Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,079)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-1489 - - Jun 2, 2026 Jan 27, 2026 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker co...Show more A flaw was found in GLib. An integer overflow vulnerability in its Unicode case conversion implementation can lead to memory corruption. By processing specially crafted and extremely large Unicode strings, an attacker could trigger an undersized memory allocation, resulting in out-of-bounds writes. This could cause applications utilizing GLib for string conversion to crash or become unstable.Show less
CVE-2026-1484 - - Jun 2, 2026 Jan 27, 2026 N/A· v4 4.2 MEDIUM· v3 N/A· v2 A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause...Show more A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrusted or extremely large Base64 input using GLib may crash or behave unpredictably.Show less
CVE-2026-24829 - - Jan 27, 2026 Jan 27, 2026 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4.
CVE-2026-24827 - - Jan 27, 2026 Jan 27, 2026 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Write vulnerability in gerstrong Commander-Genius.This issue affects Commander-Genius: before Release refs/pull/358/merge.
CVE-2026-24826 - - Jan 27, 2026 Jan 27, 2026 10.0 CRITICAL· v4 N/A· v3 N/A· v2 Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects .
CVE-2026-24823 - - Jan 27, 2026 Jan 27, 2026 10.0 CRITICAL· v4 N/A· v3 N/A· v2 Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associ...Show more Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7.Show less
CVE-2026-24822 - - Jan 27, 2026 Jan 27, 2026 10.0 CRITICAL· v4 N/A· v3 N/A· v2 Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1.
CVE-2026-24817 - - Jan 27, 2026 Jan 27, 2026 8.7 HIGH· v4 N/A· v3 N/A· v2 Out-of-bounds Write vulnerability in praydog UEVR (dependencies/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05.
CVE-2026-24811 1Root 1Root Feb 19, 2026 Jan 27, 2026 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with program files inffast.C. This issue affects root.
CVE-2026-24809 - - Jan 27, 2026 Jan 27, 2026 6.9 MEDIUM· v4 N/A· v3 N/A· v2 An issue from the component luaG_runerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs.
CVE-2026-24800 - - Jan 27, 2026 Jan 27, 2026 10.0 CRITICAL· v4 N/A· v3 N/A· v2 Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in tildearrow furnace (extern/zlib modules). This vulnerability is associated with program files inflate.C.
CVE-2026-24799 - - Jan 27, 2026 Jan 27, 2026 5.2 MEDIUM· v4 N/A· v3 N/A· v2 Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. Th...Show more Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9.Show less
CVE-2026-24797 - - Jan 27, 2026 Jan 27, 2026 6.9 MEDIUM· v4 N/A· v3 N/A· v2 Out-of-bounds Write vulnerability in neka-nat cupoch (third_party/libjpeg-turbo/libjpeg-turbo modules). This vulnerability is associated with program files tjbench.C. This issue affects cupoch.
CVE-2026-24795 - - Jan 27, 2026 Jan 27, 2026 5.1 MEDIUM· v4 N/A· v3 N/A· v2 Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C. This issue affects C...Show more Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C. This issue affects CloverBootloader: before 5162.Show less
CVE-2026-24793 1Azerothcore 1Azerothcore Feb 17, 2026 Jan 27, 2026 10.0 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate....Show more Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0.Show less
CVE-2026-1361 1Deltaww 1Asda Soft Feb 17, 2026 Jan 27, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 ASDA-Soft Stack-based Buffer Overflow Vulnerability
CVE-2026-1284 - - Feb 3, 2026 Jan 26, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbit...Show more An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.Show less
CVE-2025-27821 1Apache 1Hadoop Jan 27, 2026 Jan 26, 2026 N/A· v4 7.3 HIGH· v3 N/A· v2 Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.
CVE-2026-1418 1Gpac 1Gpac Apr 29, 2026 Jan 26, 2026 1.9 LOW· v4 7.8 HIGH· v3 4.3 MEDIUM· v2 A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gf_text_import_srt_bifs of the file src/scene_manager/text_to_bifs.c of the component SRT Subtitle Import. Such manipulation leads...Show more A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gf_text_import_srt_bifs of the file src/scene_manager/text_to_bifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The name of the patch is 10c73b82cf0e367383d091db38566a0e4fe71772. It is best practice to apply a patch to resolve this issue.Show less
CVE-2025-71155 1Linux 1Linux Kernel Feb 26, 2026 Jan 23, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmap_helper_zap_one_page() again A few checks were missing in gmap_helper_zap_one_page(), which can lead to memory corruption in the gu...Show more In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmap_helper_zap_one_page() again A few checks were missing in gmap_helper_zap_one_page(), which can lead to memory corruption in the guest under specific circumstances. Add the missing checks.Show less

Previous 1...394041...704 Next