Skip to main content

CWE-788

Access of Memory Location After End of Buffer

111 CVEs Avg CVSS 7.6 MITRE
5
CRITICAL
95
HIGH
8
MEDIUM
3
LOW
2
POC
0
KEV

Monthly

CVE-2023-20585 MEDIUM PATCH This Month

Insuffient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised HV to trigger an out of bounds condition without RMP checks resulting in a. Rated medium severity (CVSS 5.6).

Information Disclosure Suse
NVD VulDB
CVSS 4.0
5.6
EPSS
0.0%
CVE-2026-20052 MEDIUM This Month

Denial of service in Cisco Secure Firewall Threat Defense via crafted SSL packets allows unauthenticated remote attackers to crash the Snort 3 Detection Engine through a memory management logic error during SSL inspection. An attacker can exploit this vulnerability by sending malicious SSL packets through an established connection, forcing the detection engine to unexpectedly restart and interrupt security monitoring. No patch is currently available for this medium-severity issue.

Cisco TLS Denial Of Service
NVD
CVSS 3.1
5.8
EPSS
0.1%
CVE-2026-21316 MEDIUM This Month

Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.

Denial Of Service Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-36581 LOW Monitor

Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Amd Information Disclosure Poweredge R6415 Firmware Poweredge R7415 Firmware +1
NVD
CVSS 3.1
3.8
EPSS
0.0%
CVE-2025-43580 MEDIUM This Month

Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Denial Of Service Audition
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-20402 HIGH This Week

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software Firepower Threat Defense
NVD
CVSS 3.1
8.6
EPSS
0.5%
CVE-2024-20330 HIGH This Week

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service Firepower Threat Defense
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-42425 MEDIUM This Month

Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Dell Precision 7920 Firmware 7920 Xl Firmware
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-38304 MEDIUM This Month

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Dell Emc Xc Core Xcxr2 Firmware Emc Xc Core Xc940 System Firmware +29
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2024-27829 HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD VulDB
CVSS 3.1
7.8
EPSS
0.3%
EPSS 0% CVSS 5.6
MEDIUM PATCH This Month

Insuffient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised HV to trigger an out of bounds condition without RMP checks resulting in a. Rated medium severity (CVSS 5.6).

Information Disclosure Suse
NVD VulDB
EPSS 0% CVSS 5.8
MEDIUM This Month

Denial of service in Cisco Secure Firewall Threat Defense via crafted SSL packets allows unauthenticated remote attackers to crash the Snort 3 Detection Engine through a memory management logic error during SSL inspection. An attacker can exploit this vulnerability by sending malicious SSL packets through an established connection, forcing the detection engine to unexpectedly restart and interrupt security monitoring. No patch is currently available for this medium-severity issue.

Cisco TLS Denial Of Service
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Adobe Audition 25.3 and earlier contains a buffer over-read vulnerability that allows local attackers to crash the application by tricking users into opening specially crafted files. Exploitation requires user interaction but requires no elevated privileges, making it accessible to any local attacker who can deliver a malicious file. While no patch is currently available, the impact is limited to denial-of-service conditions.

Denial Of Service Audition
NVD
EPSS 0% CVSS 3.8
LOW Monitor

Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. Rated low severity (CVSS 3.8), this vulnerability is low attack complexity. No vendor patch available.

Dell Amd Information Disclosure +3
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Denial Of Service Audition
NVD
EPSS 1% CVSS 8.6
HIGH This Week

A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Adaptive Security Appliance Software +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Denial Of Service +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Dell Precision Rack, 14G Intel BIOS versions prior to 2.22.2, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Dell +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Dell PowerEdge Platform, 14G Intel BIOS version(s) prior to 2.22.x, contains an Access of Memory Location After End of Buffer vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Intel Dell +31
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple macOS
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy