Vulnerabilities (CVE)

Filtered by CWE-787
Total 5698 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-5144 1 Kakadusoftware 1 Kakadu Software 2022-06-17 6.8 MEDIUM 8.8 HIGH
An exploitable heap underflow vulnerability exists in the derive_taps_and_gains function in kdu_v7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigger this vulnerability.
CVE-2022-31783 1 Liblouis 1 Liblouis 2022-06-17 4.3 MEDIUM 5.5 MEDIUM
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace.
CVE-2019-5063 2 Opencv, Oracle 4 Opencv, Application Testing Suite, Big Data Spatial And Graph and 1 more 2022-06-17 6.8 MEDIUM 8.8 HIGH
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability.
CVE-2019-5064 2 Opencv, Oracle 4 Opencv, Application Testing Suite, Big Data Spatial And Graph and 1 more 2022-06-17 6.8 MEDIUM 8.8 HIGH
An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, before version 4.2.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability.
CVE-2022-2000 1 Vim 1 Vim 2022-06-17 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-30664 2022-06-16 N/A 7.8 HIGH
Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30656 2022-06-16 N/A N/A
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30652 2022-06-16 N/A 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30653 2022-06-16 N/A 7.8 HIGH
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-21124 1 Omron 1 Cx-programmer 2022-06-16 6.8 MEDIUM 7.8 HIGH
Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file. This vulnerability is different from CVE-2022-25234.
CVE-2019-12263 5 Belden, Netapp, Siemens and 2 more 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more 2022-06-16 6.8 MEDIUM 8.1 HIGH
Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition.
CVE-2022-30665 2022-06-16 N/A 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30662 2022-06-16 N/A 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30663 2022-06-16 N/A 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30659 2022-06-16 N/A N/A
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30660 2022-06-16 N/A 7.8 HIGH
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30790 1 Denx 1 U-boot 2022-06-16 7.2 HIGH 7.8 HIGH
Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552.
CVE-2021-38593 2 Fedoraproject, Qt 2 Fedora, Qt 2022-06-16 5.0 MEDIUM 7.5 HIGH
Qt 5.x before 5.15.6 and 6.x through 6.1.2 has an out-of-bounds write in QOutlineMapper::convertPath (called from QRasterPaintEngine::fill and QPaintEngineEx::stroke).
CVE-2020-14125 1 Mi 3 Miui, Redmi Note 11, Redmi Note 9t 2022-06-15 5.0 MEDIUM 7.5 HIGH
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by attackers to make denial of service.
CVE-2022-30909 1 H3c 2 Magic R100, Magic R100 Firmware 2022-06-14 10.0 HIGH 9.8 CRITICAL
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm.