Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-787
Total 7966 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-14196 1 Denx 1 U-boot 2020-08-24 7.5 HIGH 9.8 CRITICAL
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.
CVE-2018-0945 1 Microsoft 2 Chakracore, Edge 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CVE-2019-9256 1 Google 1 Android 2020-08-24 6.8 MEDIUM 8.8 HIGH
In libmediaextractor there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111921829
CVE-2019-9257 1 Google 1 Android 2020-08-24 4.6 MEDIUM 7.8 HIGH
In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113572342
CVE-2018-0951 1 Microsoft 1 Edge 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CVE-2019-9262 1 Google 1 Android 2020-08-24 6.8 MEDIUM 8.8 HIGH
In MPEG4Extractor, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111792351
CVE-2018-0953 1 Microsoft 2 Chakracore, Edge 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0954, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CVE-2018-7561 2 Tenda, Tendacn 2 Ac9, Ac9 Firmware 2020-08-24 7.5 HIGH 9.8 CRITICAL
Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-7814 1 Schneider-electric 1 Guicon 2020-08-24 6.8 MEDIUM 7.8 HIGH
A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file
CVE-2018-0954 1 Microsoft 3 Chakracore, Edge, Internet Explorer 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0955, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CVE-2019-9276 1 Google 1 Android 2020-08-24 4.6 MEDIUM 6.7 MEDIUM
In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible out of bounds write due to a use after free. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-0955 1 Microsoft 1 Internet Explorer 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-1022, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
CVE-2018-7873 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack.
CVE-2018-7867 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.
CVE-2018-7877 2 Debian, Libming 2 Debian Linux, Libming 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack.
CVE-2019-9297 1 Google 1 Android 2020-08-24 6.8 MEDIUM 8.8 HIGH
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112890242
CVE-2019-9298 1 Google 1 Android 2020-08-24 6.8 MEDIUM 8.8 HIGH
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112892194
CVE-2019-9299 1 Google 1 Android 2020-08-24 6.8 MEDIUM 8.8 HIGH
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663886
CVE-2019-9300 1 Google 1 Android 2020-08-24 6.8 MEDIUM 8.8 HIGH
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112661610
CVE-2018-0978 1 Microsoft 8 Internet Explorer, Windows 10, Windows 7 and 5 more 2020-08-24 7.6 HIGH 7.5 HIGH
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8249.