Filtered by CWE-787
Filtered by vendor Subscriptions
Total 12786 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-20682 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2025-07-09 9.8 Critical
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416937; Issue ID: MSV-3445.
CVE-2025-20683 2 Mediatek, Openwrt 10 Mt6890, Mt7615, Mt7622 and 7 more 2025-07-09 9.8 Critical
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444.
CVE-2025-20684 1 Mediatek 4 Mt7615, Mt7622, Mt7663 and 1 more 2025-07-09 9.8 Critical
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422.
CVE-2024-42815 1 Tp-link 2 Re365, Re365 Firmware 2025-07-09 9.8 Critical
In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for the USER_AGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
CVE-2024-0229 3 Fedoraproject, Redhat, X.org 12 Fedora, Enterprise Linux, Enterprise Linux Aus and 9 more 2025-07-09 7.8 High
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments.
CVE-2023-6816 4 Debian, Fedoraproject, Redhat and 1 more 12 Debian Linux, Fedora, Enterprise Linux and 9 more 2025-07-09 9.8 Critical
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.
CVE-2023-6377 4 Debian, Redhat, Tigervnc and 1 more 10 Debian Linux, Enterprise Linux, Enterprise Linux Eus and 7 more 2025-07-09 7.8 High
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved.
CVE-2023-5367 4 Debian, Fedoraproject, Redhat and 1 more 16 Debian Linux, Fedora, Enterprise Linux and 13 more 2025-07-09 7.8 High
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.
CVE-2025-27477 1 Microsoft 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more 2025-07-08 8.8 High
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.
CVE-2025-47202 2025-07-08 9.1 Critical
In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes.
CVE-2025-42971 2025-07-08 4 Medium
A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file extraction and file overwrite outside the intended directories. This vulnerability has low impact on the confidentiality, integrity and availability of the application.
CVE-2023-50190 1 Trimble 1 Sketchup Viewer 2025-07-08 N/A
Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21784.
CVE-2022-22049 1 Microsoft 10 Windows 10, Windows 11, Windows 7 and 7 more 2025-07-08 7.8 High
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-22026 1 Microsoft 10 Windows 10, Windows 11, Windows 7 and 7 more 2025-07-08 8.8 High
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-24457 1 Microsoft 1 Heif Image Extension 2025-07-08 7.8 High
HEIF Image Extensions Remote Code Execution Vulnerability
CVE-2022-24456 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-24453 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-22007 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2022-22006 1 Microsoft 1 Hevc Video Extensions 2025-07-08 7.8 High
HEVC Video Extensions Remote Code Execution Vulnerability
CVE-2025-40580 1 Siemens 2 Scalance Lpe9403, Scalance Lpe9403 Firmware 2025-07-08 6.7 Medium
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0 HF0). Affected devices are vulnerable to a stack-based buffer overflow. This could allow a non-privileged local attacker to execute arbitrary code on the device or to cause a denial of service condition.