CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,844 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 12 of 277
- CVE-2018-10489HIGHCVSS 8.8EG 8.82018-05-17
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open…
- CVE-2018-10491HIGHCVSS 8.8EG 8.82018-05-17
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open…
- CVE-2018-10528HIGHCVSS 8.8EG 8.82018-04-29
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
- CVE-2018-10534MEDIUMCVSS 5.5EG 5.52018-04-29
The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increas…
- CVE-2018-10536HIGHCVSS 7.8EG 7.82018-04-29
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
- CVE-2018-10538MEDIUMCVSS 5.5EG 5.52018-04-29
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack…
- CVE-2018-10539MEDIUMCVSS 5.5EG 5.52018-04-29
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to…
- CVE-2018-10540MEDIUMCVSS 5.5EG 5.52018-04-29
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a …
- CVE-2018-10597HIGHCVSS 8.3EG 8.32018-06-05
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with s…
- CVE-2018-10601HIGHCVSS 8.2EG 8.22018-06-05
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with s…
- CVE-2018-10602HIGHCVSS 8.8EG 8.82018-09-26
WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.
- CVE-2018-10606HIGHCVSS 8.8EG 8.82018-09-26
WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.
- CVE-2018-10610HIGHCVSS 8.8EG 8.82018-10-09
An out-of-bounds vulnerability in LeviStudioU, Versions 1.8.29 and 1.8.44 can be exploited when the application processes specially crafted project files.
- CVE-2018-10620CRITICALCVSS 9.8EG 9.82018-07-19
AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event rela…
- CVE-2018-10636HIGHCVSS 8.8EG 8.82018-08-13
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files…
- CVE-2018-10677HIGHCVSS 8.8EG 8.82018-05-02
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or poss…
- CVE-2018-1068MEDIUMCVSS 6.7EG 6.72018-03-16
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
- CVE-2018-1071MEDIUMCVSS 5.5EG 5.52018-03-09
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service.
- CVE-2018-10717HIGHCVSS 8.8EG 8.82018-05-03
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application cr…
- CVE-2018-10718CRITICALCVSS 10.0EG 10.02018-05-03
Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.
- CVE-2018-10753CRITICALCVSS 9.8EG 9.82018-05-05
Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
- CVE-2018-10771CRITICALCVSS 9.8EG 9.82018-05-07
Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
- CVE-2018-10840MEDIUMCVSS 6.6EG 6.62018-07-16
Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image.
- CVE-2018-10878HIGHCVSS 7.8EG 7.82018-07-26
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
- CVE-2018-10880MEDIUMCVSS 5.5EG 5.52018-07-25
Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of servic…
- CVE-2018-10881MEDIUMCVSS 4.2EG 5.52018-07-26
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
- CVE-2018-10882MEDIUMCVSS 4.8EG 5.52018-07-27
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.
- CVE-2018-10883MEDIUMCVSS 4.8EG 5.52018-07-30
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
- CVE-2018-10907HIGHCVSS 8.8EG 8.82018-09-04
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a glu…
- CVE-2018-10972HIGHCVSS 7.8EG 7.82018-05-10
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspeci…
- CVE-2018-1100HIGHCVSS 7.8EG 7.82018-04-11
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.
- CVE-2018-11007MEDIUMCVSS 5.5EG 5.52021-01-11
A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
- CVE-2018-11009HIGHCVSS 7.8EG 7.82021-01-11
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
- CVE-2018-11010HIGHCVSS 7.8EG 7.82021-01-11
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
- CVE-2018-11013CRITICALCVSS 9.8EG 9.82018-05-13
Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host heade…
- CVE-2018-11128HIGHCVSS 7.8EG 7.82018-05-17
The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly execute arbitrary code via a crafted pdf file.
- CVE-2018-11218CRITICALCVSS 9.8EG 9.82018-06-17
Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.
- CVE-2018-11236CRITICALCVSS 9.8EG 9.82018-05-18
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based …
- CVE-2018-11237HIGHCVSS 7.8EG 7.82018-05-18
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
- CVE-2018-1124HIGHCVSS 7.8EG 7.82018-05-23
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processe…
- CVE-2018-1125HIGHCVSS 7.5EG 7.52018-05-23
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterpr…
- CVE-2018-11262HIGHCVSS 7.8EG 7.82018-09-04
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' cou…
- CVE-2018-11292HIGHCVSS 7.8EG 7.82018-09-20
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, …
- CVE-2018-11295HIGHCVSS 7.8EG 7.82018-09-18
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds t…
- CVE-2018-11296HIGHCVSS 7.8EG 7.82018-09-18
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur.
- CVE-2018-11420CRITICALCVSS 9.8EG 9.82019-07-03
There is Memory corruption in the web interface of Moxa OnCell G3100-HSPA Series version 1.5 Build 17042015 and prio,r a different vulnerability than CVE-2018-11423.
- CVE-2018-11424HIGHCVSS 7.5EG 7.52019-07-03
There is Memory corruption in the web interface of Moxa OnCell G3470A-LTE Series version 1.6 Build 18021314 and prior, a different vulnerability than CVE-2018-11425.
- CVE-2018-11438HIGHCVSS 8.8EG 8.82018-05-30
The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution (heap-based buffer overflow) via a crafted mobi file.
- CVE-2018-11440HIGHCVSS 8.8EG 8.82018-05-25
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c.
- CVE-2018-11489HIGHCVSS 8.8EG 8.82018-05-26
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denia…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →