Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2019-05-09 CVE-2019-11839 Out-of-bounds Write vulnerability in F5 NJS
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling.
network
low complexity
f5 CWE-787
critical
9.8
2019-05-09 CVE-2019-11838 Out-of-bounds Write vulnerability in F5 NJS
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling.
network
low complexity
f5 CWE-787
critical
9.8
2019-05-09 CVE-2019-11835 Out-of-bounds Write vulnerability in multiple products
cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments.
network
low complexity
cjson-project oracle CWE-787
critical
9.8
2019-05-09 CVE-2019-11834 Out-of-bounds Write vulnerability in multiple products
cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal.
network
low complexity
cjson-project oracle CWE-787
critical
9.8
2019-05-08 CVE-2019-8285 Out-of-bounds Write vulnerability in Kaspersky Antivirus Engine
Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution
network
low complexity
kaspersky CWE-787
8.8
2019-05-08 CVE-2019-2045 Out-of-bounds Write vulnerability in Google Android
In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check.
network
low complexity
google CWE-787
critical
9.8
2019-05-08 CVE-2019-2044 Out-of-bounds Write vulnerability in Google Android
In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check.
network
low complexity
google CWE-787
8.8
2019-05-07 CVE-2019-11560 Out-of-bounds Write vulnerability in Hisilicon Hi3516 Firmware
A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated attacker to remotely run arbitrary code by sending a special RTSP over HTTP packet.
network
low complexity
hisilicon CWE-787
critical
9.8
2019-05-06 CVE-2019-10999 Out-of-bounds Write vulnerability in Dlink products
The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server.
network
low complexity
dlink CWE-787
8.8
2019-05-03 CVE-2019-11037 Out-of-bounds Write vulnerability in PHP Imagick
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array.
network
low complexity
php CWE-787
critical
9.8