CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,848 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 38 of 277
- CVE-2019-13766MEDIUMCVSS 6.5EG 6.52020-01-03
Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-13767HIGHCVSS 8.8EG 8.82020-01-10
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- CVE-2019-13916HIGHCVSS 8.8EG 8.82020-04-13
An issue was discovered in Cypress (formerly Broadcom) WICED Studio 6.2 CYW20735B1 and CYW20819A1. As a Bluetooth Low Energy (BLE) packet is received, it is copied into a Heap (ThreadX Block) buffer. The buffer allocated in dhmulp_getRxBuf…
- CVE-2019-1393HIGHCVSS 7.8EG 7.82019-11-12
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1394, CVE-2019-1395, CVE…
- CVE-2019-1394HIGHCVSS 7.8EG 7.82019-11-12
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1395, CVE…
- CVE-2019-1395HIGHCVSS 7.8EG 7.82019-11-12
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE…
- CVE-2019-13951CRITICALCVSS 9.8EG 9.82019-07-18
The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data.
- CVE-2019-13952CRITICALCVSS 9.8EG 9.82019-07-18
The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data.
- CVE-2019-1396HIGHCVSS 7.8EG 7.82019-11-12
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE…
- CVE-2019-13989HIGHCVSS 7.8EG 7.82019-07-19
dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat() function in main.c.
- CVE-2019-13994HIGHCVSS 7.8EG 7.82020-09-08
u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, …
- CVE-2019-13995HIGHCVSS 7.8EG 7.82020-09-08
u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti…
- CVE-2019-13998HIGHCVSS 7.8EG 7.82020-09-08
u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connecti…
- CVE-2019-13999HIGHCVSS 7.8EG 7.82020-09-08
u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Con…
- CVE-2019-14000HIGHCVSS 7.8EG 7.82020-03-05
Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon…
- CVE-2019-14015HIGHCVSS 7.8EG 7.82020-03-05
A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snap…
- CVE-2019-14017CRITICALCVSS 9.8EG 9.82020-01-21
Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sna…
- CVE-2019-14028HIGHCVSS 7.8EG 7.82020-03-05
Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT…
- CVE-2019-14050HIGHCVSS 7.8EG 7.82020-03-05
Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon…
- CVE-2019-14073CRITICALCVSS 9.8EG 9.82020-06-22
Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Snapdragon Auto, Snapdragon Compute, Snap…
- CVE-2019-14074HIGHCVSS 7.8EG 7.82020-09-08
u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapd…
- CVE-2019-1408HIGHCVSS 7.8EG 7.82019-11-12
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE…
- CVE-2019-14080CRITICALCVSS 9.8EG 9.82020-06-22
Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables…
- CVE-2019-14105HIGHCVSS 7.8EG 7.82020-04-16
Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150
- CVE-2019-14119HIGHCVSS 7.0EG 7.02020-09-08
u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,…
- CVE-2019-14123HIGHCVSS 7.8EG 7.82020-07-30
Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure a…
- CVE-2019-14130HIGHCVSS 7.8EG 7.82020-07-30
Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS40…
- CVE-2019-14131CRITICALCVSS 9.8EG 9.82020-04-16
Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd…
- CVE-2019-14132CRITICALCVSS 9.8EG 9.82020-04-16
Buffer over-write when this 0-byte buffer is typecasted to some other structure and hence memory corruption in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150
- CVE-2019-14192CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.
- CVE-2019-14193CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length.
- CVE-2019-14194CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case.
- CVE-2019-14195CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length.
- CVE-2019-14196CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply.
- CVE-2019-14198CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case.
- CVE-2019-14200CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply.
- CVE-2019-14201CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply.
- CVE-2019-14202CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply.
- CVE-2019-14203CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply.
- CVE-2019-14204CRITICALCVSS 9.8EG 9.82019-07-31
An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply.
- CVE-2019-14209CRITICALCVSS 9.8EG 9.82019-07-21
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm.
- CVE-2019-14210HIGHCVSS 7.5EG 7.52019-07-21
An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object.
- CVE-2019-14247MEDIUMCVSS 5.5EG 5.52019-07-24
The scan() function in mad.c in mpg321 0.3.2 allows remote attackers to trigger an out-of-bounds write via a zero bitrate in an MP3 file.
- CVE-2019-14250MEDIUMCVSS 5.5EG 5.52019-07-24
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
- CVE-2019-1426HIGHCVSS 7.5EG 7.52019-11-12
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, C…
- CVE-2019-14267HIGHCVSS 7.8EG 7.82019-07-29
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
- CVE-2019-1427HIGHCVSS 7.5EG 7.52019-11-12
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, C…
- CVE-2019-14274MEDIUMCVSS 5.5EG 5.52019-07-26
MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c.
- CVE-2019-14275MEDIUMCVSS 5.5EG 5.52019-07-26
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.
- CVE-2019-1428HIGHCVSS 7.5EG 7.52019-11-12
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, C…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →