Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2025-03-22 CVE-2025-30472 Out-of-bounds Write vulnerability in Corosync
Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.
network
low complexity
corosync CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29384 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29385 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29386 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29387 Out-of-bounds Write vulnerability in Tenda AC9 Firmware 15.03.05.14
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
network
high complexity
tenda CWE-787
7.1
7.1
2025-03-14 CVE-2025-29029 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formSetSpeedWan function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29030 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-14 CVE-2025-29031 Out-of-bounds Write vulnerability in Tenda AC6 Firmware 15.03.05.16
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
network
low complexity
tenda CWE-787
critical
 9.8
9.8
2025-03-13 CVE-2025-2263 Out-of-bounds Write vulnerability in Santesoft Sante Pacs Server 4.1.0
During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password.
network
low complexity
santesoft CWE-787
critical
 9.8
9.8
2025-03-12 CVE-2025-21865 Out-of-bounds Write vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Brad Spengler reported the list_del() corruption splat in gtp_net_exit_batch_rtnl().
local
low complexity
linux CWE-787
5.5
5.5