Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2019-01-29 CVE-2018-16880 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver.
local
high complexity
linux canonical CWE-787
7.0
2019-01-29 CVE-2019-7154 Out-of-bounds Write vulnerability in Webassembly Binaryen
The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst() in emscripten-optimizer/simple_ast.h.
network
low complexity
webassembly CWE-787
6.5
2019-01-28 CVE-2019-6991 Out-of-bounds Write vulnerability in Zoneminder
A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username.
network
low complexity
zoneminder CWE-787
critical
9.8
2019-01-28 CVE-2019-6982 Out-of-bounds Write vulnerability in Foxitsoftware 3D 9.1.0.425/9.2.0.9182/9.3.0.10830
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.
local
low complexity
foxitsoftware CWE-787
5.5
2019-01-27 CVE-2019-6977 Out-of-bounds Write vulnerability in multiple products
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow.
network
low complexity
libgd php debian canonical netapp CWE-787
8.8
2019-01-24 CVE-2018-18981 Out-of-bounds Write vulnerability in Rockwellautomation Factorytalk Services Platform
In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, a remote unauthenticated attacker could send numerous crafted packets to service ports resulting in memory consumption that could lead to a partial or complete denial-of-service condition to the affected services.
network
low complexity
rockwellautomation CWE-787
7.5
2019-01-24 CVE-2018-20742 Out-of-bounds Write vulnerability in Ucbrise Opaque
An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01.
network
low complexity
ucbrise CWE-787
7.5
2019-01-24 CVE-2018-17692 Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297.
network
low complexity
foxitsoftware CWE-787
8.8
2019-01-20 CVE-2019-6496 Out-of-bounds Write vulnerability in Marvell products
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks.
low complexity
marvell CWE-787
8.8
2019-01-18 CVE-2018-5879 Out-of-bounds Write vulnerability in Qualcomm products
Improper length check while processing an MQTT message can lead to heap overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660
low complexity
qualcomm CWE-787
8.8