Vulnerabilities > Out-of-bounds Write
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-11 | CVE-2021-27410 | Out-of-bounds Write vulnerability in Hillrom products The affected product is vulnerable to an out-of-bounds write, which may result in corruption of data or code execution on the Welch Allyn medical device management tools (Welch Allyn Service Tool: versions prior to v1.10, Welch Allyn Connex Device Integration Suite – Network Connectivity Engine (NCE): versions prior to v5.3, Welch Allyn Software Development Kit (SDK): versions prior to v3.2, Welch Allyn Connex Central Station (CS): versions prior to v1.8.6, Welch Allyn Service Monitor: versions prior to v1.7.0.0, Welch Allyn Connex Vital Signs Monitor (CVSM): versions prior to v2.43.02, Welch Allyn Connex Integrated Wall System (CIWS): versions prior to v2.43.02, Welch Allyn Connex Spot Monitor (CSM): versions prior to v1.52, Welch Allyn Spot Vital Signs 4400 Device (Spot 4400) / Welch Allyn Spot 4400 Vital Signs Extended Care Device: versions prior to v1.11.00). | 7.5 |
2021-06-11 | CVE-2021-22750 | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21041 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious CGF file is imported to IGSS Definition. | 6.8 |
2021-06-11 | CVE-2021-22751 | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or execution of arbitrary code due to lack of input validation, when a malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 6.8 |
2021-06-11 | CVE-2021-22752 | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing size checks, when a malicious WSP (Workspace) file is being parsed by IGSS Definition. | 6.8 |
2021-06-11 | CVE-2021-22754 | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to lack of proper validation of user-supplied data, when a malicious CGF file is imported to IGSS Definition. | 6.8 |
2021-06-11 | CVE-2021-22755 | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds write vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied data, when a malicious CGF file is imported to IGSS Definition. | 6.8 |
2021-06-11 | CVE-2021-28211 | Out-of-bounds Write vulnerability in Tianocore Edk2 202008 A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. | 4.6 |
2021-06-11 | CVE-2021-25384 | Out-of-bounds Write vulnerability in Google Android An improper input validation vulnerability in sdfffd_parse_chunk_PROP() with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process. | 9.8 |
2021-06-11 | CVE-2021-25396 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0 An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | 4.6 |
2021-06-11 | CVE-2021-25407 | Out-of-bounds Write vulnerability in Google Android 10.0/11.0/9.0 A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | 4.6 |