Vulnerabilities (CVE)

Filtered by CWE-787
Total 12285 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47340 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 N/A 5.5 MEDIUM
In h265 codec firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges.
CVE-2023-31982 1 Irontec 1 Sngrep 2025-01-28 N/A 7.8 HIGH
Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c.
CVE-2023-31910 1 Jerryscript 1 Jerryscript 2025-01-28 N/A 7.8 HIGH
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component parser_parse_function_statement at /jerry-core/parser/js/js-parser-statm.c.
CVE-2023-31908 1 Jerryscript 1 Jerryscript 2025-01-28 N/A 7.8 HIGH
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain a heap-buffer-overflow via the component ecma_builtin_typedarray_prototype_sort.
CVE-2022-48389 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 N/A 4.4 MEDIUM
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2022-47485 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-28 N/A 4.4 MEDIUM
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2023-20524 1 Amd 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more 2025-01-28 N/A 7.5 HIGH
An attacker with a compromised ASP could possibly send malformed commands to an ASP on another CPU, resulting in an out of bounds write, potentially leading to a loss a loss of integrity.
CVE-2023-20520 1 Amd 126 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 123 more 2025-01-28 N/A 9.8 CRITICAL
Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution.
CVE-2021-46764 1 Amd 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more 2025-01-28 N/A 7.5 HIGH
Improper validation of DRAM addresses in SMU may allow an attacker to overwrite sensitive memory locations within the ASP potentially resulting in a denial of service.
CVE-2021-46763 1 Amd 96 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 93 more 2025-01-28 N/A 7.5 HIGH
Insufficient input validation in the SMU may enable a privileged attacker to write beyond the intended bounds of a shared memory buffer potentially leading to a loss of integrity.
CVE-2023-27385 1 Omron 1 Cx-drive 2025-01-28 N/A 7.8 HIGH
Heap-based buffer overflow vulnerability exists in CX-Drive All models all versions. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed.
CVE-2024-0150 2025-01-28 N/A 7.1 HIGH
NVIDIA GPU display driver for Windows and Linux contains a vulnerability where data is written past the end or before the beginning of a buffer. A successful exploit of this vulnerability might lead to information disclosure, denial of service, or data tampering.
CVE-2024-12649 2025-01-28 N/A 9.8 CRITICAL
Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
CVE-2024-12648 2025-01-28 N/A 9.8 CRITICAL
Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
CVE-2024-12647 2025-01-28 N/A 9.8 CRITICAL
Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *: Satera MF656Cdw/Satera MF654Cdw firmware v05.04 and earlier sold in Japan. Color imageCLASS MF656Cdw/Color imageCLASS MF654Cdw/Color imageCLASS MF653Cdw/Color imageCLASS MF652Cdw/Color imageCLASS LBP633Cdw/Color imageCLASS LBP632Cdw firmware v05.04 and earlier sold in US. i-SENSYS MF657Cdw/i-SENSYS MF655Cdw/i-SENSYS MF651Cdw/i-SENSYS LBP633Cdw/i-SENSYS LBP631Cdw firmware v05.04 and earlier sold in Europe.
CVE-2018-13383 1 Fortinet 2 Fortios, Fortiproxy 2025-01-27 4.3 MEDIUM 4.3 MEDIUM
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
CVE-2018-0172 2 Cisco, Rockwellautomation 8 Ios, Ios Xe, Allen-bradley Armorstratix 5700 and 5 more 2025-01-27 7.8 HIGH 8.6 HIGH
A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of option 82 information that it receives in DHCP Version 4 (DHCPv4) packets from DHCP relay agents. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow condition on the affected device, which will cause the device to reload and result in a DoS condition. Cisco Bug IDs: CSCvg62730.
CVE-2018-0171 1 Cisco 1 Ios 2025-01-27 10.0 HIGH 9.8 CRITICAL
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.
CVE-2023-31907 1 Jerryscript 1 Jerryscript 2025-01-27 N/A 7.8 HIGH
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via the component scanner_literal_is_created at /jerry-core/parser/js/js-scanner-util.c.
CVE-2024-4491 1 Tenda 2 I21, I21 Firmware 2025-01-27 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical was found in Tenda i21 1.0.0.14(4656). This vulnerability affects the function formGetDiagnoseInfo. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263080. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.