CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,844 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 15 of 277
- CVE-2018-13794CRITICALCVSS 9.8EG 9.82018-07-09
A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0.
- CVE-2018-13833HIGHCVSS 7.8EG 7.82018-07-10
An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFile function in image.cpp allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impa…
- CVE-2018-13871CRITICALCVSS 9.8EG 9.82018-07-10
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c.
- CVE-2018-13872CRITICALCVSS 9.8EG 9.82018-07-10
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.
- CVE-2018-13874CRITICALCVSS 9.8EG 9.82018-07-10
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
- CVE-2018-13876CRITICALCVSS 9.8EG 9.82018-07-10
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
- CVE-2018-13898CRITICALCVSS 9.8EG 9.82019-06-14
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & …
- CVE-2018-13924CRITICALCVSS 9.8EG 9.82019-07-22
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdra…
- CVE-2018-14346HIGHCVSS 8.8EG 8.82018-07-17
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
- CVE-2018-14350CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.
- CVE-2018-14352CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.
- CVE-2018-14358CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
- CVE-2018-14360CRITICALCVSS 9.8EG 9.82018-07-17
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
- CVE-2018-14402HIGHCVSS 7.5EG 7.52018-07-19
axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp.
- CVE-2018-14446HIGHCVSS 8.8EG 8.82018-07-20
MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file.
- CVE-2018-14451HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.
- CVE-2018-14453HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.
- CVE-2018-14455HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h.
- CVE-2018-14456HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp.
- CVE-2018-14457HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp.
- CVE-2018-14458HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h.
- CVE-2018-14459HIGHCVSS 8.8EG 8.82018-07-20
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.
- CVE-2018-14492HIGHCVSS 7.5EG 7.52018-07-21
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI.
- CVE-2018-14496CRITICALCVSS 9.8EG 9.82019-07-10
Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. NOTE: The vendor has disputed this as a vulnerability and…
- CVE-2018-14550HIGHCVSS 8.8EG 8.82019-07-10
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
- CVE-2018-14551CRITICALCVSS 9.8EG 9.82018-07-23
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
- CVE-2018-1459HIGHCVSS 7.8EG 7.82018-05-25
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. IBM X-Forc…
- CVE-2018-14600CRITICALCVSS 9.8EG 9.82018-08-24
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code executi…
- CVE-2018-14610MEDIUMCVSS 5.5EG 5.52018-07-27
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a correspond…
- CVE-2018-14632HIGHCVSS 7.7EG 7.72018-09-06
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api …
- CVE-2018-14633HIGHCVSS 7.0EG 7.02018-09-25
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack …
- CVE-2018-14653HIGHCVSS 8.8EG 8.82018-10-31
The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. A remote authenticated attacker could exploit this to cause a de…
- CVE-2018-14681HIGHCVSS 8.8EG 8.82018-07-28
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.
- CVE-2018-14779MEDIUMCVSS 6.8EG 6.82018-08-15
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) { fprintf(st…
- CVE-2018-14807CRITICALCVSS 9.8EG 9.82018-10-18
A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution.
- CVE-2018-14810HIGHCVSS 8.8EG 8.82018-10-08
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior parse files and pass invalidated user data to an unsafe method call, which may allow code to be executed in the context of an adminis…
- CVE-2018-14813CRITICALCVSS 9.8EG 9.82018-09-26
Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow vulnerability has been identified, which may allow remote code execution.
- CVE-2018-14815CRITICALCVSS 9.8EG 9.82018-09-26
Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write vulnerabilities have been identified, which may allow remote code execution.
- CVE-2018-14816CRITICALCVSS 9.8EG 9.82018-10-23
Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code.
- CVE-2018-14818CRITICALCVSS 9.8EG 9.82018-10-08
WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2.34 and prior have a stack-based buffer overflow vulnerability which may allow remote code execution.
- CVE-2018-14823CRITICALCVSS 9.8EG 9.82018-09-26
Fuji Electric V-Server 4.0.3.0 and prior, A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
- CVE-2018-14944HIGHCVSS 7.8EG 7.82018-08-05
An issue has been found in jpeg_encoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpeg_encoder.cpp. The signal is caused by an out-of-bounds write.
- CVE-2018-14945HIGHCVSS 7.8EG 7.82018-08-05
An issue has been found in jpeg_encoder through 2015-11-27. It is a heap-based buffer overflow in the function readFromBMP in jpeg_encoder.cpp.
- CVE-2018-15127CRITICALCVSS 9.8EG 9.82018-12-19
LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
- CVE-2018-15209HIGHCVSS 8.8EG 8.82018-08-08
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as d…
- CVE-2018-15361CRITICALCVSS 9.8EG 9.82019-03-05
UltraVNC revision 1198 has a buffer underflow vulnerability in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1…
- CVE-2018-15419HIGHCVSS 7.8EG 7.82018-10-05
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the…
- CVE-2018-15421HIGHCVSS 7.8EG 7.82018-10-05
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the…
- CVE-2018-15422HIGHCVSS 7.8EG 7.82018-10-05
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the…
- CVE-2018-15431HIGHCVSS 7.3EG 7.32018-10-05
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →