Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-23 | CVE-2018-3867 | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. | 9.9 |
| 2018-08-23 | CVE-2018-3863 | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. | 9.9 |
| 2018-08-21 | CVE-2018-6692 | Out-of-bounds Write vulnerability in Belkin Wemo Insight Smart Plug Firmware Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet. | 10.0 |
| 2018-08-21 | CVE-2018-12115 | Out-of-bounds Write vulnerability in multiple products In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the bounds of a single `Buffer`. | 7.5 |
| 2018-08-15 | CVE-2018-14779 | Out-of-bounds Write vulnerability in Yubico PIV Manager, PIV Tool and Smart Card Minidriver A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. | 6.8 |
| 2018-08-15 | CVE-2018-8403 | Out-of-bounds Write vulnerability in Microsoft Edge and Internet Explorer A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | 7.5 |
| 2018-08-15 | CVE-2018-8390 | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. | 7.5 |
| 2018-08-15 | CVE-2018-8389 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | 7.5 |
| 2018-08-15 | CVE-2018-8387 | Out-of-bounds Write vulnerability in Microsoft Edge A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. | 7.5 |
| 2018-08-15 | CVE-2018-8385 | Out-of-bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. | 7.5 |