CVE-2025-20639

MEDIUM Year: 2025
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-787
View all →

Vulnerability Description

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291146; Issue ID: MSV-2060.

Related Vulnerabilities

CVE-2021-20546

MEDIUM
CVSS:6.2(Medium)

IBM Spectrum Protect Client 8.1.0.0 through 8.1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and cause the applicat...

CWE-7872021

CVE-2021-35520

MEDIUM
CVSS:6.2(Medium)

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of ...

CWE-7872021

CVE-2021-38959

MEDIUM
CVSS:6.2(Medium)

IBM SPSS Statistics for Windows 24.0, 25.0, 26.0, 27.0, 27.0.1, and 28.0 could allow a local user to cause a denial of service by writing arbitrary files to admin protected directories on the system. ...

CWE-7872021

CVE-2021-39048

MEDIUM
CVSS:6.2(Medium)

IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of serv...

CWE-7872021

CVE-2021-47535

MEDIUM
CVSS:6.2(Medium)

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 ("drm/msm/a6xx: fix crashstate capture for A650") we ch...

CWE-7872021

CVE-2023-29583

MEDIUM
CVSS:6.2(Medium)

yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a secu...

CWE-7872023