Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

CVEs (14,083)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-11266 - - Jan 20, 2026 Dec 12, 2025 6.8 MEDIUM· v4 6.6 MEDIUM· v3 N/A· v2 An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data store...Show more An out-of-bounds write vulnerability exists in the Grassroots DICOM library (GDCM). The issue is triggered during parsing of a malformed DICOM file containing encapsulated PixelData fragments (compressed image data stored as multiple fragments). This vulnerability leads to a segmentation fault caused by an out-of-bounds memory access due to unsigned integer underflow in buffer indexing. It is exploitable via file input, simply opening a crafted malicious DICOM file is sufficient to trigger the crash, resulting in a denial-of-service condition.Show less
CVE-2025-14174 3Apple GoogleMicrosoft 9Chrome Edge ChromiumIpados+6 more Dec 15, 2025 Dec 12, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2025-10451 - - Dec 12, 2025 Dec 12, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Unchecked output buffer may allowed arbitrary code execution in SMM and potentially result in SMM memory corruption.
CVE-2025-66590 1Azeotech 1Daqfactory Jun 4, 2026 Dec 11, 2025 8.4 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 In AzeoTech DAQFactory release 20.7 (Build 2555), an out-of-bounds write vulnerability can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbit...Show more In AzeoTech DAQFactory release 20.7 (Build 2555), an out-of-bounds write vulnerability can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution or a system crash.Show less
CVE-2025-36937 1Google 1Android Jan 5, 2026 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 In AudioDecoder::HandleProduceRequest of audio_decoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed...Show more In AudioDecoder::HandleProduceRequest of audio_decoder.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36935 1Google 1Android Jan 5, 2026 Dec 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User int...Show more In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36931 1Google 1Android Dec 12, 2025 Dec 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...Show more In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36930 1Google 1Android Dec 12, 2025 Dec 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...Show more In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36928 1Google 1Android Dec 12, 2025 Dec 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti...Show more In GetHostAddress of gxp_buffer.h, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36927 1Google 1Android Dec 12, 2025 Dec 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use...Show more In GetTachyonCommand of tachyon_server_common.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36925 1Google 1Android Dec 12, 2025 Dec 11, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 In WAVES_send_data_to_dsp of libaoc_waves.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User in...Show more In WAVES_send_data_to_dsp of libaoc_waves.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-36924 1Google 1Android Dec 12, 2025 Dec 11, 2025 N/A· v4 8.0 HIGH· v3 N/A· v2 In ss_DecodeLcsAssistDataReqMsg(void) of ss_LcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additio...Show more In ss_DecodeLcsAssistDataReqMsg(void) of ss_LcsManagement.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Show less
CVE-2025-66048 1Libbiosig Project 1Libbiosig Dec 17, 2025 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can prov...Show more Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 133Show less
CVE-2025-66047 1Libbiosig Project 1Libbiosig Dec 17, 2025 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can prov...Show more Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131Show less
CVE-2025-66046 1Libbiosig Project 1Libbiosig Dec 17, 2025 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can prov...Show more Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 67Show less
CVE-2025-66045 1Libbiosig Project 1Libbiosig Dec 17, 2025 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can prov...Show more Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 65Show less
CVE-2025-66044 1Libbiosig Project 1Libbiosig Dec 17, 2025 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can prov...Show more Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 64Show less
CVE-2025-66043 1Libbiosig Project 1Libbiosig Dec 17, 2025 Dec 11, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can prov...Show more Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3Show less
CVE-2020-36885 1Sony 1Snc Dh120t Firmware Jan 2, 2026 Dec 10, 2025 9.3 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a...Show more Sony IPELA Network Camera 1.82.01 contains a stack buffer overflow vulnerability in the ftpclient.cgi endpoint that allows remote attackers to execute arbitrary code. Attackers can exploit the vulnerability by sending a crafted POST request with oversized data to the FTP client functionality, potentially causing remote code execution or denial of service.Show less
CVE-2025-41732 1Wago 20852 1322 Firmware 0852 1328 Firmware Dec 19, 2025 Dec 10, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise.

Previous 1...474849...705 Next