Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-10 | CVE-2024-3119 | Out-of-bounds Write vulnerability in Irontec Sngrep A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. | 9.8 |
| 2024-04-10 | CVE-2024-3120 | Out-of-bounds Write vulnerability in Irontec Sngrep A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. | 9.8 |
| 2024-04-08 | CVE-2023-52386 | Out-of-bounds Write vulnerability in Huawei Emui and Harmonyos Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulnerability will affect availability. | 7.5 |
| 2024-04-08 | CVE-2024-26811 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate payload size in ipc response If installing malicious ksmbd-tools, ksmbd.mountd can return invalid ipc response to ksmbd kernel server. | 5.5 |
| 2024-04-08 | CVE-2023-52349 | Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0 In ril service, there is a possible out of bounds write due to a missing bounds check. | 4.4 |
| 2024-04-08 | CVE-2023-52350 | Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0 In ril service, there is a possible out of bounds write due to a missing bounds check. | 4.4 |
| 2024-04-04 | CVE-2024-21894 | Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. | 9.8 |
| 2024-04-04 | CVE-2024-22053 | Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. | 8.2 |
| 2024-04-04 | CVE-2024-26807 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously cannot be correct, unless "struct cqspi_st" is the first member of " struct spi_controller", or the other way around, but it is not the case. | 5.5 |
| 2024-04-03 | CVE-2024-26730 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASAN is enabled. BUG: KASAN: global-out-of-bounds in nct6775_probe+0x5654/0x6fe9 nct6775_core | 7.0 |