CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,847 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 25 of 277
- CVE-2018-6170HIGHCVSS 8.8EG 8.82019-01-09
A bad cast in PDFium in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
- CVE-2018-6187MEDIUMCVSS 5.5EG 5.52018-01-24
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote attackers could leverage the vulnerability to cause a denial of service via a crafted pdf…
- CVE-2018-6235HIGHCVSS 7.8EG 7.82018-05-25
An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by …
- CVE-2018-6240HIGHCVSS 7.8EG 7.82019-09-06
NVIDIA Tegra contains a vulnerability in BootRom where a user with kernel level privileges can write an arbitrary value to an arbitrary physical address
- CVE-2018-6304HIGHCVSS 7.5EG 7.52018-03-13
Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service
- CVE-2018-6344HIGHCVSS 7.5EG 7.52018-12-31
A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android prior to v2.18.293, WhatsApp for iOS pr…
- CVE-2018-6345CRITICALCVSS 9.8EG 9.82019-01-15
The function number_format is vulnerable to a heap overflow issue when its second argument ($dec_points) is excessively large. The internal implementation of the function will cause a string to be created with an invalid length, which can …
- CVE-2018-6349CRITICALCVSS 9.8EG 9.82019-06-14
When receiving calls using WhatsApp for Android, a missing size check when parsing a sender-provided packet allowed for a stack-based overflow. This issue affects WhatsApp for Android prior to 2.18.248 and WhatsApp Business for Android pri…
- CVE-2018-6358HIGHCVSS 8.8EG 8.82018-01-27
The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file.
- CVE-2018-6462HIGHCVSS 7.8EG 7.82018-01-31
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a craf…
- CVE-2018-6485CRITICALCVSS 9.8EG 9.82018-02-01
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially …
- CVE-2018-6551CRITICALCVSS 9.8EG 9.82018-02-02
The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer t…
- CVE-2018-6638CRITICALCVSS 9.8EG 9.82018-02-28
A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. T…
- CVE-2018-6639CRITICALCVSS 9.8EG 9.82018-02-28
An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d.
- CVE-2018-6640CRITICALCVSS 9.8EG 9.82018-02-28
A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can modify the next pointer of a linked list. This is fixed in 6.9d.
- CVE-2018-6692CRITICALCVSS 10.0EG 10.02018-08-21
Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet.
- CVE-2018-6758CRITICALCVSS 9.8EG 9.82018-02-06
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
- CVE-2018-6797CRITICALCVSS 9.8EG 9.82018-04-17
An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.
- CVE-2018-6832HIGHCVSS 7.5EG 7.52018-07-09
Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P …
- CVE-2018-6913CRITICALCVSS 9.8EG 9.82018-04-17
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.
- CVE-2018-6973HIGHCVSS 8.8EG 8.82018-08-15
VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.
- CVE-2018-7183CRITICALCVSS 9.8EG 9.82018-03-08
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
- CVE-2018-7186CRITICALCVSS 9.8EG 9.82018-02-16
Leptonica before 1.75.3 does not limit the number of characters in a %s format argument to fscanf or sscanf, which allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact…
- CVE-2018-7240HIGHCVSS 8.8EG 8.82018-04-18
A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a den…
- CVE-2018-7264CRITICALCVSS 9.8EG 9.82018-02-28
The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using …
- CVE-2018-7359CRITICALCVSS 9.0EG 9.82018-11-16
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code.
- CVE-2018-7487HIGHCVSS 7.8EG 7.82018-02-26
There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4. A Crafted input will lead to a denial of service or possibly unspecified other impact.
- CVE-2018-7499CRITICALCVSS 9.8EG 9.82018-05-15
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-b…
- CVE-2018-7509HIGHCVSS 8.8EG 8.82018-05-04
WPLSoft in Delta Electronics versions 2.45.0 and prior writes data from a file outside the bounds of the intended buffer space, which could cause memory corruption or may allow remote code execution.
- CVE-2018-7513MEDIUMCVSS 5.3EG 5.32018-03-21
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow.
- CVE-2018-7514HIGHCVSS 7.8EG 7.82018-04-17
Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server version…
- CVE-2018-7517MEDIUMCVSS 5.3EG 5.32018-03-21
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability.
- CVE-2018-7519MEDIUMCVSS 5.3EG 5.32018-03-21
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow.
- CVE-2018-7550HIGHCVSS 8.8EG 8.82018-03-01
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-boun…
- CVE-2018-7553CRITICALCVSS 9.8EG 9.82018-02-28
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
- CVE-2018-7561CRITICALCVSS 9.8EG 9.82018-03-01
Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.
- CVE-2018-7814HIGHCVSS 7.8EG 7.82019-02-06
A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file
- CVE-2018-7867MEDIUMCVSS 6.5EG 6.52018-03-08
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.
- CVE-2018-7873MEDIUMCVSS 6.5EG 6.52018-03-08
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack.
- CVE-2018-7877MEDIUMCVSS 6.5EG 6.52018-03-08
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for DOUBLE data. A Crafted input will lead to a denial of service attack.
- CVE-2018-7987MEDIUMCVSS 5.9EG 5.92018-12-04
There is an out-of-bounds write vulnerability on Huawei P20 smartphones with versions before 8.1.0.171(C00). The software does not handle the response message properly when the user doing certain inquiry operation, an attacker could send c…
- CVE-2018-8000HIGHCVSS 8.8EG 8.82018-03-09
In PoDoFo 0.9.5, there exists a heap-based buffer overflow vulnerability in PoDoFo::PdfTokenizer::GetNextToken() in PdfTokenizer.cpp, a related issue to CVE-2017-5886. Remote attackers could leverage this vulnerability to cause a denial-of…
- CVE-2018-8072HIGHCVSS 8.8EG 8.82018-04-26
An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /came…
- CVE-2018-8100HIGHCVSS 7.8EG 7.82018-03-14
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonst…
- CVE-2018-8110HIGHCVSS 7.5EG 7.52018-06-14
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8…
- CVE-2018-8111HIGHCVSS 7.5EG 7.52018-06-14
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8…
- CVE-2018-8114HIGHCVSS 7.5EG 7.52018-05-09
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is uni…
- CVE-2018-8118HIGHCVSS 7.5EG 7.52018-04-19
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10.
- CVE-2018-8122HIGHCVSS 7.5EG 7.52018-05-09
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is uni…
- CVE-2018-8125HIGHCVSS 7.5EG 7.52018-07-11
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8262, CVE-2018-8…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →