CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,901 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 117 of 279
- CVE-2021-40426HIGHCVSS 8.8EG 8.82022-04-14
A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a…
- CVE-2021-4055HIGHCVSS 8.8EG 8.82021-12-23
Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
- CVE-2021-40556HIGHCVSS 8.8EG 8.82022-10-06
A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by "caupload" input handle function allowing the user to enter 0xFFFF …
- CVE-2021-4058HIGHCVSS 8.8EG 8.82021-12-23
Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-4062HIGHCVSS 8.8EG 8.82021-12-23
Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-40647MEDIUMCVSS 5.5EG 5.52022-09-09
In man2html 1.6g, a specific string being read in from a file will overwrite the size parameter in the top chunk of the heap. This at least causes the program to segmentation abort if the heap size parameter isn't aligned correctly. In ver…
- CVE-2021-40656HIGHCVSS 8.8EG 8.82022-04-08
libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867.
- CVE-2021-40731HIGHCVSS 7.8EG 7.82021-10-15
Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.20096 (and earlier), 20.004.30015 (and earlier), and 17.011.30202 (and earlier) is affected by an out-of-bounds write vulnerability when parsing a crafted JPEG2000 file, wh…
- CVE-2021-4079HIGHCVSS 8.8EG 8.82021-12-23
Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.
- CVE-2021-40827HIGHCVSS 7.8EG 7.82021-12-15
Clementine Music Player through 1.3.1 (when a GLib 2.0.0 DLL is used) is vulnerable to a Read Access Violation on Block Data Move, affecting the MP3 file parsing functionality at memcpy+0x265. The vulnerability is triggered when the user o…
- CVE-2021-4090HIGHCVSS 7.1EG 7.12022-02-18
An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege m…
- CVE-2021-4093HIGHCVSS 8.8EG 8.82022-02-18
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string…
- CVE-2021-40942MEDIUMCVSS 5.5EG 5.52022-06-27
In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS).
- CVE-2021-4098HIGHCVSS 7.4EG 7.42022-02-11
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-40985MEDIUMCVSS 5.5EG 5.52021-11-03
A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp.
- CVE-2021-4100HIGHCVSS 8.8EG 8.82022-02-11
Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-4101HIGHCVSS 8.8EG 8.82022-02-11
Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-41017HIGHCVSS 8.8EG 8.82021-12-08
Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTT…
- CVE-2021-41027HIGHCVSS 7.3EG 7.32021-12-08
A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, allows an authenticated attacker to execute unauthorized code or commands via crafted certificates loaded into the device.
- CVE-2021-41036CRITICALCVSS 9.8EG 9.82021-11-03
In versions prior to 1.1 of the Eclipse Paho MQTT C Client, the client does not check rem_len size in readpacket.
- CVE-2021-41159MEDIUMCVSS 5.8EG 5.82021-10-21
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway mig…
- CVE-2021-41160MEDIUMCVSS 5.3EG 5.32021-10-21
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceComm…
- CVE-2021-41216MEDIUMCVSS 5.5EG 5.52021-11-05
TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape infere…
- CVE-2021-41221HIGHCVSS 7.8EG 7.82021-11-05
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs becau…
- CVE-2021-4129CRITICALCVSS 9.8EG 9.82022-12-22
Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corr…
- CVE-2021-4136HIGHCVSS 7.8EG 7.82021-12-19
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2021-41396HIGHCVSS 7.5EG 7.52022-07-12
Live555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this …
- CVE-2021-41456HIGHCVSS 7.5EG 7.52021-10-01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
- CVE-2021-41457HIGHCVSS 7.5EG 7.52021-10-01
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
- CVE-2021-41458MEDIUMCVSS 5.5EG 5.52022-06-16
In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability.
- CVE-2021-41459HIGHCVSS 7.5EG 7.52021-10-01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.
- CVE-2021-41683HIGHCVSS 7.8EG 7.82022-06-20
There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0
- CVE-2021-41736CRITICALCVSS 9.8EG 9.82022-03-22
Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp.
- CVE-2021-41752CRITICALCVSS 9.8EG 9.82022-04-05
Stack overflow vulnerability in Jerryscript before commit e1ce7dd7271288be8c0c8136eea9107df73a8ce2 on Oct 20, 2021 due to an unbounded recursive call to the new opt() function.
- CVE-2021-41987HIGHCVSS 8.1EG 8.12022-03-16
In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9,…
- CVE-2021-42008HIGHCVSS 7.8EG 7.82021-10-05
The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
- CVE-2021-42012HIGHCVSS 7.8EG 7.82021-10-21
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker mu…
- CVE-2021-42018MEDIUMCVSS 5.9EG 9.82022-03-08
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM …
- CVE-2021-42024HIGHCVSS 7.8EG 7.82021-12-14
A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < 2021.3.1). The starview+.exe application lacks proper validation of user-supplied data when parsing scene files. This could result in an out of bounds write …
- CVE-2021-42028HIGHCVSS 7.8EG 7.82024-01-04
A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in an out-of-bounds write past the end of an allocated s…
- CVE-2021-4204HIGHCVSS 7.1EG 7.12022-08-24
An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.
- CVE-2021-42059MEDIUMCVSS 6.7EG 6.72022-02-03
An issue was discovered in Insyde InsydeH2O Kernel 5.0 before 05.08.41, Kernel 5.1 before 05.16.41, Kernel 5.2 before 05.26.41, Kernel 5.3 before 05.35.41, and Kernel 5.4 before 05.42.20. A stack-based buffer overflow leads toarbitrary cod…
- CVE-2021-42069LOWCVSS 3.3EG 3.32021-12-14
When a user opens manipulated Tagged Image File Format (.tif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of t…
- CVE-2021-42076HIGHCVSS 7.5EG 7.52021-11-08
An issue was discovered in Barrier before 2.3.4. An attacker can cause memory exhaustion in the barriers component (aka the server-side implementation of Barrier) and barrierc by sending long TCP messages.
- CVE-2021-4214MEDIUMCVSS 5.5EG 5.52022-08-24
A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of ser…
- CVE-2021-42195HIGHCVSS 7.8EG 7.82022-06-02
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function handleEditText() located in swfdump.c. It allows an attacker to cause code Execution.
- CVE-2021-42199HIGHCVSS 7.8EG 7.82022-06-02
An issue was discovered in swftools through 20201222. A heap buffer overflow exists in the function swf_FontExtract_DefineTextCallback() located in swftext.c. It allows an attacker to cause code execution.
- CVE-2021-42201HIGHCVSS 7.8EG 7.82022-06-02
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetD64() located in rfxswf.c. It allows an attacker to cause code execution.
- CVE-2021-42204HIGHCVSS 7.8EG 7.82022-06-02
An issue was discovered in swftools through 20201222. A heap-buffer-overflow exists in the function swf_GetBits() located in rfxswf.c. It allows an attacker to cause code execution.
- CVE-2021-42270HIGHCVSS 7.8EG 7.82021-11-18
Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that …
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →