CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,848 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 43 of 277
- CVE-2019-19785HIGHCVSS 7.8EG 7.82019-12-13
ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file.
- CVE-2019-19786HIGHCVSS 7.8EG 7.82019-12-13
ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file.
- CVE-2019-19787HIGHCVSS 7.8EG 7.82019-12-13
ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file.
- CVE-2019-19795HIGHCVSS 7.8EG 7.82019-12-13
samurai 0.7 has a heap-based buffer overflow in canonpath in util.c via a crafted build file.
- CVE-2019-19796HIGHCVSS 7.8EG 7.82019-12-13
Yabasic 2.86.2 has a heap-based buffer overflow in myformat in function.c via a crafted BASIC source file.
- CVE-2019-19797MEDIUMCVSS 5.5EG 5.52019-12-15
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
- CVE-2019-19814HIGHCVSS 7.8EG 7.82019-12-17
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
- CVE-2019-19816HIGHCVSS 7.8EG 7.82019-12-17
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes …
- CVE-2019-19840CRITICALCVSS 9.8EG 9.82020-01-22
A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request.
- CVE-2019-19847HIGHCVSS 8.1EG 8.12019-12-17
Libspiro through 20190731 has a stack-based buffer overflow in the spiro_to_bpath0() function in spiro.c.
- CVE-2019-1986HIGHCVSS 8.8EG 8.82019-02-28
In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege in system_server with no additional execution privileges needed. User i…
- CVE-2019-1987HIGHCVSS 7.8EG 7.82019-02-28
In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.…
- CVE-2019-1988HIGHCVSS 8.8EG 8.82019-02-28
In sample6 of SkSwizzler.cpp, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution in system_server with no additional execution privileges needed. User interaction is needed fo…
- CVE-2019-1989HIGHCVSS 8.8EG 8.82019-06-19
In ih264d_fmt_conv_420sp_to_420p of ih264d_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is n…
- CVE-2019-1990HIGHCVSS 8.8EG 8.82019-06-19
In ihevcd_fmt_conv_420sp_to_420p of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is need…
- CVE-2019-19906HIGHCVSS 7.5EG 7.52019-12-19
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string i…
- CVE-2019-1991HIGHCVSS 8.8EG 8.82019-02-28
In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. P…
- CVE-2019-19918HIGHCVSS 7.8EG 7.82019-12-20
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
- CVE-2019-1993HIGHCVSS 7.8EG 7.82019-02-28
In register_app of btif_hd.cc, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitati…
- CVE-2019-19931HIGHCVSS 8.8EG 8.82019-12-23
In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c has a heap-based buffer overflow.
- CVE-2019-19943HIGHCVSS 7.5EG 7.52020-02-28
The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double fre…
- CVE-2019-19948CRITICALCVSS 9.8EG 9.82019-12-24
In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in the function WriteSGIImage of coders/sgi.c.
- CVE-2019-19951CRITICALCVSS 9.8EG 9.82019-12-24
In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buffer overflow in the function ImportRLEPixels of coders/miff.c.
- CVE-2019-19988HIGHCVSS 8.8EG 8.82020-02-26
An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. A user with valid credentials is able to create and write XML files on the filesystem via /common/vam_editXml.php in the web interface. The vulnerable PHP …
- CVE-2019-2000HIGHCVSS 7.8EG 7.82019-02-28
In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation…
- CVE-2019-20016MEDIUMCVSS 6.5EG 6.52019-12-27
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.…
- CVE-2019-20024MEDIUMCVSS 6.5EG 6.52019-12-27
A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4.
- CVE-2019-2006CRITICALCVSS 9.8EG 9.82019-06-19
In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the audio server with no additional execution privileges needed. User interaction…
- CVE-2019-2007CRITICALCVSS 9.8EG 9.82019-06-19
In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the audio server with no additional execution privileges n…
- CVE-2019-2008HIGHCVSS 7.5EG 7.52019-06-19
In createEffect of AudioFlinger.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio…
- CVE-2019-2009HIGHCVSS 8.8EG 8.82019-06-19
In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not neede…
- CVE-2019-20094HIGHCVSS 8.8EG 8.82019-12-30
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c.
- CVE-2019-2010HIGHCVSS 7.8EG 7.82019-06-19
In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i…
- CVE-2019-2011HIGHCVSS 7.8EG 7.82019-06-19
In readNullableNativeHandleNoDup of Parcel.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…
- CVE-2019-2012HIGHCVSS 8.8EG 8.82019-06-19
In rw_t3t_act_handle_fmt_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed fo…
- CVE-2019-2013HIGHCVSS 8.8EG 8.82019-06-19
In rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed fo…
- CVE-2019-2014HIGHCVSS 8.8EG 8.82019-06-19
In rw_t3t_handle_get_sc_poll_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is neede…
- CVE-2019-20140HIGHCVSS 8.8EG 8.82019-12-30
An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c.
- CVE-2019-2015HIGHCVSS 8.8EG 8.82019-06-19
In rw_t3t_act_handle_check_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed …
- CVE-2019-2016HIGHCVSS 8.8EG 8.82019-06-19
In NFA_SendRawFrame of nfa_dm_api.cc, there is a possible out-of-bound write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for …
- CVE-2019-20160MEDIUMCVSS 5.5EG 5.52019-12-31
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c.
- CVE-2019-20161MEDIUMCVSS 5.5EG 5.52019-12-31
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c.
- CVE-2019-20162MEDIUMCVSS 5.5EG 5.52019-12-31
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gf_isom_box_parse_ex() in isomedia/box_funcs.c.
- CVE-2019-2017HIGHCVSS 7.8EG 7.82019-06-19
In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n…
- CVE-2019-20208MEDIUMCVSS 5.5EG 5.52020-01-02
dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow.
- CVE-2019-2027HIGHCVSS 8.8EG 8.82019-04-19
In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.…
- CVE-2019-2029HIGHCVSS 8.8EG 8.82019-04-19
In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corruption due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Produc…
- CVE-2019-2031HIGHCVSS 7.8EG 7.82019-04-19
In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no…
- CVE-2019-2032HIGHCVSS 7.8EG 7.82019-04-19
In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interact…
- CVE-2019-20326HIGHCVSS 7.8EG 7.82020-03-16
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execut…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →