CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,848 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 41 of 277
- CVE-2019-17041CRITICALCVSS 9.8EG 9.82019-10-07
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but…
- CVE-2019-17094HIGHCVSS 8.3EG 8.32020-01-27
A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware versio…
- CVE-2019-17135HIGHCVSS 7.8EG 7.82020-02-08
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op…
- CVE-2019-17139HIGHCVSS 8.8EG 8.82019-10-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op…
- CVE-2019-17144HIGHCVSS 8.8EG 8.82019-10-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op…
- CVE-2019-17145HIGHCVSS 8.8EG 8.82019-10-25
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or op…
- CVE-2019-17212CRITICALCVSS 9.8EG 9.82019-11-05
Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once a…
- CVE-2019-17241HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d563.
- CVE-2019-17242HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000966f.
- CVE-2019-17245HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0000000000004359.
- CVE-2019-17246HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000258c.
- CVE-2019-17248HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000025b6.
- CVE-2019-17249HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x000000000000d57b.
- CVE-2019-17250HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x00000000000042f5.
- CVE-2019-17251HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlugInInfo+0x0000000000007d43.
- CVE-2019-17252HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_BadPNG+0x0000000000000115.
- CVE-2019-17253HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x000000000000a6b8.
- CVE-2019-17254HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at FORMATS!Read_BadPNG+0x0000000000000101.
- CVE-2019-17255HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0000000000010836.
- CVE-2019-17256HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0x0000000000001203.
- CVE-2019-17258HIGHCVSS 7.8EG 7.82019-10-08
IrfanView 4.53 allows Data from a Faulting Address to control a subsequent Write Address starting at JPEG_LS+0x000000000000839c.
- CVE-2019-17259HIGHCVSS 7.8EG 7.82019-10-08
KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_new+0x000000000014d6ee.
- CVE-2019-17261HIGHCVSS 7.8EG 7.82019-10-08
XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001e51.
- CVE-2019-17262HIGHCVSS 7.8EG 7.82019-10-08
XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0000000000001fc0.
- CVE-2019-17358HIGHCVSS 8.1EG 8.12019-12-12
Cacti through 1.2.7 is affected by multiple instances of lib/functions.php unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions take…
- CVE-2019-17424HIGHCVSS 7.8EG 7.82019-10-22
A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a craft…
- CVE-2019-17455CRITICALCVSS 9.8EG 9.82019-10-10
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c…
- CVE-2019-17540HIGHCVSS 8.8EG 8.82019-10-14
ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.
- CVE-2019-17542CRITICALCVSS 9.8EG 9.82019-10-14
FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
- CVE-2019-17543HIGHCVSS 8.1EG 8.12019-10-14
LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor sta…
- CVE-2019-17546HIGHCVSS 8.8EG 8.82019-10-14
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
- CVE-2019-17601CRITICALCVSS 9.8EG 9.82019-10-15
In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19862 and CVE-2018-19861. NOTE: this product is discontinued.
- CVE-2019-17603HIGHCVSS 7.8EG 7.82020-06-02
Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using cr…
- CVE-2019-17624HIGHCVSS 7.8EG 7.82019-10-16
"" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in the function XQueryKeymap. For example, by sending ct.c_char 1000 times, an attacker can cause a denial of service (application crash) or possibly have unspecified othe…
- CVE-2019-17652MEDIUMCVSS 6.5EG 6.52020-02-06
A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to cause FortiClient processes running under root priviledge crashes via sending specially crafted "StartAvCustomScan" type …
- CVE-2019-17656MEDIUMCVSS 5.4EG 5.42021-04-12
A Stack-based Buffer Overflow vulnerability in the HTTPD daemon of FortiOS 6.0.10 and below, 6.2.2 and below and FortiProxy 1.0.x, 1.1.x, 1.2.9 and below, 2.0.0 and below may allow an authenticated remote attacker to crash the service by s…
- CVE-2019-1788MEDIUMCVSS 5.5EG 5.52019-04-08
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on a…
- CVE-2019-18218HIGHCVSS 7.8EG 7.82019-10-21
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
- CVE-2019-18224CRITICALCVSS 9.8EG 9.82019-10-21
idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
- CVE-2019-18240CRITICALCVSS 9.8EG 9.82019-11-13
In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code.
- CVE-2019-18257CRITICALCVSS 9.8EG 9.82019-12-17
In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple stack-based buffer overflow vulnerabilities exist in the file transfer service listening on the TCP port. Successful exploitation could allow an unauthenticated attacke…
- CVE-2019-18288HIGHCVSS 8.8EG 8.82019-12-12
A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with valid authentication at the RMI interface could be able to gain remote code execution through an unsecured file u…
- CVE-2019-18289CRITICALCVSS 9.8EG 9.82019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sendin…
- CVE-2019-18290HIGHCVSS 7.5EG 7.52019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010…
- CVE-2019-18291HIGHCVSS 7.5EG 7.52019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010…
- CVE-2019-18292HIGHCVSS 7.5EG 7.52019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010…
- CVE-2019-18293CRITICALCVSS 9.8EG 9.82019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sendin…
- CVE-2019-18294HIGHCVSS 7.5EG 7.52019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010…
- CVE-2019-18295CRITICALCVSS 9.8EG 9.82019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sendin…
- CVE-2019-18296CRITICALCVSS 9.8EG 9.82019-12-12
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sendin…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →