Filtered by CWE-787
Total 12209 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-0623 1 Hornerautomation 1 Cscape Envision Rv 2025-01-17 7.8 High
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these vulnerabilities to execute arbitrary code in the context of the current process.
CVE-2023-0622 1 Hornerautomation 1 Cscape Envision Rv 2025-01-17 7.8 High
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds write vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in writes past the end of allocated data structures. An attacker could leverage these vulnerabilities to execute arbitrary code in the context of the current process.
CVE-2024-3907 1 Tenda 2 Ac500, Ac500 Firmware 2025-01-17 8.8 High
A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been rated as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-30382 1 Valvesoftware 1 Half-life 2025-01-17 7.3 High
A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows attackers to execute arbitrary code and escalate privileges by supplying crafted parameters.
CVE-2023-52547 1 Huawei 2 Curiem-wfg9b, Curiem-wfg9b Firmware 2025-01-17 7.8 High
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
CVE-2023-52548 1 Huawei 2 Curiem-wfg9b, Curiem-wfg9b Firmware 2025-01-17 7.8 High
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMRAM memory and, in turn, lead to code execution in SMM
CVE-2022-3159 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-01-16 7.8 High
The APDFL.dll contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
CVE-2022-3160 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-01-16 7.8 High
The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
CVE-2022-3161 1 Siemens 2 Jt2go, Teamcenter Visualization 2025-01-16 7.8 High
The APDFL.dll contains a memory corruption vulnerability while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
CVE-2022-3087 1 Fujielectric 1 Tellus Lite V-simulator 2025-01-16 7.8 High
Fuji Electric Tellus Lite V-Simulator versions 4.0.12.0 and prior are vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code.
CVE-2022-41989 1 Sewio 1 Real-time Location System Studio 2025-01-16 9 Critical
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service condition or code execution.
CVE-2023-23582 1 Snapav 2 Wattbox Wb-300-ip-3, Wattbox Wb-300-ip-3 Firmware 2025-01-16 5.3 Medium
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code or crash the device remotely.
CVE-2022-4634 1 Deltaww 2 Cncsoft, Screeneditor 2025-01-16 7.8 High
All versions prior to Delta Electronic’s CNCSoft version 1.01.34 (running ScreenEditor versions 1.01.5 and prior) are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code.
CVE-2023-0123 1 Deltaww 1 Dopsoft 2025-01-16 7.8 High
Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to a stack-based buffer overflow, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.
CVE-2023-0124 1 Deltaww 1 Dopsoft 2025-01-16 7.8 High
Delta Electronics DOPSoft versions 4.00.16.22 and prior are vulnerable to an out-of-bounds write, which could allow an attacker to remotely execute arbitrary code when a malformed file is introduced to the software.
CVE-2023-0249 1 Deltaww 1 Diascreen 2025-01-16 7.8 High
Delta Electronics DIAScreen versions 1.2.1.23 and prior are vulnerable to out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.
CVE-2023-0847 1 Dash7-alliance 1 Dash7 Alliance Protcol 2025-01-16 5.3 Medium
The Sub-IoT implementation of the DASH 7 Alliance protocol has a vulnerability that can lead to an out-of-bounds write prior to implementation version 0.5.0. If the protocol has been compiled using default settings, this will only grant the attacker access to allocated but unused memory. However, if it was configured using non-default settings, there is the possibility that exploiting this vulnerability could lead to system crashes and remote code execution.
CVE-2023-23579 1 Datakit 1 Crosscadware 2025-01-16 7.8 High
Datakit CrossCadWare_x64.dll contains an out-of-bounds write past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This could allow an attacker to execute code in the context of the current process.
CVE-2023-5068 1 Deltaww 1 Diascreen 2025-01-16 7.8 High
Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. This could allow an attacker to execute code in the context of the current process.
CVE-2023-39431 1 Santesoft 1 Dicom Viewer Pro 2025-01-16 7.8 High
Sante DICOM Viewer Pro lacks proper validation of user-supplied data when parsing DICOM files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.