CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,902 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 124 of 279
- CVE-2021-47152MEDIUMCVSS 5.5EG 5.52024-03-25
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provi…
- CVE-2021-47166MEDIUMCVSS 5.5EG 5.52024-03-25
In the Linux kernel, the following vulnerability has been resolved: NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() The value of mirror->pg_bytes_written should only be updated after a successful attempt to flush …
- CVE-2021-47168MEDIUMCVSS 5.5EG 5.52024-03-25
In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to memory corruption. It should be NFS_MAXFH…
- CVE-2021-47203MEDIUMCVSS 5.5EG 5.52024-04-10
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such…
- CVE-2021-47282HIGHCVSS 7.8EG 7.82024-05-21
In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fix out-of-bounds access with more than 4 slaves Commit 571e31fa60b3 ("spi: bcm2835: Cache CS register value for ->prepare_message()") limited the number o…
- CVE-2021-47286HIGHCVSS 7.8EG 7.82024-05-21
In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by the device which can be any value be…
- CVE-2021-47322HIGHCVSS 7.8EG 7.82024-05-21
In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT Fix an Oopsable condition in pnfs_mark_request_commit() when we're putting a set of writes on the co…
- CVE-2021-47351MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix races between xattr_{set|get} and listxattr operations UBIFS may occur some problems with concurrent xattr_{set|get} and listxattr operations, such as asserti…
- CVE-2021-47352HIGHCVSS 7.8EG 7.82024-05-21
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for used length (might come from an untrusted device) to avoid data corruption or loss.
- CVE-2021-47354CRITICALCVSS 9.1EG 9.12024-05-21
In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to complete before killing it to avoid data corruptions.
- CVE-2021-47366MEDIUMCVSS 5.5EG 5.52024-05-21
In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches…
- CVE-2021-47404HIGHCVSS 7.8EG 7.82024-05-21
In the Linux kernel, the following vulnerability has been resolved: HID: betop: fix slab-out-of-bounds Write in betop_probe Syzbot reported slab-out-of-bounds Write bug in hid-betopff driver. The problem is the driver assumes the device …
- CVE-2021-47441HIGHCVSS 7.3EG 7.32024-05-22
In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/…
- CVE-2021-47458HIGHCVSS 7.8EG 7.82024-05-22
In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with CONFIG_FORTIFY_SOURCE mouting an ocfs2 filesystem with either o2cb or pcmk cluster…
- CVE-2021-47474HIGHCVSS 7.8EG 7.82024-05-22
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix bulk-buffer overflow The driver is using endpoint-sized buffers but must not assume that the tx and rx buffers are of equal size or a malicious devi…
- CVE-2021-47475HIGHCVSS 7.8EG 7.82024-05-22
In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffers but up until recently had no sanity checks on the sizes. Commit e1f13…
- CVE-2021-47477HIGHCVSS 7.8EG 5.32024-05-22
In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Allocate prope…
- CVE-2021-47489HIGHCVSS 7.8EG 7.82024-05-22
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix even more out of bound writes from debugfs CVE-2021-42327 was fixed by: commit f23750b5b3d98653b31d4469592935ef6364ad67 Author: Thelford Williams <tdwil…
- CVE-2021-47496HIGHCVSS 7.8EG 7.82024-05-22
In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktls doesn't always follow and that leads to memory c…
- CVE-2021-47497HIGHCVSS 7.8EG 7.82024-05-22
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell has 'nbits' equal to a multiple of BITS_PER_BYTE the logic *p &= GENMASK((cell->nbits%BITS_PER_BYT…
- CVE-2021-47535MEDIUMCVSS 6.2EG 6.22024-05-24
In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 ("drm/msm/a6xx: fix crashstate capture for A650") we changed a6xx_get_gmu_registers() to rea…
- CVE-2021-47536HIGHCVSS 7.8EG 7.82024-05-24
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the link group from the link group list, but it deleted the list head by mis…
