Vulnerabilities > Out-of-bounds Write

DATE CVE VULNERABILITY TITLE RISK
2018-03-07 CVE-2018-1000116 Out-of-bounds Write vulnerability in multiple products
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
network
low complexity
net-snmp debian CWE-787
critical
9.8
2018-03-05 CVE-2017-17137 Out-of-bounds Write vulnerability in Huawei products
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification.
local
low complexity
huawei CWE-787
5.5
2018-03-05 CVE-2017-18215 Out-of-bounds Write vulnerability in multiple products
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
network
low complexity
xv-project opensuse CWE-787
critical
9.8
2018-03-01 CVE-2018-7550 Out-of-bounds Write vulnerability in multiple products
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
local
low complexity
qemu debian canonical redhat CWE-787
8.8
2018-03-01 CVE-2018-7561 Out-of-bounds Write vulnerability in Tendacn AC9 Firmware 15.03.05.14En
Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.
network
low complexity
tendacn CWE-787
critical
9.8
2018-02-28 CVE-2018-7264 Out-of-bounds Write vulnerability in Activepdf Toolkit
The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images.
network
low complexity
activepdf CWE-787
critical
9.8
2018-02-28 CVE-2018-7553 Out-of-bounds Write vulnerability in multiple products
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4.
network
low complexity
sam2p-project debian CWE-787
critical
9.8
2018-02-28 CVE-2018-6640 Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C
A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-787
critical
9.8
2018-02-28 CVE-2018-6639 Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C
An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-787
critical
9.8
2018-02-28 CVE-2018-6638 Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C
A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.
network
low complexity
wiris CWE-787
critical
9.8