Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-06 | CVE-2023-32837 | Out-of-bounds Write vulnerability in Google Android 12.0 In video, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2023-11-06 | CVE-2023-32838 | Out-of-bounds Write vulnerability in Google Android 11.0/12.0 In dpe, there is a possible out of bounds write due to a missing valid range checking. | 6.7 |
| 2023-11-06 | CVE-2023-32839 | Out-of-bounds Write vulnerability in Google Android 11.0/12.0 In dpe, there is a possible out of bounds write due to a missing valid range checking. | 6.7 |
| 2023-11-06 | CVE-2023-32840 | Out-of-bounds Write vulnerability in Mediatek products In modem CCCI, there is a possible out of bounds write due to a missing bounds check. | 6.5 |
| 2023-11-05 | CVE-2023-47249 | Out-of-bounds Write vulnerability in Color Demoiccmax 20220621 In International Color Consortium DemoIccMAX 79ecb74, a CIccXmlArrayType:::ParseText function (for unsigned short) in IccUtilXml.cpp in libIccXML.a has an out-of-bounds read. | 6.5 |
| 2023-11-02 | CVE-2023-39283 | Out-of-bounds Write vulnerability in Insyde Insydeh2O An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation. | 7.8 |
| 2023-11-02 | CVE-2022-4900 | Out-of-bounds Write vulnerability in multiple products A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. | 5.5 |
| 2023-11-02 | CVE-2023-3164 | Out-of-bounds Write vulnerability in multiple products A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. | 5.5 |
| 2023-11-01 | CVE-2023-39281 | Out-of-bounds Write vulnerability in Insyde Insydeh2O A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. | 9.8 |
| 2023-11-01 | CVE-2023-46927 | Out-of-bounds Write vulnerability in Gpac 2.3Devrev605Gfc9E29089Master GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box. | 5.5 |