Filtered by CWE-787
Total 12746 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-37419 1 Tonybybell 1 Gtkwave 2025-06-17 7.8 High
Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility.
CVE-2024-20002 2 Google, Mediatek 59 Android, Mt5583, Mt5586 and 56 more 2025-06-17 6.7 Medium
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715.
CVE-2023-52355 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2025-06-17 7.5 High
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.
CVE-2025-43558 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 7.8 High
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43590 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 7.8 High
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43593 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-06-16 7.8 High
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2023-49427 1 Tenda 2 Ax12, Ax12 Firmware 2025-06-16 7.5 High
Buffer Overflow vulnerability in Tenda AX12 V22.03.01.46, allows remote attackers to cause a denial of service (DoS) via list parameter in SetNetControlList function.
CVE-2023-38610 1 Apple 3 Ipados, Iphone Os, Macos 2025-06-16 7.1 High
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to cause unexpected system termination or write kernel memory.
CVE-2023-32887 1 Mediatek 38 Mt2735, Mt6813, Mt6833 and 35 more 2025-06-16 7.5 High
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).
CVE-2024-22562 1 Swftools 1 Swftools 2025-06-16 7.8 High
swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c.
CVE-2024-21780 1 Kddi 2 Home Spot Cube 2, Home Spot Cube 2 Firmware 2025-06-16 7.5 High
Stack-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. Processing a specially crafted command may result in a denial of service (DoS) condition. Note that the affected products are no longer supported.
CVE-2023-51968 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-06-16 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function getIptvInfo.
CVE-2023-51960 1 Tenda 2 Ax1803, Ax1803 Firmware 2025-06-16 9.8 Critical
Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv.
CVE-2023-51889 1 Ctan 1 Mathtex 2025-06-16 9.8 Critical
Stack Overflow vulnerability in the validate() function in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in the application URL.
CVE-2024-0992 1 Tenda 2 I6, I6 Firmware 2025-06-16 7.2 High
A vulnerability was found in Tenda i6 1.0.0.9(3857) and classified as critical. This issue affects the function formwrlSSIDset of the file /goform/wifiSSIDset of the component httpd. The manipulation of the argument index leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252257 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-33032 1 Qualcomm 234 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 231 more 2025-06-16 9.3 Critical
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.
CVE-2023-52307 1 Paddlepaddle 1 Paddlepaddle 2025-06-16 8.2 High
Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
CVE-2023-43513 1 Qualcomm 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more 2025-06-16 7.8 High
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2025-0690 1 Redhat 2 Enterprise Linux, Openshift 2025-06-16 6.1 Medium
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.
CVE-2025-49709 1 Mozilla 1 Firefox 2025-06-16 9.8 Critical
Certain canvas operations could have lead to memory corruption. This vulnerability affects Firefox < 139.0.4.