Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2019-06-14 CVE-2018-20655 Out-of-bounds Write vulnerability in Whatsapp
When receiving calls using WhatsApp for iOS, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow.
network
low complexity
whatsapp CWE-787
critical
9.8
2019-06-14 CVE-2018-13898 Out-of-bounds Write vulnerability in Qualcomm products
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130
network
low complexity
qualcomm CWE-787
critical
9.8
2019-06-14 CVE-2018-11934 Out-of-bounds Write vulnerability in Qualcomm products
Possible out of bounds write due to improper input validation while processing DO_ACS vendor command in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
local
low complexity
qualcomm CWE-787
7.8
2019-06-14 CVE-2018-11929 Out-of-bounds Write vulnerability in Qualcomm products
Lack of input validation in WLAN function can lead to potential heap overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX20, SDX24
local
low complexity
qualcomm CWE-787
7.8
2019-06-13 CVE-2019-11129 Out-of-bounds Write vulnerability in Intel products
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
local
low complexity
intel CWE-787
6.7
2019-06-13 CVE-2019-11124 Out-of-bounds Write vulnerability in Intel products
Out of bound read/write in system firmware for Intel(R) NUC Kit may allow a privileged user to potentially enable escalation of privilege, denial of service and/or information disclosure via local access.
local
low complexity
intel CWE-787
6.7
2019-06-12 CVE-2019-1080 Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'.
network
high complexity
microsoft CWE-787
7.5
2019-06-12 CVE-2019-1055 Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'.
network
high complexity
microsoft CWE-787
7.5
2019-06-12 CVE-2019-1052 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
network
high complexity
microsoft CWE-787
7.5
2019-06-12 CVE-2019-1051 Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
network
high complexity
microsoft CWE-787
7.5