CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,849 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 52 of 277
- CVE-2019-6957CRITICALCVSS 9.8EG 9.82019-05-29
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, …
- CVE-2019-6963HIGHCVSS 8.8EG 8.82019-06-20
A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-20181217-1 CcspPandM module may allow attackers with login credentials to achieve remote code execution by crafting a long buffer in the "Comment" field of an IP reservation…
- CVE-2019-6977HIGHCVSS 8.8EG 9.02019-01-27
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overf…
- CVE-2019-6982MEDIUMCVSS 5.5EG 5.52019-01-28
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter an Out-of-Bounds Write and crash during the handling of certain PDF files that embed specifically crafted 3…
- CVE-2019-6989HIGHCVSS 8.8EG 8.82019-06-06
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a bu…
- CVE-2019-6991CRITICALCVSS 9.8EG 9.82019-01-28
A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username.
- CVE-2019-7019CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7027CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7037CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7039CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7052CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7060CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7079HIGHCVSS 8.8EG 8.82019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7094CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7095CRITICALCVSS 9.8EG 9.82019-05-24
Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7098CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7099CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7100CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7101CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7102CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7103CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7104CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
- CVE-2019-7111HIGHCVSS 8.8EG 8.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7113CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrar…
- CVE-2019-7118CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7119CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7120CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7124CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to a…
- CVE-2019-7125HIGHCVSS 8.8EG 8.82019-05-23
Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrar…
- CVE-2019-7130CRITICALCVSS 9.8EG 9.82019-05-23
Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Successful exploitation could lead to remote code execution.
- CVE-2019-7132HIGHCVSS 8.8EG 8.82019-05-23
Adobe Bridge CC versions 9.0.2 have an out-of-bounds write vulnerability. Successful exploitation could lead to remote code execution.
- CVE-2019-7137MEDIUMCVSS 6.5EG 6.52019-05-23
Adobe Bridge CC versions 9.0.2 have a memory corruption vulnerability. Successful exploitation could lead to information disclosure.
- CVE-2019-7154MEDIUMCVSS 6.5EG 6.52019-01-29
The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst() in emscripten-optimizer/simple_ast.h. A crafted input can cause…
- CVE-2019-7232HIGHCVSS 8.8EG 8.82019-06-24
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler (SEH) address. An unauthenticated attacker…
- CVE-2019-7264CRITICALCVSS 9.8EG 9.82019-07-02
Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on the ARM platform.
- CVE-2019-7286HIGHCVSS 7.8EG 9.0⚠ KEV2019-12-18
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. An application may be able to gain elevated privileges.
- CVE-2019-7287HIGHCVSS 7.8EG 9.0⚠ KEV2019-12-18
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.
- CVE-2019-7293MEDIUMCVSS 5.5EG 5.52019-12-18
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to read kernel memory.
- CVE-2019-7321CRITICALCVSS 9.8EG 9.82019-06-13
Usage of an uninitialized variable in the function fz_load_jpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code.
- CVE-2019-7358HIGHCVSS 7.8EG 7.82019-04-09
An exploitable heap overflow vulnerability in the DXF-parsing functionality in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodesk…
- CVE-2019-7359HIGHCVSS 7.8EG 7.82019-04-09
An exploitable heap overflow vulnerability in the AcCellMargin handling code in Autodesk Advance Steel 2018, Autodesk AutoCAD 2018, Autodesk AutoCAD Architecture 2018, Autodesk AutoCAD Electrical 2018, Autodesk AutoCAD Map 3D 2018, Autodes…
- CVE-2019-7401CRITICALCVSS 9.8EG 9.82019-02-08
NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or possibly have unspecified other …
- CVE-2019-7482CRITICALCVSS 9.8EG 9.82019-12-19
Stack-based buffer overflow in SonicWall SMA100 allows an unauthenticated user to execute arbitrary code in function libSys.so. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.
- CVE-2019-7559MEDIUMCVSS 5.5EG 5.52019-02-07
In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15, opening a specially crafted input file leads to an out of bounds write in pusht_bfr.
- CVE-2019-7575HIGHCVSS 8.8EG 8.82019-02-07
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
- CVE-2019-7629CRITICALCVSS 9.8EG 9.82019-02-18
Stack-based buffer overflow in the strip_vt102_codes function in TinTin++ 2.01.6 and WinTin++ 2.01.6 allows remote attackers to execute arbitrary code by sending a long message to the client.
- CVE-2019-7637HIGHCVSS 8.8EG 8.82019-02-08
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
- CVE-2019-7659HIGHCVSS 8.1EG 8.12019-02-09
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ l…
- CVE-2019-7664MEDIUMCVSS 5.5EG 5.52019-02-09
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
- CVE-2019-7713CRITICALCVSS 9.8EG 9.82019-03-26
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. There is a heap-based buffer overflow in the function responsible for printing the shell prompt, when a custom modifier is used to displ…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →