Vulnerabilities (CVE)

Filtered by CWE-787
Total 5698 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30786 1 Tuxera 1 Ntfs-3g 2022-06-24 4.6 MEDIUM 6.8 MEDIUM
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G through 2021.8.22.
CVE-2022-30789 1 Tuxera 1 Ntfs-3g 2022-06-24 4.6 MEDIUM 6.8 MEDIUM
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in NTFS-3G through 2021.8.22.
CVE-2022-20183 1 Google 1 Android 2022-06-24 4.6 MEDIUM 6.7 MEDIUM
In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188911154References: N/A
CVE-2022-20178 1 Google 1 Android 2022-06-24 4.6 MEDIUM 6.7 MEDIUM
In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A
CVE-2022-20131 1 Google 1 Android 2022-06-24 7.8 HIGH 7.5 HIGH
In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221856662
CVE-2022-20140 1 Google 1 Android 2022-06-24 10.0 HIGH 9.8 CRITICAL
In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-227618988
CVE-2022-20166 1 Google 1 Android 2022-06-24 4.6 MEDIUM 6.7 MEDIUM
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182388481References: Upstream kernel
CVE-2022-20152 1 Google 1 Android 2022-06-23 4.6 MEDIUM 6.7 MEDIUM
In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-202006198References: N/A
CVE-2022-20147 1 Google 1 Android 2022-06-23 7.2 HIGH 7.8 HIGH
In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221216105
CVE-2021-35118 1 Qualcomm 200 Apq8053, Apq8053 Firmware, Aqt1000 and 197 more 2022-06-23 4.6 MEDIUM 6.7 MEDIUM
An out-of-bounds write can occur due to an incorrect input check in the camera driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2022-20130 1 Google 1 Android 2022-06-23 10.0 HIGH 9.8 CRITICAL
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979
CVE-2021-40212 1 Daum 1 Potplayer 2022-06-23 7.5 HIGH 9.8 CRITICAL
An exploitable out-of-bounds write vulnerability in PotPlayer 1.7.21523 build 210729 may lead to code execution, information disclosure, and denial of service.
CVE-2022-20127 1 Google 1 Android 2022-06-23 10.0 HIGH 9.8 CRITICAL
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119
CVE-2022-22085 1 Qualcomm 310 Apq8009, Apq8009 Firmware, Apq8009w and 307 more 2022-06-22 7.2 HIGH 7.8 HIGH
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2022-22084 1 Qualcomm 306 Apq8009, Apq8009 Firmware, Apq8009w and 303 more 2022-06-22 7.2 HIGH 7.8 HIGH
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2022-2061 1 Chafa Project 1 Chafa 2022-06-22 2.1 LOW 3.3 LOW
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0.
CVE-2019-25062 1 Sricam 1 Deviceviewer 2022-06-21 7.2 HIGH 7.8 HIGH
A vulnerability was found in Sricam IP CCTV Camera and classified as critical. This issue affects some unknown processing of the component Device Viewer. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2019-25063 1 Sricam 1 Deviceviewer 2022-06-21 7.2 HIGH 7.8 HIGH
A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack.
CVE-2019-5084 1 Leadtools 1 Leadtools 2022-06-21 6.8 MEDIUM 7.8 HIGH
An exploitable heap out-of-bounds write vulnerability exists in the TIF-parsing functionality of LEADTOOLS 20. A specially crafted TIF image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An attacker can specially craft a TIF image to trigger this vulnerability.
CVE-2019-5125 1 Leadtools 1 Leadtools 2022-06-21 6.8 MEDIUM 7.8 HIGH
An exploitable heap overflow vulnerability exists in the JPEG2000 parsing functionality of LEADTOOLS 20. A specially crafted J2K image file can cause an out of bounds write of a heap buffer, potentially resulting in code execution. An attack can specially craft a J2K image to trigger this vulnerability.