CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,902 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 127 of 279
- CVE-2022-20047HIGHCVSS 7.8EG 7.82022-03-10
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patc…
- CVE-2022-20048HIGHCVSS 7.8EG 7.82022-03-10
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patc…
- CVE-2022-20055MEDIUMCVSS 6.8EG 6.82022-03-10
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges nee…
- CVE-2022-20056MEDIUMCVSS 6.6EG 6.62022-03-10
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges nee…
- CVE-2022-20058MEDIUMCVSS 6.6EG 6.62022-03-10
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges nee…
- CVE-2022-20059MEDIUMCVSS 6.6EG 6.62022-03-10
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges nee…
- CVE-2022-20063MEDIUMCVSS 6.5EG 6.52022-04-11
In atf (spm), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06171…
- CVE-2022-20067MEDIUMCVSS 6.7EG 6.72022-04-11
In mdp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS05836585…
- CVE-2022-20070MEDIUMCVSS 6.7EG 6.72022-04-11
In ssmr, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS0636292…
- CVE-2022-20074MEDIUMCVSS 6.6EG 6.62022-04-11
In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileg…
- CVE-2022-20083CRITICALCVSS 9.8EG 9.82022-07-06
In Modem 2G/3G CC, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution when decoding combined FACILITY with no additional execution privileges needed. User interaction is not need…
- CVE-2022-20087MEDIUMCVSS 6.7EG 6.72022-05-03
In ccu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0647797…
- CVE-2022-20094MEDIUMCVSS 6.7EG 6.72022-05-03
In imgsensor, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: AL…
- CVE-2022-20095MEDIUMCVSS 6.7EG 6.72022-05-03
In imgsensor, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0…
- CVE-2022-20099HIGHCVSS 7.8EG 7.82022-05-03
In aee daemon, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: A…
- CVE-2022-20105MEDIUMCVSS 6.7EG 6.72022-05-03
In MM service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch I…
- CVE-2022-20106MEDIUMCVSS 6.7EG 6.72022-05-03
In MM service, there is a possible out of bounds write due to a heap-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID…
- CVE-2022-20108MEDIUMCVSS 6.7EG 6.72022-05-03
In voice service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patc…
- CVE-2022-20127CRITICALCVSS 9.8EG 9.82022-06-15
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Produ…
- CVE-2022-20130CRITICALCVSS 9.8EG 9.82022-06-15
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not neede…
- CVE-2022-20131HIGHCVSS 7.5EG 7.52022-06-15
In nci_proc_rf_management_ntf of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not ne…
- CVE-2022-20140CRITICALCVSS 9.8EG 9.82022-06-15
In read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for…
- CVE-2022-20147HIGHCVSS 7.8EG 7.82022-06-15
In nfa_dm_check_set_config of nfa_dm_main.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n…
- CVE-2022-20152MEDIUMCVSS 6.7EG 6.72022-06-15
In the TitanM chip, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: A…
- CVE-2022-20166MEDIUMCVSS 6.7EG 6.72022-06-15
In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for …
- CVE-2022-20178MEDIUMCVSS 6.7EG 6.72022-06-15
In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is…
- CVE-2022-20183MEDIUMCVSS 6.7EG 6.72022-06-15
In hypx_create_blob_dmabuf of faceauth_hypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed …
- CVE-2022-20201MEDIUMCVSS 6.7EG 6.72022-06-15
In getAppSize of InstalldNativeService.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for …
- CVE-2022-20202MEDIUMCVSS 6.5EG 6.52022-06-15
In ih264_resi_trans_quant_4x4_sse42 of ih264_resi_trans_quant_sse42.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. U…
- CVE-2022-20203HIGHCVSS 7.8EG 7.82022-06-15
In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interactio…
- CVE-2022-20209HIGHCVSS 7.5EG 7.52022-06-15
In hme_add_new_node_to_a_sorted_array of hme_utils.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction i…
- CVE-2022-20222CRITICALCVSS 9.8EG 9.82022-07-13
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitati…
- CVE-2022-20229CRITICALCVSS 9.8EG 9.82022-07-13
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction…
- CVE-2022-20231MEDIUMCVSS 6.7EG 6.72022-09-14
In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ex…
- CVE-2022-20233MEDIUMCVSS 6.7EG 6.72022-06-15
In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed.…
- CVE-2022-20235MEDIUMCVSS 5.5EG 5.52023-01-26
The PowerVR GPU kernel driver maintains an "Information Page" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, …
- CVE-2022-20237CRITICALCVSS 9.8EG 9.82022-08-11
In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2022-20244HIGHCVSS 7.5EG 7.52022-08-11
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. Us…
- CVE-2022-20247HIGHCVSS 7.5EG 7.52022-08-11
In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andro…
- CVE-2022-2025CRITICALCVSS 9.8EG 9.82022-09-23
an attacker with knowledge of user/pass of Grandstream GSD3710 in its 1.0.11.13 version, could overflow the stack since it doesn't check the param length before use the strcopy instruction. The explotation of this vulnerability may lead an…
- CVE-2022-20256MEDIUMCVSS 6.4EG 6.42022-08-12
In the Audio HAL, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe…
- CVE-2022-20269MEDIUMCVSS 6.8EG 6.82022-08-12
In Bluetooth, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: Andr…
- CVE-2022-20273MEDIUMCVSS 6.5EG 6.52022-08-12
In Bluetooth, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A…
- CVE-2022-20313MEDIUMCVSS 6.8EG 6.82022-08-12
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: Android…
- CVE-2022-20345HIGHCVSS 8.8EG 8.82022-08-10
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not…
- CVE-2022-20364HIGHCVSS 7.8EG 7.82022-09-14
In sysmmu_unmap of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation…
- CVE-2022-20369MEDIUMCVSS 6.7EG 6.72022-08-11
In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for …
- CVE-2022-20382MEDIUMCVSS 6.7EG 6.72022-08-11
In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: And…
- CVE-2022-20397HIGHCVSS 7.8EG 7.82022-10-14
In SitRilClient_OnResponse of SitRilSe.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not nee…
- CVE-2022-20400CRITICALCVSS 9.8EG 9.82022-08-11
In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Pr…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →