Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-12 | CVE-2023-31031 | Out-of-bounds Write vulnerability in Nvidia DGX A100 Firmware 1.18/1.8 NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. | 7.8 |
| 2024-01-12 | CVE-2024-21591 | Out-of-bounds Write vulnerability in Juniper Junos An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * Junos OS 21.2 versions earlier than 21.2R3-S7; * Junos OS 21.3 versions earlier than 21.3R3-S5; * Junos OS 21.4 versions earlier than 21.4R3-S5; * Junos OS 22.1 versions earlier than 22.1R3-S4; * Junos OS 22.2 versions earlier than 22.2R3-S3; * Junos OS 22.3 versions earlier than 22.3R3-S2; * Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3. | 9.8 |
| 2024-01-12 | CVE-2024-21594 | Out-of-bounds Write vulnerability in Juniper Junos A Heap-based Buffer Overflow vulnerability in the Network Services Daemon (NSD) of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service (DoS). On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which leads to a Flow Processing Daemon (flowd) crash. The NSD process has to be restarted to restore services. If this issue occurs, it can be checked with the following command: user@host> request security policies check The following log message can also be observed: Error: policies are out of sync for PFE node<number>.fpc<number>.pic<number>. This issue affects: Juniper Networks Junos OS on SRX 5000 Series * All versions earlier than 20.4R3-S6; * 21.1 versions earlier than 21.1R3-S5; * 21.2 versions earlier than 21.2R3-S4; * 21.3 versions earlier than 21.3R3-S3; * 21.4 versions earlier than 21.4R3-S3; * 22.1 versions earlier than 22.1R3-S1; * 22.2 versions earlier than 22.2R3; * 22.3 versions earlier than 22.3R2. | 5.5 |
| 2024-01-12 | CVE-2024-21596 | Out-of-bounds Write vulnerability in Juniper Junos A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). If an attacker sends a specific BGP UPDATE message to the device, this will cause a memory overwrite and therefore an RPD crash and restart in the backup Routing Engine (RE). | 5.3 |
| 2024-01-11 | CVE-2023-50671 | Out-of-bounds Write vulnerability in Aertherwide Exiftags 1.01 In exiftags 1.01, nikon_prop1 in nikon.c has a heap-based buffer overflow (write of size 28) because snprintf can write to an unexpected address. | 7.8 |
| 2024-01-11 | CVE-2023-37644 | Out-of-bounds Write vulnerability in Swftools 0.9.2 SWFTools 0.9.2 772e55a allows attackers to trigger a large memory-allocation attempt via a crafted document, as demonstrated by pdf2swf. | 5.5 |
| 2024-01-10 | CVE-2023-32366 | Out-of-bounds Write vulnerability in Apple Macos An out-of-bounds write issue was addressed with improved input validation. | 7.8 |
| 2024-01-10 | CVE-2023-38610 | Out-of-bounds Write vulnerability in Apple Macos A memory corruption issue was addressed by removing the vulnerable code. | 7.1 |
| 2024-01-10 | CVE-2023-42869 | Out-of-bounds Write vulnerability in Apple Macos Multiple memory corruption issues were addressed with improved input validation. | 7.5 |
| 2024-01-10 | CVE-2023-51962 | Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. | 9.8 |