- CVE-2021-47566HIGHCVSS 7.8EG 7.82024-05-24
In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have to use clear_user(). With a virtio-mem …
- CVE-2021-47580MEDIUMCVSS 6.6EG 6.62024-06-19
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t() to use type "u32" instead of type "int" to avoid stack out of bounds. With min_t() type "int" the v…
- CVE-2021-47605HIGHCVSS 7.8EG 7.82024-06-19
In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check to prevent it being out of bounds. The "config.offset…
- CVE-2021-47640HIGHCVSS 7.8EG 7.82025-02-26
In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix early region not updated correctly The shadow's page table is not updated when PTE_RPN_SHIFT is 24 and PAGE_SHIFT is 12. It not only causes false posi…
- CVE-2021-47642HIGHCVSS 7.8EG 7.82025-02-26
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow Coverity complains of a possible buffer overflow. However, given the 'static' scope of nvidia_setup_i2c_…
- CVE-2021-47705HIGHCVSS 8.7EG 8.72025-12-09
COMMAX UMS Client ActiveX Control 1.7.0.2 contains a heap-based buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit imp…
- CVE-2021-47719HIGHCVSS 8.7EG 8.72025-12-09
COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors…
- CVE-2021-47764MEDIUMCVSS 5.5EG 6.22026-01-15
AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating DialUp connection and license name fields. Attackers can generate a 1000-character payload and paste it in…
- CVE-2021-47765MEDIUMCVSS 5.5EG 6.22026-01-15
AbsoluteTelnet 11.24 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating username and error report fields. Attackers can trigger the crash by inserting 1000 characters into the us…
- CVE-2021-47772CRITICALCVSS 9.8EG 9.82026-01-15
10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to…
- CVE-2021-47774CRITICALCVSS 9.8EG 9.82026-01-15
Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Excepti…
- CVE-2021-47775HIGHCVSS 8.4EG 8.42026-01-15
YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious…
- CVE-2021-47781CRITICALCVSS 9.8EG 9.82026-01-15
Cmder Console Emulator 1.3.18 contains a buffer overflow vulnerability that allows attackers to trigger a denial of service condition through a maliciously crafted .cmd file. Attackers can create a specially constructed .cmd file with repe…
- CVE-2021-47785CRITICALCVSS 9.8EG 9.82026-01-16
Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by…
- CVE-2021-47786HIGHCVSS 7.5EG 7.52026-01-16
Redragon Gaming Mouse driver contains a kernel-level vulnerability that allows attackers to trigger a denial of service by sending malformed IOCTL requests. Attackers can send a crafted 2000-byte buffer with specific byte patterns to the R…
- CVE-2021-47789HIGHCVSS 7.5EG 7.52026-01-16
Yenkee Hornet Gaming Mouse driver GM312Fltr.sys contains a buffer overrun vulnerability that allows attackers to crash the system by sending oversized input. Attackers can exploit the driver by sending a 2000-byte buffer through DeviceIoCo…
- CVE-2022-0100HIGHCVSS 8.8EG 8.82022-02-12
Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0101HIGHCVSS 8.8EG 8.82022-02-12
Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.
- CVE-2022-0104HIGHCVSS 8.8EG 8.82022-02-12
Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0135HIGHCVSS 7.8EG 7.82022-08-25
An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of…
- CVE-2022-0137HIGHCVSS 7.5EG 5.52022-11-14
A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries.
- CVE-2022-0158LOWCVSS 3.3EG 3.32022-01-10
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2022-0194CRITICALCVSS 9.8EG 9.82023-03-28
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue…
- CVE-2022-0213MEDIUMCVSS 6.6EG 6.62022-01-14
vim is vulnerable to Heap-based Buffer Overflow
- CVE-2022-0261HIGHCVSS 7.8EG 7.82022-01-18
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
- CVE-2022-0301HIGHCVSS 7.8EG 7.82022-02-12
Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0306HIGHCVSS 8.8EG 8.82022-02-12
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0310HIGHCVSS 8.8EG 8.82022-02-12
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →