Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2018-08-23 CVE-2018-3866 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.
network
low complexity
samsung CWE-787
critical
 9.9
9.9
2018-08-23 CVE-2018-1156 Out-of-bounds Write vulnerability in Mikrotik Routeros
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface.
network
low complexity
mikrotik CWE-787
8.8
8.8
2018-08-23 CVE-2018-3912 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack.
local
low complexity
samsung CWE-787
7.8
7.8
2018-08-23 CVE-2018-3919 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17.
network
low complexity
samsung CWE-787
critical
 9.9
9.9
2018-08-23 CVE-2018-3903 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack.
network
low complexity
samsung CWE-787
critical
 9.9
9.9
2018-08-23 CVE-2018-3902 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17.
network
low complexity
samsung CWE-787
critical
 9.9
9.9
2018-08-23 CVE-2018-3867 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17.
network
low complexity
samsung CWE-787
critical
 9.9
9.9
2018-08-23 CVE-2018-3863 Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack.
network
low complexity
samsung CWE-787
critical
 9.9
9.9
2018-08-21 CVE-2018-6692 Out-of-bounds Write vulnerability in Belkin Wemo Insight Smart Plug Firmware
Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet.
network
low complexity
belkin CWE-787
critical
 10.0
10
2018-08-21 CVE-2018-12115 Out-of-bounds Write vulnerability in multiple products
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`.
network
low complexity
nodejs redhat CWE-787
7.5
7.5