Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2024-04-08 CVE-2023-52350 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In ril service, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
4.4
2024-04-04 CVE-2024-21894 Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack.
network
low complexity
ivanti CWE-787
critical
9.8
2024-04-04 CVE-2024-22053 Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.
network
low complexity
ivanti CWE-787
8.2
2024-04-04 CVE-2024-26807 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drvdata(dev); struct spi_controller *host = dev_get_drvdata(dev); This obviously cannot be correct, unless "struct cqspi_st" is the first member of " struct spi_controller", or the other way around, but it is not the case.
local
low complexity
linux CWE-787
5.5
2024-04-03 CVE-2024-26730 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct6775) Fix access to temperature configuration registers The number of temperature configuration registers does not always match the total number of temperature registers. This can result in access errors reported if KASAN is enabled. BUG: KASAN: global-out-of-bounds in nct6775_probe+0x5654/0x6fe9 nct6775_core
local
high complexity
linux CWE-787
7.0
2024-04-03 CVE-2024-26733 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get().
local
low complexity
linux debian netapp CWE-787
5.5
2024-04-03 CVE-2024-26736 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: afs: Increase buffer size in afs_update_volume_status() The max length of volume->vid value is 20 characters. So increase idbuf[] size up to 24 to avoid overflow. Found by Linux Verification Center (linuxtesting.org) with SVACE. [DH: Actually, it's 20 + NUL, so increase it to 24 and use snprintf()]
local
low complexity
linux debian CWE-787
7.8
2024-04-03 CVE-2024-26742 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disable_managed_interrupts Correct blk-mq registration issue with module parameter disable_managed_interrupts enabled. When we turn off the default PCI_IRQ_AFFINITY flag, the driver needs to register with blk-mq using blk_mq_map_queues().
local
low complexity
linux CWE-787
7.8
2024-04-03 CVE-2024-26759 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWP_SYNCHRONOUS_IO, if two or more threads swapin the same entry at the same time, they get different pages (A, B).
local
low complexity
linux CWE-787
5.5
2024-04-03 CVE-2024-26763 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel, the following vulnerability has been resolved: dm-crypt: don't modify the data when using authenticated encryption It was said that authenticated encryption could produce invalid tag when the data that is being encrypted is modified [1].
local
low complexity
linux debian CWE-787
7.1