Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-31 | CVE-2018-6462 | Out-of-bounds Write vulnerability in Tracker-Software Pdf-Xchange Viewer and Viewer AX SDK Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document. | 7.8 |
| 2018-01-31 | CVE-2018-1000001 | Out-of-bounds Write vulnerability in multiple products In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution. | 7.8 |
| 2018-01-30 | CVE-2017-17969 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | 7.8 |
| 2018-01-29 | CVE-2018-3835 | Out-of-bounds Write vulnerability in Disneyanimation Ptex 2.2 An exploitable out of bounds write vulnerability exists in version 2.2 of the Per Face Texture mapping application known as PTEX. | 8.8 |
| 2018-01-27 | CVE-2018-6358 | Out-of-bounds Write vulnerability in multiple products The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file. | 8.8 |
| 2018-01-24 | CVE-2018-6187 | Out-of-bounds Write vulnerability in multiple products In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. | 5.5 |
| 2018-01-17 | CVE-2018-5721 | Out-of-bounds Write vulnerability in Asuswrt-Merlin Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS routers (when using software from https://github.com/RMerl/asuswrt-merlin) allows web authenticated attackers to execute code via a request that updates a setting. | 8.8 |
| 2018-01-16 | CVE-2018-5299 | Out-of-bounds Write vulnerability in Pulsesecure Pulse Connect Secure and Pulse Policy Secure A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution. | 9.8 |
| 2018-01-16 | CVE-2017-16557 | Out-of-bounds Write vulnerability in K7Computing products K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. | 7.0 |
| 2018-01-16 | CVE-2017-16555 | Out-of-bounds Write vulnerability in K7Computing products K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way. | 7.0 |