Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-4712 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2019-03-13 | 9.3 HIGH | 7.8 HIGH |
| CoreCrypto in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted app. | |||||
| CVE-2018-5146 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2019-03-11 | 6.8 MEDIUM | 8.8 HIGH |
| An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. | |||||
| CVE-2018-5159 | 4 Canonical, Debian, Mozilla and 1 more | 12 Ubuntu Linux, Debian Linux, Firefox and 9 more | 2019-03-11 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. | |||||
| CVE-2018-5129 | 4 Canonical, Debian, Mozilla and 1 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2019-03-08 | 5.0 MEDIUM | 8.6 HIGH |
| A lack of parameter validation on IPC messages results in a potential out-of-bounds write through malformed IPC messages. This can potentially allow for sandbox escape through memory corruption in the parent process. This vulnerability affects Thunderbird < 52.7, Firefox ESR < 52.7, and Firefox < 59. | |||||
| CVE-2017-7865 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2019-03-05 | 7.5 HIGH | 9.8 CRITICAL |
| FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. | |||||
| CVE-2017-7863 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2019-03-04 | 7.5 HIGH | 9.8 CRITICAL |
| FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. | |||||
| CVE-2018-11262 | 1 Google | 1 Android | 2019-03-04 | 7.2 HIGH | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT. | |||||
| CVE-2019-9544 | 1 Axiosys | 1 Bento4 | 2019-03-04 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Bento4 1.5.1-628. An out of bounds write occurs in AP4_CttsTableEntry::AP4_CttsTableEntry() located in Core/Ap4Array.h. It can be triggered by sending a crafted file to (for example) the mp42hls binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-1987 | 1 Google | 1 Android | 2019-03-01 | 9.3 HIGH | 7.8 HIGH |
| In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-118143775. | |||||
| CVE-2019-1986 | 1 Google | 1 Android | 2019-03-01 | 9.3 HIGH | 8.8 HIGH |
| In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-117838472. | |||||
| CVE-2019-9032 | 1 Matio Project | 1 Matio | 2019-02-27 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds write problem causing a SEGV in the function Mat_VarFree() in mat.c. | |||||
| CVE-2019-9114 | 1 Libming | 1 Ming | 2019-02-25 | 6.8 MEDIUM | 8.8 HIGH |
| Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in the function strcpyext() in the decompile.c file in libutil.a. | |||||
| CVE-2018-9583 | 1 Google | 1 Android | 2019-02-14 | 10.0 HIGH | 9.8 CRITICAL |
| In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-112860487. | |||||
| CVE-2018-20742 | 1 Ucbrise | 1 Opaque | 2019-02-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. There is no boundary check on ocall_malloc. The return value could be a pointer to enclave memory. It could cause an arbitrary enclave memory write. | |||||
| CVE-2018-9584 | 1 Google | 1 Android | 2019-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-114047681. | |||||
| CVE-2018-9585 | 1 Google | 1 Android | 2019-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-117554809. | |||||
| CVE-2019-7559 | 1 Btor2tools Project | 1 Btor2tools | 2019-02-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15, opening a specially crafted input file leads to an out of bounds write in pusht_bfr. | |||||
| CVE-2019-6982 | 2 Foxitsoftware, Microsoft | 2 3d, Windows | 2019-01-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF files that embed specifically crafted 3D content, because of the improper handling of a logic exception in the IFXASSERT function. | |||||
| CVE-2018-11993 | 1 Qualcomm | 4 Mdm9206, Mdm9206 Firmware, Mdm9607 and 1 more | 2019-01-23 | 8.3 HIGH | 8.8 HIGH |
| Improper check while accessing the local memory stack on MQTT connection request can lead to buffer overflow in snapdragon wear in versions MDM9206, MDM9607 | |||||
| CVE-2019-6442 | 1 Ntpsec | 1 Ntpsec | 2019-01-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y. | |||||