CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,904 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 143 of 279
- CVE-2022-32049HIGHCVSS 7.5EG 7.52022-07-01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
- CVE-2022-32050HIGHCVSS 7.5EG 7.52022-07-01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
- CVE-2022-32051HIGHCVSS 7.5EG 7.52022-07-01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
- CVE-2022-32052HIGHCVSS 7.5EG 7.52022-07-01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
- CVE-2022-32053HIGHCVSS 7.5EG 7.52022-07-01
TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
- CVE-2022-32117HIGHCVSS 7.8EG 7.82022-07-13
Jerryscript v2.4.0 was discovered to contain a stack buffer overflow via the function jerryx_print_unhandled_exception in /util/print.c.
- CVE-2022-3213MEDIUMCVSS 5.5EG 5.52022-09-19
A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service.
- CVE-2022-3219LOWCVSS 3.3EG 5.52023-02-23
GnuPG can be made to spin on a relatively small input by (for example) crafting a public key with thousands of signatures attached, compressed down to just a few KB.
- CVE-2022-32208MEDIUMCVSS 5.9EG 5.92022-07-07
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
- CVE-2022-32234CRITICALCVSS 9.8EG 9.82022-10-11
An out of bounds write in hermes, while handling large arrays, prior to commit 06eaec767e376bfdb883d912cb15e987ddf2bda1 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if th…
- CVE-2022-32266MEDIUMCVSS 6.4EG 6.42022-11-14
DMA attacks on the parameter buffer used by a software SMI handler used by the driver PcdSmmDxe could lead to a TOCTOU attack on the SMI handler and lead to corruption of other ACPI fields and adjacent memory fields. DMA attacks on the par…
- CVE-2022-3228MEDIUMCVSS 6.5EG 6.52022-10-28
Using custom code, an attacker can write into name or description fields larger than the appropriate buffer size causing a stack-based buffer overflow on Host Engineering H0-ECOM100 Communications Module Firmware versions v5.0.155 and prio…
- CVE-2022-32292CRITICALCVSS 9.8EG 9.82022-08-03
In ConnMan through 1.41, remote attackers able to send HTTP requests to the gweb component are able to exploit a heap-based buffer overflow in received_data to execute code.
- CVE-2022-32323HIGHCVSS 7.3EG 9.82022-07-14
AutoTrace v0.40.0 was discovered to contain a heap overflow via the ReadImage function at input-bmp.c:660.
- CVE-2022-32324CRITICALCVSS 9.8EG 9.82022-07-01
PDFAlto v0.4 was discovered to contain a heap buffer overflow via the component /pdfalto/src/pdfalto.cc.
- CVE-2022-3234HIGHCVSS 7.8EG 7.82022-09-17
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
- CVE-2022-32383CRITICALCVSS 9.8EG 9.82022-07-06
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
- CVE-2022-32384HIGHCVSS 8.8EG 8.82022-07-01
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
- CVE-2022-32385CRITICALCVSS 9.8EG 9.82022-07-06
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
- CVE-2022-32386CRITICALCVSS 9.8EG 9.82022-07-06
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
- CVE-2022-32434HIGHCVSS 7.8EG 7.82022-07-15
EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.
- CVE-2022-32441MEDIUMCVSS 5.5EG 5.52022-07-07
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056.
- CVE-2022-32493MEDIUMCVSS 6.0EG 7.82022-10-12
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
- CVE-2022-32575MEDIUMCVSS 4.8EG 7.82023-02-16
Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-32588HIGHCVSS 7.8EG 7.82022-11-09
An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841 functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger …
- CVE-2022-32592MEDIUMCVSS 6.7EG 6.72022-10-07
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2022-32593MEDIUMCVSS 6.7EG 6.72022-10-07
In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS071384…
- CVE-2022-32594MEDIUMCVSS 6.7EG 6.72022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP…
- CVE-2022-32595MEDIUMCVSS 4.4EG 4.42023-02-06
In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0…
- CVE-2022-32596MEDIUMCVSS 6.7EG 6.72022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP…
- CVE-2022-32597MEDIUMCVSS 6.7EG 6.72022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP…
- CVE-2022-32598MEDIUMCVSS 6.7EG 6.72022-12-05
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALP…
- CVE-2022-32599MEDIUMCVSS 6.7EG 6.72023-04-06
In rpmb, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460390; Issue…
- CVE-2022-32603MEDIUMCVSS 6.7EG 6.72022-11-08
In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS…
- CVE-2022-32605MEDIUMCVSS 6.7EG 6.72022-11-08
In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0721…
- CVE-2022-32611MEDIUMCVSS 6.7EG 6.72022-11-08
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0734037…
- CVE-2022-32619MEDIUMCVSS 6.7EG 6.72022-12-05
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: A…
- CVE-2022-32620MEDIUMCVSS 6.7EG 6.72022-12-05
In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID…
- CVE-2022-32621MEDIUMCVSS 6.4EG 6.42022-12-05
In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Iss…
- CVE-2022-32622MEDIUMCVSS 6.7EG 6.72022-12-05
In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; …
- CVE-2022-32623MEDIUMCVSS 6.7EG 6.72023-01-03
In mdp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342…
- CVE-2022-32624MEDIUMCVSS 6.7EG 6.72022-12-05
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio…
- CVE-2022-32625MEDIUMCVSS 6.7EG 6.72022-12-05
In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS…
- CVE-2022-32626MEDIUMCVSS 6.7EG 6.72022-12-05
In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS…
- CVE-2022-32628MEDIUMCVSS 6.7EG 6.72022-12-05
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0731078…
- CVE-2022-32629MEDIUMCVSS 6.7EG 6.72022-12-05
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0731077…
- CVE-2022-32630MEDIUMCVSS 6.7EG 6.72022-12-05
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio…
- CVE-2022-32631MEDIUMCVSS 6.7EG 6.72022-12-05
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2022-32632MEDIUMCVSS 6.7EG 6.72022-12-05
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07…
- CVE-2022-32634MEDIUMCVSS 6.7EG 6.72022-12-05
In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS071…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →