CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,901 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 122 of 279
- CVE-2021-45972HIGHCVSS 7.1EG 7.12022-01-01
The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buf…
- CVE-2021-45985HIGHCVSS 7.5EG 7.52023-04-10
In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read.
- CVE-2021-45988HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddDnsForward. This vulnerability allows attackers to cause a Denial of Service (DoS) via the DnsForwardRule parameter.
- CVE-2021-45989HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function guestWifiRuleRefresh. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qosGuestUpstream and qosGuestDown…
- CVE-2021-45991HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formAddVpnUsers. This vulnerability allows attackers to cause a Denial of Service (DoS) via the vpnUsers parameter.
- CVE-2021-45992HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetQvlanList. This vulnerability allows attackers to cause a Denial of Service (DoS) via the qvlanName parameter.
- CVE-2021-45993HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formIPMacBindModify. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IPMacBindRuleIP and IPMacBindRuleM…
- CVE-2021-45994HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formDelDhcpRule. This vulnerability allows attackers to cause a Denial of Service (DoS) via the delDhcpIndex parameter.
- CVE-2021-45995HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetStaticRoute. This vulnerability allows attackers to cause a Denial of Service (DoS) via the staticRouteNet, staticRouteMask, an…
- CVE-2021-45996HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProto…
- CVE-2021-45997HIGHCVSS 7.5EG 7.52022-02-04
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service (DoS) via the portMappingServer, portMappingProto…
- CVE-2021-46050MEDIUMCVSS 5.5EG 5.52022-01-10
A Stack Overflow vulnerability exists in Binaryen 103 via the printf_common function.
- CVE-2021-46151HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially craf…
- CVE-2021-46153HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to…
- CVE-2021-46154HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a stack based buffer overflow vulnerability while parsing NEU files. This could allow an a…
- CVE-2021-46155HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a stack based buffer overflow vulnerability while parsing NEU files. This could allow an a…
- CVE-2021-46156HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially craf…
- CVE-2021-46157HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to…
- CVE-2021-46158HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a stack based buffer overflow vulnerability while parsing NEU files. This could allow an a…
- CVE-2021-46159HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially craf…
- CVE-2021-46160HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially craf…
- CVE-2021-46161HIGHCVSS 7.8EG 7.82022-02-09
A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially craf…
- CVE-2021-46162HIGHCVSS 7.8EG 7.82022-02-22
A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted NEU files. This could allow an a…
- CVE-2021-46168MEDIUMCVSS 5.5EG 5.52022-01-14
Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() at spinlex.c.
- CVE-2021-46174HIGHCVSS 7.5EG 7.52023-08-22
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.
- CVE-2021-46238MEDIUMCVSS 5.5EG 5.52022-01-21
GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service (DoS).
- CVE-2021-46262CRITICALCVSS 9.8EG 9.82022-02-15
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the PPPoE module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
- CVE-2021-46263CRITICALCVSS 9.8EG 9.82022-02-15
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiTime module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
- CVE-2021-46264CRITICALCVSS 9.8EG 9.82022-02-15
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the onlineList module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
- CVE-2021-46265CRITICALCVSS 9.8EG 9.82022-02-15
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wanBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
- CVE-2021-46321CRITICALCVSS 9.8EG 9.82022-02-15
Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain a stack buffer overflow in the wifiBasicCfg module. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.
- CVE-2021-46324HIGHCVSS 7.8EG 7.82022-01-20
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.
- CVE-2021-46325HIGHCVSS 7.8EG 7.82022-01-20
Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf.
- CVE-2021-46326HIGHCVSS 7.8EG 7.82022-01-20
Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __asan_memcpy.
- CVE-2021-46328HIGHCVSS 7.8EG 7.82022-01-20
Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __libc_start_main.
- CVE-2021-46332HIGHCVSS 7.8EG 7.82022-01-20
Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via xs/sources/xsDataView.c in fxUint8Getter.
- CVE-2021-46334HIGHCVSS 7.8EG 7.82022-01-20
Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component __interceptor_strcat.
- CVE-2021-46393CRITICALCVSS 9.8EG 9.82022-03-04
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v10 variable is directly retrieved from the http request parameter startIp. Then v10 will be splice to stack by funct…
- CVE-2021-46394CRITICALCVSS 9.8EG 9.82022-03-04
There is a stack buffer overflow vulnerability in the formSetPPTPServer function of Tenda-AX3 router V16.03.12.10_CN. The v13 variable is directly retrieved from the http request parameter startIp. Then v13 will be splice to stack by funct…
- CVE-2021-46408HIGHCVSS 7.5EG 7.52022-03-10
Tenda AX12 v22.03.01.21 was discovered to contain a stack buffer overflow in the function sub_422CE4. This vulnerability allows attackers to cause a Denial of Service (DoS) via the strcpy parameter.
- CVE-2021-46474MEDIUMCVSS 5.5EG 5.52022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).
- CVE-2021-46475MEDIUMCVSS 5.5EG 5.52022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).
- CVE-2021-46477MEDIUMCVSS 5.5EG 5.52022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExp_constructor in src/jsiRegexp.c. This vulnerability can lead to a Denial of Service (DoS).
- CVE-2021-46478MEDIUMCVSS 5.5EG 5.52022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).
- CVE-2021-46480MEDIUMCVSS 5.5EG 5.52022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).
- CVE-2021-46482HIGHCVSS 7.8EG 7.82022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c.
- CVE-2021-46483HIGHCVSS 7.8EG 7.82022-01-25
Jsish v3.5.0 was discovered to contain a heap buffer overflow via BooleanConstructor at src/jsiBool.c.
- CVE-2021-46505MEDIUMCVSS 5.5EG 5.52022-01-27
Jsish v3.5.0 was discovered to contain a stack overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x5b1e5.
- CVE-2021-46507MEDIUMCVSS 5.5EG 5.52022-01-27
Jsish v3.5.0 was discovered to contain a stack overflow via Jsi_LogMsg at src/jsiUtils.c.
- CVE-2021-46509HIGHCVSS 7.8EG 7.82022-01-27
Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →