High
CVE-2025-61828
Illustrator on iPad versions 3.0.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t…
Tag: Out-of-Bounds Write
All CVEs associated with "Out-of-Bounds Write". Page 4/34 • 3981 CVEs.
Subscribe CVEs: RSS for “Out-of-Bounds Write” · RSS (High+Critical only)
About “Out-of-Bounds Write”
A curated feed of “Out-of-Bounds Write”-related CVEs appears below. We currently track 3981 CVEs for this tag (all time). In the last 365 days, 610 were published. Average CVSS is 7.7 (all time; 7.6 over 365d), and 72% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-787 - Out-of-bounds Write, CWE-122 - Heap-based Buffer Overflow, CWE-190 - Integer Overflow or Wraparound.
In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2025-11-11
High
CVE-2025-35971
Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with…
High
CVE-2025-33029
Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with…
High
CVE-2025-30255
Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with…
High
CVE-2025-27713
Out-of-bounds write for some Intel(R) QAT Windows software before version 2.6.0. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated…
2025-11-07
Medium
CVE-2025-12875
A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/le…
2025-11-05
Medium
CVE-2025-21075
Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory.
Medium
CVE-2025-21071
Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
2025-11-04
Medium
CVE-2025-27374
An issue was discovered in the Secure Boot component in Samsung Mobile Processor and Wearable Processor Exynos 9820, 9825, 980, 990, 850, 1080, 1280, 2200, 1330, 1380, 1480, 2400. The lack of a lengt…
High
CVE-2024-56426
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000. The lack of a length check leads to…
High
CVE-2025-52513
An issue was discovered in Samsung Mobile Processor Exynos 2400, 1580, 2500. A race condition in the HTS driver results in an out-of-bounds write, leading to a denial of service.
Medium
CVE-2025-20749
In charger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. Use…
Medium
CVE-2025-20748
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
Medium
CVE-2025-20747
In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privil…
Medium
CVE-2025-20746
In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privil…
High
CVE-2025-20742
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile…
Medium
CVE-2025-20741
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
Medium
CVE-2025-20739
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
Medium
CVE-2025-20738
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20737
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction i…
Medium
CVE-2025-20736
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20735
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction i…
Medium
CVE-2025-20734
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20733
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction i…
Medium
CVE-2025-20732
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
Medium
CVE-2025-20731
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
Medium
CVE-2025-20729
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20728
In wlan STA driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction…
High
CVE-2025-20727
In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the att…
High
CVE-2025-20726
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the…
High
CVE-2025-20725
In ims service, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by t…
High
CVE-2025-43505
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file may lead to heap corruption.
Medium
CVE-2025-43380
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. Parsing a file may lead to an unexpected…
2025-10-30
High
CVE-2025-64096
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight Sys…
2025-10-29
High
CVE-2025-10920
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interactio…
High
CVE-2025-62786
Wazuh is a free and open source platform used for threat prevention, detection, and response. A heap-based out-of-bounds WRITE occurs in decode_win_permissions, resulting in writing a NULL byte 2 byt…
2025-10-28
High
CVE-2025-53855
An out-of-bounds write vulnerability exists in the XML parser functionality of GCC Productions Inc. Fade In 4.2.0. A specially crafted .fadein file can lead to an out-of-bounds write. An attacker can…
Medium
CVE-2025-33133
IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due an out of bounds write.
2025-10-22
Unknown
CVE-2023-53717
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback() Fix a stack-out-of-bounds write that occurs in a…
2025-10-20
Critical
CVE-2025-54957
An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evo_priv.c from th…
Medium
CVE-2025-11680
Out-of-bounds Write in unfilter_scanline in warmcat libwebsockets allows, when the LWS_WITH_UPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated…
2025-10-16
High
CVE-2025-61553
An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hyperviso…
High
CVE-2025-62496
A vulnerability exists in the QuickJS engine's BigInt string parsing logic (js_bigint_from_string) when attempting to create a BigInt from a string with an excessively large number of digits. The fu…
High
CVE-2025-62495
An integer overflow vulnerability exists in the QuickJS regular expression engine (libregexp) due to an inconsistent representation of the bytecode buffer size. * The regular expression bytecode…
2025-10-15
Medium
CVE-2025-60015
An out-of-bounds write vulnerability exists in F5OS-A and F5OS-C that could lead to memory corruption. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluat…
2025-10-14
High
CVE-2025-54284
Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th…
High
CVE-2025-54283
Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th…
High
CVE-2025-54280
Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…
Medium
CVE-2025-54275
Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability t…
High
CVE-2025-54273
Substance3D - Viewer versions 0.25.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…
High
CVE-2025-22832
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.
High
CVE-2025-22831
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability.
High
CVE-2025-40810
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds wri…
High
CVE-2025-40809
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 14), Solid Edge SE2025 (All versions < V225.0 Update 6). The affected applications contains an out of bounds wri…
High
CVE-2025-20723
In gnss driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privile…
High
CVE-2025-20721
In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. U…
High
CVE-2025-20720
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile…
High
CVE-2025-20719
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile…
High
CVE-2025-20718
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction i…
High
CVE-2025-20717
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20716
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20715
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20714
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20713
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System priv…
High
CVE-2025-20712
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile…
High
CVE-2025-20711
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile…
High
CVE-2025-20710
In wlan AP driver, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges ne…
High
CVE-2025-20709
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privile…
2025-10-10
High
CVE-2025-61859
An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected…
High
CVE-2025-61858
An out-of-bounds write vulnerability exists in VS6ComFile!set_AnimationItem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's…
High
CVE-2025-61857
An out-of-bounds write vulnerability exists in VS6ComFile!CItemExChange::WinFontDynStrCheck of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, af…
Medium
CVE-2025-21070
Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.
Medium
CVE-2025-21053
Out-of-bounds write in the parsing header for JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
Medium
CVE-2025-21052
Out-of-bounds write under specific condition in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to cause memory corruption.
Medium
CVE-2025-21051
Out-of-bounds write in the pre-processing of JPEG decoding in libpadm.so prior to SMR Oct-2025 Release 1 allows local attackers to write out-of-bounds memory.
Medium
CVE-2025-21044
Out-of-bounds write in fingerprint trustlet prior to SMR Oct-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
2025-10-03
High
CVE-2025-44014
An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We hav…
2025-09-30
High
CVE-2025-6033
There is a memory corruption vulnerability due to an out of bounds write in XML_Serialize() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosur…
High
CVE-2025-9230
Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigge…
2025-09-29
Medium
CVE-2025-43400
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.1 and iPadOS 18.7.1, iOS 26.0.1 and iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1,…
Medium
CVE-2025-9903
Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driv…
2025-09-25
High
CVE-2025-57632
libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the…
High
CVE-2024-48014
Dell BSAFE Micro Edition Suite, versions prior to 5.0.2.3 contain an Out-of-bounds Write vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, le…
2025-09-24
Low
CVE-2025-23338
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vuln…
Medium
CVE-2025-23275
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local authenticated user may cause a GPU out-of-bounds write by providing certain image dimensions. A successful expl…
2025-09-23
High
CVE-2025-39888
In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fuse_dev_do_write. When the number of bytes to…
2025-09-19
High
CVE-2025-39839
In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix OOB read/write in network-coding decode batadv_nc_skb_decode_packet() trusts coded_len and checks only against sk…
2025-09-17
High
CVE-2025-23328
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an out-of-bounds write through a specially crafted input. A successful exploit of this vuln…
High
CVE-2025-7998
Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-…
High
CVE-2025-7996
Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-…
High
CVE-2025-7990
Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar…
High
CVE-2025-7988
Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashl…
High
CVE-2025-7987
Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashl…
High
CVE-2025-7986
Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashl…
High
CVE-2025-7980
Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashl…
Critical
CVE-2025-9242
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow a remote unauthenticated attacker to execute arbitrary code. This vulnerability affects both the Mobile User VPN with IKEv2 an…
2025-09-16
High
CVE-2025-8893
A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, caus…
2025-09-15
Low
CVE-2025-43349
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26…
Medium
CVE-2025-43302
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26,…
High
CVE-2023-53238
In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In t…
2025-09-12
High
CVE-2025-21043
Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code.
High
CVE-2025-21042
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code.
2025-09-09
High
CVE-2025-54245
Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…
High
CVE-2025-54243
Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of…
2025-09-06
Medium
CVE-2025-0010
An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability.
2025-09-05
High
CVE-2025-32318
In Skia, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is n…
Medium
CVE-2025-32316
In gralloc4, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is…
2025-09-04
High
CVE-2025-32325
In appendFrom of Parcel.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. Us…
High
CVE-2024-49714
In avrc_vendor_msg of avrc_opt.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to paired device escalation of privilege with no additional execution privile…
High
CVE-2025-26455
In multiple functions of NdkMediaCodec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privil…
Medium
CVE-2024-49739
In MMapVAccess of pmr_os.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.…
High
CVE-2025-38685
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue triggers when a userspace program does an ioctl FBIOPUT_CON2F…
Medium
CVE-2025-36908
In lwis_top_register_io of lwis_device_top.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileg…
High
CVE-2025-36907
In draw_surface_image() of abl/android/lib/draw/draw.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege via USB fastboot, after…
High
CVE-2025-36906
In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional exe…
Medium
CVE-2025-36902
In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution priv…
Critical
CVE-2025-36897
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed.…
High
CVE-2025-36887
In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additi…
High
CVE-2024-56190
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution pr…
2025-09-03
Medium
CVE-2025-21034
Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 Release 1 allows local attackers to potentially execute arbitrary code.