nov 5, 2024 Nov 1, 2024 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to st...Show more A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10661 1Tenda 1Ac15 Firmware Nov 5, 2024 Nov 1, 2024 8.7 HIGH· v4 8.8 HIGH· v3 9.0 HIGH· v2 A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to s...Show more A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.Show less
CVE-2024-10573 - - Dec 18, 2024 Oct 31, 2024 N/A· v4 6.7 MEDIUM· v3 N/A· v2 An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary cod...Show more An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is considered high as the payload must be validated by the MPEG decoder and the PCM synth before execution. Additionally, to successfully execute the attack, the user must scan through the stream, making web live stream content (such as web radios) a very unlikely attack vector.Show less
CVE-2024-9419 1Hp 1Smart Universal Printing Driver Jan 26, 2026 Oct 30, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that send...Show more Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could potentially lead to Remote Code Execution and/or Elevation of Privilege on the PC.Show less
CVE-2024-48241 1Radare 1Radare2 Jun 13, 2025 Oct 30, 2024 N/A· v4 5.5 MEDIUM· v3 N/A· v2 An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.

Previous 1...123124125...706 Next