CWE-124 · Buffer Underwrite
34 CVEs classified under CWE-124 (Buffer Underwrite). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-25610 | Critical | 9.3 | 2025-03-24 | A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7… |
CVE-2022-20683 | High | 8.6 | 2022-04-15 | A vulnerability in the Application Visibility and Control (AVC-FNF) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could… |
CVE-2025-27440 | High | 8.5 | 2025-03-11 | Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. |
CVE-2025-27439 | High | 8.5 | 2025-03-11 | Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. |
CVE-2026-34253 | High | 8.2 | 2026-05-15 | A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulne… |
CVE-2026-0966 | High | 8.2 | 2026-03-26 | A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited rem… |
CVE-2025-61690 | High | 7.8 | 2025-10-02 | KV STUDIO versions 12.23 and prior contain a buffer underflow vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on th… |
CVE-2024-52990 | High | 7.8 | 2024-12-10 | Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite ('Buffer Underflow') vulnerability that could result in arbitrary code executio… |
CVE-2022-33896 | High | 7.8 | 2022-10-07 | A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed… |
CVE-2021-36064 | High | 7.8 | 2021-09-01 | XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the c… |
CVE-2023-34351 | High | 7.5 | 2024-02-14 | Buffer underflow in some Intel(R) PCM software before version 202307 may allow an unauthenticated user to potentially enable denial of service via network acce… |
CVE-2025-53101 | High | 7.4 | 2025-07-14 | ImageMagick is free and open-source software used for editing and manipulating digital images. In versions prior to 7.1.2-0 and 6.9.13-26, in ImageMagick's `ma… |
CVE-2021-38578 | High | 7.4 | 2022-03-03 | Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. |
CVE-2026-5089 | High | 7.3 | 2026-05-12 | YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 (sexagesimal) parsing code in perl_syck.h has a buffer underflow bug in both i… |
CVE-2023-32614 | High | 7.0 | 2023-09-25 | A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lea… |
CVE-2026-41499 | Medium | 6.5 | 2026-04-29 | Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple heap-based… |
CVE-2026-20104 | Medium | 6.1 | 2026-03-25 | A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Cata… |
CVE-2025-61915 | Medium | 6.0 | 2025-11-29 | OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can u… |
CVE-2023-48230 | Medium | 5.9 | 2023-11-21 | Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression… |
CVE-2026-28419 | Medium | 5.3 | 2026-02-27 | Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsing logic… |