Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2024-04-10 CVE-2024-3119 Out-of-bounds Write vulnerability in Irontec Sngrep
A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers.
network
low complexity
irontec CWE-787
critical
9.8
2024-04-10 CVE-2024-3120 Out-of-bounds Write vulnerability in Irontec Sngrep
A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1.
network
low complexity
irontec CWE-787
critical
9.8
2024-04-08 CVE-2023-52386 Out-of-bounds Write vulnerability in Huawei Emui and Harmonyos
Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect availability.
network
low complexity
huawei CWE-787
7.5
2024-04-08 CVE-2024-26811 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server.
local
low complexity
linux CWE-787
5.5
2024-04-08 CVE-2023-52349 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In ril service, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
4.4
2024-04-08 CVE-2023-52350 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In ril service, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
4.4
2024-04-04 CVE-2024-21894 Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack.
network
low complexity
ivanti CWE-787
critical
9.8
2024-04-04 CVE-2024-22053 Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.
network
low complexity
ivanti CWE-787
8.2
2024-04-04 CVE-2024-26807 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously cannot be correct, unless "struct cqspi_st" is the first member of " struct spi_controller", or the other way around, but it is not the case.
local
low complexity
linux CWE-787
5.5
2024-04-03 CVE-2024-26730 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASAN is enabled. BUG: KASAN: global-out-of-bounds in nct6775_probe+0x5654/0x6fe9 nct6775_core
local
high complexity
linux CWE-787
7.0