CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,844 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 17 of 277
- CVE-2018-16981HIGHCVSS 8.8EG 8.82018-09-12
stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function.
- CVE-2018-16986HIGHCVSS 8.8EG 8.82018-11-06
Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.
- CVE-2018-16999MEDIUMCVSS 5.5EG 5.52018-09-13
Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file.
- CVE-2018-17022HIGHCVSS 7.2EG 7.22018-09-13
Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then send…
- CVE-2018-17043HIGHCVSS 7.8EG 7.82018-09-14
An issue has been found in doc2txt through 2014-03-19. It is a heap-based buffer overflow in the function Storage::init in Storage.cpp, called from parse_doc in parse_doc.cpp.
- CVE-2018-17065CRITICALCVSS 9.8EG 9.82018-09-15
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.
- CVE-2018-17067CRITICALCVSS 9.8EG 9.82018-09-15
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.
- CVE-2018-17095HIGHCVSS 8.8EG 8.82018-09-16
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
- CVE-2018-17098HIGHCVSS 8.8EG 8.82018-09-16
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified other impact, as demonstrated by SoundStretc…
- CVE-2018-17101HIGHCVSS 8.8EG 8.82018-09-16
An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted …
- CVE-2018-17141CRITICALCVSS 9.8EG 9.82018-09-21
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
- CVE-2018-17156MEDIUMCVSS 5.9EG 5.92018-11-28
In FreeBSD before 11.2-STABLE(r340268) and 11.2-RELEASE-p5, due to incorrectly accounting for padding on 64-bit platforms, a buffer underwrite could occur when constructing an ICMP reply packet when using a non-standard value for the net.i…
- CVE-2018-17160CRITICALCVSS 10.0EG 10.02018-12-04
In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary …
- CVE-2018-17174CRITICALCVSS 9.8EG 9.82018-09-21
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using t…
- CVE-2018-17229MEDIUMCVSS 6.5EG 6.52018-09-19
Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
- CVE-2018-17230MEDIUMCVSS 6.5EG 6.52018-09-19
Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file.
- CVE-2018-17333CRITICALCVSS 9.8EG 9.82018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact bec…
- CVE-2018-17334CRITICALCVSS 9.8EG 9.82018-09-22
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified …
- CVE-2018-17338HIGHCVSS 7.8EG 7.82018-09-23
An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc.
- CVE-2018-17408HIGHCVSS 7.8EG 7.82018-10-03
Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 through build 10b allow remote attackers to execute arbitrary code via a crafted CSV file that is accessed through the Import CSV File menu.
- CVE-2018-17433MEDIUMCVSS 6.5EG 6.52018-09-24
A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF fi…
- CVE-2018-17436MEDIUMCVSS 6.5EG 6.52018-09-24
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
- CVE-2018-17439MEDIUMCVSS 6.5EG 6.52018-09-24
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
- CVE-2018-17474HIGHCVSS 8.8EG 8.82018-11-14
Use after free in HTMLImportsController in Blink in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-17479HIGHCVSS 8.8EG 8.82019-06-27
Incorrect object lifetime calculations in GPU code in Google Chrome prior to 70.0.3538.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-17480HIGHCVSS 8.8EG 9.0⚠ KEV2018-12-11
Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- CVE-2018-17481HIGHCVSS 8.8EG 8.82018-12-11
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- CVE-2018-17692HIGHCVSS 8.8EG 8.82019-01-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or o…
- CVE-2018-17706HIGHCVSS 8.8EG 8.82018-10-29
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious…
- CVE-2018-17795HIGHCVSS 8.8EG 8.82018-09-30
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file…
- CVE-2018-17901HIGHCVSS 7.8EG 7.82018-10-17
LAquis SCADA Versions 4.1.0.3870 and prior, when processing project files the application fails to sanitize user input prior to performing write operations on a stack object, which may allow an attacker to execute code under the current pr…
- CVE-2018-17911HIGHCVSS 7.8EG 7.82018-10-17
LAquis SCADA Versions 4.1.0.3870 and prior has several stack-based buffer overflow vulnerabilities, which may allow remote code execution.
- CVE-2018-17916CRITICALCVSS 9.8EG 9.82018-11-02
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerabili…
- CVE-2018-17927HIGHCVSS 7.8EG 7.82018-10-11
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files lacking user input validation, which may cause the syste…
- CVE-2018-17929HIGHCVSS 7.8EG 7.82018-10-11
In Delta Industrial Automation TPEditor, TPEditor Versions 1.90 and prior, multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files lacking user input validation before copying dat…
- CVE-2018-17930CRITICALCVSS 9.8EG 9.82018-11-28
A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution.
- CVE-2018-17937HIGHCVSS 8.8EG 8.82019-03-13
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or cra…
- CVE-2018-17942HIGHCVSS 8.8EG 8.82018-10-03
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
- CVE-2018-18026HIGHCVSS 7.8EG 7.82018-10-19
IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addres…
- CVE-2018-18064MEDIUMCVSS 6.5EG 6.52018-10-08
cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-im…
- CVE-2018-18274HIGHCVSS 7.8EG 7.82018-10-12
A issue was found in pdfalto 0.2. There is a heap-based buffer overflow in the TextPage::addAttributsNode function in XmlAltoOutputDev.cc.
- CVE-2018-18311CRITICALCVSS 9.8EG 9.82018-12-07
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- CVE-2018-18335HIGHCVSS 8.8EG 8.82018-12-11
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-18336HIGHCVSS 8.8EG 8.82018-12-11
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- CVE-2018-18337HIGHCVSS 8.8EG 8.82018-12-11
Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-18338HIGHCVSS 8.8EG 8.82018-12-11
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-18339HIGHCVSS 8.8EG 8.82018-12-11
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-18340HIGHCVSS 8.8EG 8.82018-12-11
Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-18341HIGHCVSS 8.8EG 8.82018-12-11
An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2018-18342HIGHCVSS 8.8EG 8.82018-12-11
Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbo…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →