Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,113)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-20521 1Cisco 4Rv042 Firmware Rv042g FirmwareRv320 Firmware+1 more Oct 8, 2024 Oct 2, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the ro...Show more A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.Show less
CVE-2024-20520 1Cisco 4Rv042 Firmware Rv042g FirmwareRv320 Firmware+1 more Oct 8, 2024 Oct 2, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the ro...Show more A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.Show less
CVE-2024-20519 1Cisco 4Rv042 Firmware Rv042g FirmwareRv320 Firmware+1 more Oct 8, 2024 Oct 2, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the ro...Show more A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.Show less
CVE-2024-20518 1Cisco 4Rv042 Firmware Rv042g FirmwareRv320 Firmware+1 more Oct 8, 2024 Oct 2, 2024 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the ro...Show more A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.Show less
CVE-2024-20517 1Cisco 4Rv042 Firmware Rv042g FirmwareRv320 Firmware+1 more Oct 8, 2024 Oct 2, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an...Show more A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.Show less
CVE-2024-20516 1Cisco 4Rv042 Firmware Rv042g FirmwareRv320 Firmware+1 more Oct 8, 2024 Oct 2, 2024 N/A· v4 6.8 MEDIUM· v3 N/A· v2 A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an...Show more A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.Show less
CVE-2024-46276 1Randygaul 1Cute Png Mar 14, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h.
CVE-2024-46274 1Randygaul 1Cute Png Mar 18, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_stored() function at cute_png.h.
CVE-2024-46267 1Randygaul 1Cute Png Mar 18, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_block() function at cute_png.h.
CVE-2024-46264 1Randygaul 1Cute Png Mar 13, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_find() function at cute_png.h.
CVE-2024-46263 1Randygaul 1Cute Png Mar 18, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h.
CVE-2024-46261 1Randygaul 1Cute Png Mar 17, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h.
CVE-2024-46259 1Randygaul 1Cute Png Mar 18, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_unfilter() function at cute_png.h.
CVE-2024-46258 1Randygaul 1Cute Png Mar 14, 2025 Oct 1, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h.
CVE-2024-7674 1Autodesk 1Navisworks Aug 26, 2025 Sep 30, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary cod...Show more A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.Show less
CVE-2024-7673 1Autodesk 1Navisworks Jan 29, 2025 Sep 30, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code...Show more A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.Show less
CVE-2024-7672 1Autodesk 1Navisworks Aug 26, 2025 Sep 30, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause d...Show more A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2024-7671 1Autodesk 1Navisworks Feb 10, 2025 Sep 30, 2024 N/A· v4 7.8 HIGH· v3 N/A· v2 A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corr...Show more A maliciously crafted DWFX file, when parsed in dwfcore.dll through Autodesk Navisworks, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2024-45993 1Giflib Project 1Giflib Jul 10, 2025 Sep 30, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Giflib Project v5.2.2 is vulnerable to a heap buffer overflow via gif2rgb.
CVE-2024-23967 1Autel 1Maxicharger Ac Elite Business C50 Firmware Oct 3, 2024 Sep 28, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affecte...Show more Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of base64-encoded data within WebSocket messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-23230Show less

Previous 1...129130131...706 Next