Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-07 | CVE-2021-39262 | Out-of-bounds Write vulnerability in multiple products A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22. | 7.8 |
| 2021-09-07 | CVE-2021-39263 | Out-of-bounds Write vulnerability in multiple products A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22. | 7.8 |
| 2021-09-07 | CVE-2021-33285 | Out-of-bounds Write vulnerability in multiple products In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. | 7.8 |
| 2021-09-07 | CVE-2021-33289 | Out-of-bounds Write vulnerability in multiple products In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution. | 7.8 |
| 2021-09-07 | CVE-2021-35268 | Out-of-bounds Write vulnerability in multiple products In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges. | 7.8 |
| 2021-09-07 | CVE-2021-35269 | Out-of-bounds Write vulnerability in multiple products NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges. | 7.8 |
| 2021-09-07 | CVE-2021-28136 | Out-of-bounds Write vulnerability in Espressif Esp-Idf The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet. | 3.3 |
| 2021-09-03 | CVE-2021-30614 | Out-of-bounds Write vulnerability in multiple products Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip | 8.8 |
| 2021-09-02 | CVE-2021-22791 | Out-of-bounds Write vulnerability in Schneider-Electric products A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions). | 4.0 |
| 2021-09-02 | CVE-2021-28561 | Out-of-bounds Write vulnerability in Adobe products Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a memory corruption vulnerability. | 6.8 |