CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,844 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 14 of 277
- CVE-2018-12578CRITICALCVSS 9.8EG 9.82018-06-19
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
- CVE-2018-12599HIGHCVSS 8.8EG 8.82018-06-20
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
- CVE-2018-12600HIGHCVSS 8.8EG 8.82018-06-20
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
- CVE-2018-12601CRITICALCVSS 9.8EG 9.82018-06-20
There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
- CVE-2018-12693MEDIUMCVSS 6.5EG 6.52018-06-23
Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service (outage) via a long type parameter to /data/syslog.filter.json.
- CVE-2018-12699CRITICALCVSS 9.8EG 9.82018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during e…
- CVE-2018-12714CRITICALCVSS 9.8EG 9.82018-06-24
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the…
- CVE-2018-12754CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the conte…
- CVE-2018-12755CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the conte…
- CVE-2018-12758CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the conte…
- CVE-2018-12759HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12760CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the conte…
- CVE-2018-12771HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the conte…
- CVE-2018-12785CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of t…
- CVE-2018-12787CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the conte…
- CVE-2018-12788HIGHCVSS 8.8EG 8.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of t…
- CVE-2018-12798CRITICALCVSS 9.8EG 9.82018-07-20
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of t…
- CVE-2018-12808CRITICALCVSS 9.8EG 9.82018-08-29
Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12813CRITICALCVSS 9.8EG 9.82018-10-17
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12814CRITICALCVSS 9.8EG 9.82018-10-17
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12823CRITICALCVSS 9.8EG 9.82018-10-17
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12830HIGHCVSS 7.8EG 7.82019-01-18
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 an…
- CVE-2018-12832HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12833HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12836HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12837HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12846HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12847HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12848CRITICALCVSS 9.8EG 9.82018-09-25
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12851HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12860HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12861HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12862HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12864HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12865HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12868HIGHCVSS 7.8EG 7.82018-10-12
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2018-12889CRITICALCVSS 9.8EG 9.82018-06-26
An issue was discovered in CCN-lite 2.0.1. There is a heap-based buffer overflow in mkAddToRelayCacheRequest and in ccnl_populate_cache for an array lacking '\0' termination when reading a binary CCNx or NDN file. This can result in Heap C…
- CVE-2018-12900HIGHCVSS 8.8EG 8.82018-06-26
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.…
- CVE-2018-12911CRITICALCVSS 9.8EG 9.82018-07-19
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.
- CVE-2018-12930HIGHCVSS 7.8EG 7.82018-06-28
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other im…
- CVE-2018-12931HIGHCVSS 7.8EG 7.82018-06-28
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a c…
- CVE-2018-12932CRITICALCVSS 9.8EG 9.82018-06-28
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value.
- CVE-2018-12933CRITICALCVSS 9.8EG 9.82018-06-28
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCreatePen->ihPen array index.
- CVE-2018-13030HIGHCVSS 7.8EG 7.82018-06-30
An issue was discovered in jpeg-compressor 0.1. The build_huffman function in stb_image.c allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.
- CVE-2018-13037HIGHCVSS 7.8EG 7.82018-07-01
An issue was discovered in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact.
- CVE-2018-13095MEDIUMCVSS 5.5EG 5.52018-07-03
An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has m…
- CVE-2018-13096MEDIUMCVSS 5.5EG 5.52018-07-03
An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.
- CVE-2018-13139HIGHCVSS 8.8EG 8.82018-07-04
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can…
- CVE-2018-13383MEDIUMCVSS 4.3EG 9.0⚠ KEV2019-05-29
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination …
- CVE-2018-13443HIGHCVSS 8.8EG 8.82019-04-24
EOS.IO jit-wasm 4.1 has a heap-based buffer overflow via a crafted wast file.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →