Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2024-09-05 CVE-2024-32668 Out-of-bounds Write vulnerability in Freebsd
An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root.
local
low complexity
freebsd CWE-787
8.2
2024-09-04 CVE-2024-8408 Out-of-bounds Write vulnerability in Linksys Wrt54G Firmware 4.21.5
A vulnerability was found in Linksys WRT54G 4.21.5.
network
low complexity
linksys CWE-787
critical
9.8
2024-09-04 CVE-2024-34657 Out-of-bounds Write vulnerability in Samsung Notes
Stack-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows remote attackers to execute arbitrary code.
network
low complexity
samsung CWE-787
critical
9.8
2024-09-04 CVE-2024-34660 Out-of-bounds Write vulnerability in Samsung Notes
Heap-based out-of-bounds write in Samsung Notes prior to version 4.4.21.62 allows local attackers to execute arbitrary code.
local
low complexity
samsung CWE-787
7.8
2024-09-03 CVE-2024-8384 Out-of-bounds Write vulnerability in Mozilla Firefox ESR
The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes.
network
low complexity
mozilla CWE-787
critical
9.8
2024-09-03 CVE-2024-8387 Out-of-bounds Write vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1.
network
low complexity
mozilla CWE-787
critical
9.8
2024-09-03 CVE-2024-8389 Out-of-bounds Write vulnerability in Mozilla Firefox 129.0
Memory safety bugs present in Firefox 129.
network
low complexity
mozilla CWE-787
critical
9.8
2024-09-02 CVE-2024-33038 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
local
low complexity
qualcomm CWE-787
7.8
2024-09-02 CVE-2024-33042 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when Alternative Frequency offset value is set to 255.
local
low complexity
qualcomm CWE-787
7.8
2024-09-02 CVE-2024-33045 Out-of-bounds Write vulnerability in Qualcomm products
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
local
low complexity
qualcomm CWE-787
7.8