CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,844 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 13 of 277
- CVE-2018-11490HIGHCVSS 8.8EG 8.82018-05-26
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This wi…
- CVE-2018-11506HIGHCVSS 7.8EG 7.82018-05-28
The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have diff…
- CVE-2018-11516HIGHCVSS 8.8EG 8.82018-05-28
The vlc_demux_chained_Delete function in input/demux_chained.c in VideoLAN VLC media player 3.0.1 allows remote attackers to cause a denial of service (heap corruption and application crash) or possibly have unspecified other impact via a …
- CVE-2018-11531CRITICALCVSS 9.8EG 9.82018-05-29
Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.
- CVE-2018-11536CRITICALCVSS 9.8EG 9.82018-05-29
md4c before 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits.
- CVE-2018-11545CRITICALCVSS 9.8EG 9.82018-05-29
md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes.
- CVE-2018-11555HIGHCVSS 7.8EG 7.82018-05-30
tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is based on an sampl…
- CVE-2018-11556HIGHCVSS 7.8EG 7.82018-05-30
tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerability because the issue is base…
- CVE-2018-1156HIGHCVSS 8.8EG 8.82018-08-23
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
- CVE-2018-11560CRITICALCVSS 9.8EG 9.82018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 3…
- CVE-2018-11575CRITICALCVSS 9.8EG 9.82018-05-31
ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.
- CVE-2018-11593HIGHCVSS 7.1EG 7.12018-05-31
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.
- CVE-2018-1160CRITICALCVSS 9.8EG 9.82018-12-20
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary co…
- CVE-2018-11622HIGHCVSS 8.8EG 8.82018-07-31
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open …
- CVE-2018-11626HIGHCVSS 7.5EG 7.52018-05-31
SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c init_apev2_keys function.
- CVE-2018-1165HIGHCVSS 7.0EG 7.02018-02-21
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system…
- CVE-2018-11683HIGHCVSS 8.8EG 8.82018-06-04
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
- CVE-2018-11684HIGHCVSS 8.8EG 8.82018-06-04
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
- CVE-2018-11685HIGHCVSS 8.8EG 8.82018-06-04
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
- CVE-2018-1171HIGHCVSS 7.0EG 7.02018-03-19
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system…
- CVE-2018-11710HIGHCVSS 8.8EG 8.82018-06-04
soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of…
- CVE-2018-11726HIGHCVSS 8.8EG 8.82018-06-19
The mobi_decode_font_resource function in util.c in Libmobi 0.3 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted mobi file.
- CVE-2018-1176HIGHCVSS 8.8EG 8.82018-05-17
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open…
- CVE-2018-11778HIGHCVSS 8.8EG 8.82018-10-05
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0
- CVE-2018-11806HIGHCVSS 8.2EG 8.22018-06-13
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
- CVE-2018-11824HIGHCVSS 7.8EG 7.82018-10-26
A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660
- CVE-2018-11851HIGHCVSS 7.8EG 7.82018-09-18
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack.
- CVE-2018-11852HIGHCVSS 7.8EG 7.82018-09-18
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to …
- CVE-2018-11903HIGHCVSS 7.8EG 7.82018-09-19
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB w…
- CVE-2018-11919HIGHCVSS 7.8EG 7.82018-11-27
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a potential heap overflow and memory corruption due to improper error handling in SOC infrastructure.
- CVE-2018-11929HIGHCVSS 7.8EG 7.82019-06-14
Lack of input validation in WLAN function can lead to potential heap overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM965…
- CVE-2018-11934HIGHCVSS 7.8EG 7.82019-06-14
Possible out of bounds write due to improper input validation while processing DO_ACS vendor command in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, S…
- CVE-2018-11945CRITICALCVSS 9.8EG 9.82019-02-25
Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IO…
- CVE-2018-11993HIGHCVSS 8.8EG 8.82019-01-18
Improper check while accessing the local memory stack on MQTT connection request can lead to buffer overflow in snapdragon wear in versions MDM9206, MDM9607
- CVE-2018-12010HIGHCVSS 7.8EG 7.82019-02-11
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corruption in trustzone region.
- CVE-2018-12035HIGHCVSS 7.8EG 7.82018-06-15
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
- CVE-2018-12085HIGHCVSS 8.8EG 8.82018-06-09
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
- CVE-2018-12086HIGHCVSS 7.5EG 7.52018-09-14
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
- CVE-2018-12109HIGHCVSS 7.8EG 7.82018-06-11
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow and application c…
- CVE-2018-12115HIGHCVSS 7.5EG 7.52018-08-21
In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding (recognized by Node.js under the names `'ucs2'`, `'ucs-2'`, `'utf16le'` and `'utf-16le'`), `Buffer#write()` can be abused to write outside of the b…
- CVE-2018-12174HIGHCVSS 7.8EG 7.82018-11-14
Heap overflow in Intel Trace Analyzer 2018 in Intel Parallel Studio XE 2018 Update 3 may allow an authenticated user to potentially escalate privileges via local access.
- CVE-2018-12180HIGHCVSS 8.8EG 8.82019-03-27
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
- CVE-2018-12181MEDIUMCVSS 6.0EG 6.02019-03-27
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
- CVE-2018-12183MEDIUMCVSS 6.8EG 6.82019-03-27
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
- CVE-2018-12293HIGHCVSS 8.8EG 8.82018-06-19
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based …
- CVE-2018-1232HIGHCVSS 7.5EG 7.52018-03-30
RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker…
- CVE-2018-12327CRITICALCVSS 9.8EG 9.82018-06-20
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is u…
- CVE-2018-12379HIGHCVSS 7.8EG 7.82018-10-18
When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local…
- CVE-2018-12393HIGHCVSS 7.5EG 7.52019-02-28
A potential vulnerability was found in 32-bit builds where an integer overflow during the conversion of scripts to an internal UTF-16 representation could result in allocating a buffer too small for the conversion. This leads to a possible…
- CVE-2018-12447HIGHCVSS 8.8EG 8.82018-06-15
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →