Vulnerabilities (CVE)

Filtered by CWE-787
Total 12289 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-47317 1 Fujielectric 1 V-server 2025-04-10 N/A 7.8 HIGH
Out-of-bounds write vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file.
CVE-2022-47086 1 Gpac 1 Gpac 2025-04-10 N/A 5.5 MEDIUM
GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c
CVE-2022-44431 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44430 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44429 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-3715 2 Gnu, Redhat 2 Bash, Enterprise Linux 2025-04-10 N/A 7.8 HIGH
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
CVE-2022-39118 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 N/A 5.5 MEDIUM
In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39116 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 N/A 5.5 MEDIUM
In sprd_sysdump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2024-41595 1 Draytek 2 Vigor3910, Vigor3910 Firmware 2025-04-10 N/A 8.0 HIGH
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations.
CVE-2024-33835 1 Tenda 2 Ac18, Ac18 Firmware 2025-04-10 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function.
CVE-2021-47489 1 Linux 1 Linux Kernel 2025-04-10 N/A 7.8 HIGH
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix even more out of bound writes from debugfs CVE-2021-42327 was fixed by: commit f23750b5b3d98653b31d4469592935ef6364ad67 Author: Thelford Williams <tdwilliamsiv@gmail.com> Date: Wed Oct 13 16:04:13 2021 -0400 drm/amdgpu: fix out of bounds write but amdgpu_dm_debugfs.c contains more of the same issue so fix the remaining ones. v2: * Add missing fix in dp_max_bpc_write (Harry Wentland)
CVE-2022-40520 1 Qualcomm 294 Apq8064au, Apq8064au Firmware, Apq8096au and 291 more 2025-04-09 N/A 8.4 HIGH
Memory corruption due to stack-based buffer overflow in Core
CVE-2022-33218 1 Qualcomm 48 Apq8064au, Apq8064au Firmware, Apq8096au and 45 more 2025-04-09 N/A 8.2 HIGH
Memory corruption in Automotive due to improper input validation.
CVE-2022-22088 1 Qualcomm 300 Apq8009, Apq8009 Firmware, Apq8009w and 297 more 2025-04-09 N/A 9.8 CRITICAL
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
CVE-2022-41220 1 Md2roff Project 1 Md2roff 2025-04-09 N/A 9.8 CRITICAL
md2roff 1.9 has a stack-based buffer overflow via a Markdown file, a different vulnerability than CVE-2022-34913. NOTE: the vendor's position is that the product is not intended for untrusted input
CVE-2025-3161 1 Tenda 2 Ac10, Ac10 Firmware 2025-04-09 9.0 HIGH 8.8 HIGH
A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2022-46449 1 Musicpd 1 Music Player Daemon 2025-04-09 N/A 7.5 HIGH
An issue in MPD (Music Player Daemon) v0.23.10 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2025-20654 2 Mediatek, Openwrt 8 Mt6890, Mt7622, Mt7915 and 5 more 2025-04-09 N/A 9.8 CRITICAL
In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875.
CVE-2025-20656 5 Google, Linuxfoundation, Mediatek and 2 more 20 Android, Yocto, Mt6781 and 17 more 2025-04-09 N/A 6.8 MEDIUM
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033.
CVE-2025-20658 2 Google, Mediatek 19 Android, Mt2718, Mt6781 and 16 more 2025-04-09 N/A 6.0 MEDIUM
In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597.