CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,848 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 45 of 277
- CVE-2019-2071HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20713MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D8500 before 1.0.3.44, R6250 before 1.0.4.34, R6300v2 before 1.0.4.32, R6400 before 1.0.1.46, R6700 before 1.0.2.6, R6900 before 1…
- CVE-2019-20716MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v4 before 1.0.0.110 and DGND2200Bv4 before 1.0.0.109.
- CVE-2019-2072HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20723MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, DM200 before 1.0.0.58, EX2700 before 1.0.1.48, EX6100v2 befor…
- CVE-2019-20725MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0…
- CVE-2019-2073HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: And…
- CVE-2019-20733MEDIUMCVSS 6.7EG 6.72020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.110, DG…
- CVE-2019-20735MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D3600 before 1.0.0.75, D6000 before V1.0.0.75, D6100 before V1.0.0.63, R7800 before v1.0.2.52, R8900 before v1.0.4.2, R9000 before…
- CVE-2019-20736MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6000 before 1.0.0.72, D6100 before 1.0.0.63, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before…
- CVE-2019-20737MEDIUMCVSS 6.7EG 6.72020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.44, D6400 before 1.0.0.78, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v4 before 1.0.0.106, DG…
- CVE-2019-2074HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20740MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, R7300 before 1.0.0.70, R8300 before 1.0.2.130, and R8500 before 1.0.2.13…
- CVE-2019-20747MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.58, D7800 before 1.0.1.40, R7500v2 before 1.0.3.34, R7800 before 1.0.2.52, R8900 before 1.0.4.2, R9000 before 1…
- CVE-2019-20748MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.44, R7500v2 before 1.0.3.38, R7800 before 1.0.2.52, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before …
- CVE-2019-2075HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20751MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, DM200 before 1.0.0.61, EX2700 before 1.0.1.48, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2…
- CVE-2019-20753HIGHCVSS 8.8EG 8.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects DGN2200v1 before 1.0.0.58, D8500 before 1.0.3.42, D7000v2 before 1.0.0.51, D6400 before 1.0.0.78, D6220 before 1.0.0.44, JND…
- CVE-2019-20755MEDIUMCVSS 6.8EG 6.82020-04-16
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6220 before 1.0.0.46, D6400 before 1.0.0.80, D7000v2 before 1.0.0.51, D8500 before 1.0.3.42, DGN2200v1 before 1.0.0.58, DGN2200B …
- CVE-2019-2076HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20763MEDIUMCVSS 6.8EG 6.82020-04-16
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
- CVE-2019-20764MEDIUMCVSS 6.8EG 6.82020-04-16
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
- CVE-2019-20765MEDIUMCVSS 6.8EG 6.82020-04-16
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
- CVE-2019-20766MEDIUMCVSS 6.8EG 6.82020-04-16
NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based buffer overflow by an authenticated user.
- CVE-2019-20767HIGHCVSS 7.2EG 7.22020-04-15
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.60, D3600 before 1.0.0.75, D6000 before 1.0.0.75, R9000 before 1.0.4.26, R8900 before 1.0.4.26, R7800 before 1.…
- CVE-2019-2077HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-2078HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20788CRITICALCVSS 9.8EG 9.82020-04-23
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
- CVE-2019-20791CRITICALCVSS 9.8EG 9.82020-04-28
OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.
- CVE-2019-20797HIGHCVSS 7.5EG 7.52020-05-18
An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.
- CVE-2019-20799HIGHCVSS 7.5EG 7.52020-05-18
In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server.
- CVE-2019-2080HIGHCVSS 8.8EG 8.82019-09-27
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersio…
- CVE-2019-20800CRITICALCVSS 9.8EG 9.82020-05-18
In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.
- CVE-2019-2081HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-2082HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20822CRITICALCVSS 9.8EG 9.82020-06-04
An issue was discovered in the 3D Plugin Beta for Foxit Reader and PhantomPDF before 9.7.0.29430. It has an out-of-bounds write via incorrect image data.
- CVE-2019-20825CRITICALCVSS 9.8EG 9.82020-06-04
An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Internet Explorer is used.
- CVE-2019-20827CRITICALCVSS 9.8EG 9.82020-06-04
An issue was discovered in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac before 3.3. It allows stack consumption because of interaction between ICC-Based color space and Alternate color space.
- CVE-2019-2083HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20830CRITICALCVSS 9.8EG 9.82020-06-04
An issue was discovered in Foxit Reader and PhantomPDF before 9.6. It has an out-of-bounds write when Internet Explorer is used.
- CVE-2019-2084HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-20840HIGHCVSS 7.5EG 7.52020-06-17
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
- CVE-2019-2085HIGHCVSS 8.8EG 8.82019-09-27
In libxaac there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-2086HIGHCVSS 8.8EG 8.82019-09-27
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersio…
- CVE-2019-2087HIGHCVSS 8.8EG 8.82019-09-27
In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersio…
- CVE-2019-20912HIGHCVSS 8.8EG 8.82020-07-16
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a stack overflow in bits.c, possibly related to bit_read_TF.
- CVE-2019-2093HIGHCVSS 8.8EG 8.82019-06-07
In huff_dec_1D of nlc_dec.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Pro…
- CVE-2019-2094HIGHCVSS 7.8EG 7.82019-06-07
In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out of bounds write due to missing bounds checks. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for expl…
- CVE-2019-2099HIGHCVSS 7.8EG 7.82019-06-07
In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed…
- CVE-2019-2106HIGHCVSS 8.8EG 8.82019-07-08
In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploit…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →