Skip to main content

CWE-786

Access of Memory Location Before Start of Buffer

5 CVEs Avg CVSS 7.1 MITRE
0
CRITICAL
3
HIGH
2
MEDIUM
0
LOW
0
POC
0
KEV

Monthly

CVE-2026-20058 MEDIUM This Month

Snort 3 Detection Engine crashes when processing malformed VBA data due to improper decompression error handling, allowing unauthenticated remote attackers to trigger denial-of-service conditions across multiple Cisco products. An attacker can exploit this vulnerability by sending crafted VBA payloads to cause unexpected engine restarts without requiring authentication or user interaction. No patch is currently available for this medium-severity flaw.

Cisco Denial Of Service
NVD VulDB
CVSS 3.1
5.8
EPSS
0.1%
CVE-2024-5700 HIGH This Week

Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Buffer Overflow Mozilla Firefox Thunderbird
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2024-27840 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +3
NVD VulDB
CVSS 3.1
6.3
EPSS
0.0%
CVE-2024-27828 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Tvos +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-27808 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari Ipados Iphone Os +4
NVD VulDB
CVSS 3.1
8.8
EPSS
1.1%
EPSS 0% CVSS 5.8
MEDIUM This Month

Snort 3 Detection Engine crashes when processing malformed VBA data due to improper decompression error handling, allowing unauthenticated remote attackers to trigger denial-of-service conditions across multiple Cisco products. An attacker can exploit this vulnerability by sending crafted VBA payloads to cause unexpected engine restarts without requiring authentication or user interaction. No patch is currently available for this medium-severity flaw.

Cisco Denial Of Service
NVD VulDB
EPSS 0% CVSS 7.0
HIGH This Week

Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

RCE Buffer Overflow Mozilla +2
NVD
EPSS 0% CVSS 6.3
MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +5
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados +4
NVD VulDB
EPSS 1% CVSS 8.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari +6
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy