Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2024-09-27 CVE-2024-39431 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In UMTS RLC driver, there is a possible out of bounds write due to a missing bounds check.
low complexity
google CWE-787
4.5
2024-09-27 CVE-2024-39432 Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0
In UMTS RLC driver, there is a possible out of bounds read due to a missing bounds check.
low complexity
google CWE-787
4.5
2024-09-27 CVE-2024-39433 Out-of-bounds Write vulnerability in Google Android 13.0/14.0
In drm service, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
4.4
2024-09-26 CVE-2022-49039 Out-of-bounds Write vulnerability in Synology Drive Client
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands via unspecified vectors.
local
low complexity
synology CWE-787
6.7
2024-09-25 CVE-2024-46488 Out-of-bounds Write vulnerability in Asg017 Sqlite-Vec 0.1.1
sqlite-vec v0.1.1 was discovered to contain a heap buffer overflow via the npy_token_next function.
local
low complexity
asg017 CWE-787
5.5
2024-09-25 CVE-2024-20433 Out-of-bounds Write vulnerability in Cisco IOS
A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets.
network
low complexity
cisco CWE-787
7.5
2024-09-25 CVE-2024-20508 Out-of-bounds Write vulnerability in Cisco Unified Threat Defense Snort Intrusion Prevention System Engine
A vulnerability in Cisco Unified Threat Defense (UTD) Snort Intrusion Prevention System (IPS) Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of HTTP requests when they are processed by Cisco UTD Snort IPS Engine.
network
low complexity
cisco CWE-787
6.5
2024-09-25 CVE-2024-41445 Out-of-bounds Write vulnerability in Ihedvall MDF Library 2.1
Library MDF (mdflib) v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function
network
low complexity
ihedvall CWE-787
6.5
2024-09-25 CVE-2024-9121 Out-of-bounds Write vulnerability in Google Chrome
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
network
low complexity
google CWE-787
8.8
2024-09-24 CVE-2024-38266 Out-of-bounds Write vulnerability in Zyxel products
An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated attacker with administrator privileges to cause potential memory corruptions, resulting in a thread crash on an affected device.
network
low complexity
zyxel CWE-787
4.9