CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,847 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 29 of 277
- CVE-2018-9430CRITICALCVSS 9.8EG 9.82024-12-02
In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploi…
- CVE-2018-9446CRITICALCVSS 9.8EG 9.82018-11-06
In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for …
- CVE-2018-9450HIGHCVSS 8.8EG 8.82018-11-06
In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for …
- CVE-2018-9462MEDIUMCVSS 6.7EG 7.82024-12-05
In store_cmd of ftm4_pdc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for …
- CVE-2018-9463MEDIUMCVSS 6.7EG 7.82024-12-05
In sw49408_irq_runtime_engine_debug of touch_sw49408.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User in…
- CVE-2018-9466HIGHCVSS 8.8EG 8.82024-11-19
In the xmlSnprintfElementContent function of valid.c, there is a possible out of bounds write. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User interaction is nee…
- CVE-2018-9469HIGHCVSS 7.8EG 8.42024-11-20
In multiple functions of ShortcutService.java, there is a possible creation of a spoofed shortcut due to a missing permission check. This could lead to local escalation of privilege in a privileged app with no additional execution privileg…
- CVE-2018-9470HIGHCVSS 8.8EG 8.82024-11-20
In bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege in an unprivileged app with no additional execution privileges needed. User …
- CVE-2018-9471HIGHCVSS 7.8EG 9.82024-11-20
In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User in…
- CVE-2018-9473HIGHCVSS 7.8EG 7.82018-10-02
In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed …
- CVE-2018-9475HIGHCVSS 8.8EG 7.52024-11-20
In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote escalation of privilege via Bluetooth, if the recipient has enabled SIP calls with no a…
- CVE-2018-9478CRITICALCVSS 9.8EG 9.82024-11-20
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. Use…
- CVE-2018-9479CRITICALCVSS 9.8EG 9.82024-11-20
In process_service_attr_req and process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. Use…
- CVE-2018-9491HIGHCVSS 7.8EG 7.82018-10-02
In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interacti…
- CVE-2018-9496HIGHCVSS 7.8EG 7.82018-10-02
In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed…
- CVE-2018-9497HIGHCVSS 7.8EG 7.82018-10-02
In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User intera…
- CVE-2018-9498HIGHCVSS 7.8EG 7.82018-10-02
In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. …
- CVE-2018-9504HIGHCVSS 8.8EG 8.82018-10-02
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution over bluetooth with no additional execution privileges needed. User interaction is…
- CVE-2018-9516HIGHCVSS 7.8EG 7.82018-11-06
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not n…
- CVE-2018-9518HIGHCVSS 7.8EG 7.82018-12-07
In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
- CVE-2018-9521HIGHCVSS 8.8EG 8.82018-11-14
In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. Use…
- CVE-2018-9522HIGHCVSS 7.8EG 7.82018-11-14
In the serialization functions of StatsLogEventWrapper.java, there is a possible out-of-bounds write due to unnecessary functionality which may be abused. This could lead to local escalation of privilege in the system process with no addit…
- CVE-2018-9527HIGHCVSS 7.8EG 7.82018-11-14
In vorbis_book_decodev_set of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitat…
- CVE-2018-9528HIGHCVSS 8.8EG 8.82018-11-14
In ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is …
- CVE-2018-9529HIGHCVSS 8.8EG 8.82018-11-14
In ixheaacd_individual_ch_stream of ixheaacd_channel.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is need…
- CVE-2018-9530HIGHCVSS 8.8EG 8.82018-11-14
In ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed …
- CVE-2018-9531HIGHCVSS 7.8EG 7.82018-11-14
In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for e…
- CVE-2018-9532HIGHCVSS 8.8EG 8.82018-11-14
In ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is ne…
- CVE-2018-9534HIGHCVSS 8.8EG 8.82018-11-14
In ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed…
- CVE-2018-9535HIGHCVSS 8.8EG 8.82018-11-14
In ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed f…
- CVE-2018-9536HIGHCVSS 7.8EG 7.82018-11-14
In numerous functions of libFDK, there are possible out of bounds writes due to incorrect bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. …
- CVE-2018-9537HIGHCVSS 8.8EG 8.82018-11-14
In CAacDecoder_DecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interacti…
- CVE-2018-9545HIGHCVSS 7.8EG 7.82018-11-14
In BTA_HdRegisterApp of bta_hd_api.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2018-9549HIGHCVSS 7.8EG 7.82018-12-06
In lppTransposer of lpp_tran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Pro…
- CVE-2018-9550HIGHCVSS 7.8EG 7.82018-12-06
In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitat…
- CVE-2018-9551HIGHCVSS 7.8EG 7.82018-12-06
In CAacDecoder_Init of aacdecoder.cpp, there is a possible out-of-bound write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is n…
- CVE-2018-9552MEDIUMCVSS 5.5EG 5.52018-12-06
In ihevcd_sao_shift_ctb of ihevcd_sao.c there is a possible out of bounds write due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitat…
- CVE-2018-9555HIGHCVSS 8.8EG 8.82018-12-06
In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is …
- CVE-2018-9556CRITICALCVSS 9.8EG 9.82018-12-06
In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not nee…
- CVE-2018-9558HIGHCVSS 7.8EG 7.82018-12-06
In rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC kernel with no additional execution privileges needed. User i…
- CVE-2018-9559HIGHCVSS 7.8EG 7.82018-12-06
In persist_set_key and other functions of cryptfs.cpp, there is a possible out-of-bounds write due to an uncaught error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n…
- CVE-2018-9560HIGHCVSS 7.8EG 7.82018-12-06
In HID_DevAddRecord of hidd_api.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth service with User execution privileges needed. User interaction is…
- CVE-2018-9569HIGHCVSS 8.8EG 8.82018-12-07
In impd_init_drc_decode_post_config of impd_drc_gain_decoder.c there is a possible out-of-bound write due to incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction …
- CVE-2018-9570HIGHCVSS 7.8EG 7.82018-12-07
In impd_parse_drc_ext_v1 of impd_drc_dynamic_payload.c there is a possible out-of-bound write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed …
- CVE-2018-9571HIGHCVSS 8.8EG 8.82018-12-07
In impd_parse_loud_eq_instructions of impd_drc_dynamic_payload.c there is a possible out-of-bound write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction …
- CVE-2018-9572HIGHCVSS 8.8EG 8.82018-12-07
In impd_drc_parse_coeff of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed f…
- CVE-2018-9573HIGHCVSS 7.8EG 7.82018-12-07
In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed…
- CVE-2018-9574HIGHCVSS 7.8EG 7.82018-12-07
In impd_parse_split_drc_characteristic of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interact…
- CVE-2018-9575HIGHCVSS 7.8EG 7.82018-12-07
In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction i…
- CVE-2018-9576HIGHCVSS 7.8EG 7.82018-12-07
In impd_parse_parametric_drc_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User inter…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →