CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,849 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 58 of 277
- CVE-2019-9276MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the synaptics_dsx_htc touchscreen driver there is a possible out of bounds write due to a use after free. This could lead to a local escalation of privilege with System execution privileges needed. User interaction…
- CVE-2019-9278HIGHCVSS 8.8EG 8.82019-09-27
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for …
- CVE-2019-9288MEDIUMCVSS 6.8EG 6.82019-09-27
In libhidcommand_jni, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the USB service with no additional execution privileges needed. User interaction is not needed…
- CVE-2019-9290HIGHCVSS 7.8EG 7.82019-09-27
In tzdata there is possible memory corruption due to a mismatch between allocation and deallocation functions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed …
- CVE-2019-9297HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9298HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9299HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9300HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9301CRITICALCVSS 9.8EG 9.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9302HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9303HIGHCVSS 8.8EG 8.82019-09-27
In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: …
- CVE-2019-9304HIGHCVSS 8.8EG 8.82019-09-27
In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers…
- CVE-2019-9305HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9306HIGHCVSS 8.8EG 8.82019-09-27
In libMpegTPDec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers…
- CVE-2019-9307HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9308HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9309HIGHCVSS 7.3EG 7.32019-09-27
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Andr…
- CVE-2019-9310HIGHCVSS 8.8EG 8.82019-09-27
In libFDK, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: …
- CVE-2019-9346HIGHCVSS 8.8EG 8.82019-09-27
In libstagefright, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Androi…
- CVE-2019-9357HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9358HIGHCVSS 7.3EG 7.32019-09-27
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to a to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Andr…
- CVE-2019-9363HIGHCVSS 8.8EG 8.82019-09-27
In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers…
- CVE-2019-9375MEDIUMCVSS 6.4EG 6.42019-09-27
In hostapd, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersion…
- CVE-2019-9382HIGHCVSS 8.8EG 8.82019-09-27
In libeffects, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVer…
- CVE-2019-9386HIGHCVSS 7.3EG 7.32019-09-27
In NFC server, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is needed for expl…
- CVE-2019-9405HIGHCVSS 8.8EG 8.82019-09-27
In libAACdec, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersion…
- CVE-2019-9423HIGHCVSS 7.8EG 7.82019-09-27
In opencv calls that use libpng, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges required. User interaction is not required for…
- CVE-2019-9426MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in Bluetooth there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploita…
- CVE-2019-9429HIGHCVSS 7.8EG 7.82019-09-27
In profman, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi…
- CVE-2019-9441MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the mnh driver there is a possible out of bounds write due to improper input validation. This could lead to escalation of privilege with System execution privileges needed. User interaction is not needed for exploi…
- CVE-2019-9442MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the mnh driver there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System privileges required. User interaction is not needed for exploitation.
- CVE-2019-9443MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the vl53L0 driver there is a possible out of bounds write due to a permissions bypass. This could lead to local escalation of privilege due to a set_fs() call without restoring the previous limit with System execut…
- CVE-2019-9446MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interacti…
- CVE-2019-9448MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the FingerTipS touchscreen driver there is a possible out of bounds write due to a missing bounds check. This could lead to a local escalation of privilege with System execution privileges needed. User interaction …
- CVE-2019-9450MEDIUMCVSS 6.4EG 6.42019-09-06
In the Android kernel in the FingerTipS touchscreen driver there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not nee…
- CVE-2019-9451MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in the touchscreen driver there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
- CVE-2019-9454MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
- CVE-2019-9456MEDIUMCVSS 6.7EG 6.72019-09-06
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for e…
- CVE-2019-9459CRITICALCVSS 9.8EG 9.82019-09-27
In libttspico, there is a possible OOB write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android…
- CVE-2019-9468HIGHCVSS 7.8EG 7.82020-01-06
In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation…
- CVE-2019-9469HIGHCVSS 7.8EG 7.82020-01-06
In km_compute_shared_hmac of km4.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f…
- CVE-2019-9470MEDIUMCVSS 6.7EG 6.72020-01-06
In dma_sblk_start of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitati…
- CVE-2019-9471MEDIUMCVSS 6.7EG 6.72020-01-06
In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploit…
- CVE-2019-9500HIGHCVSS 7.9EG 8.32020-01-16
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to t…
- CVE-2019-9501HIGHCVSS 7.9EG 7.92020-02-03
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, b…
- CVE-2019-9502HIGHCVSS 7.9EG 7.92020-02-03
The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending s…
- CVE-2019-9544HIGHCVSS 8.8EG 8.82019-03-01
An issue was discovered in Bento4 1.5.1-628. An out of bounds write occurs in AP4_CttsTableEntry::AP4_CttsTableEntry() located in Core/Ap4Array.h. It can be triggered by sending a crafted file to (for example) the mp42hls binary. It allows…
- CVE-2019-9569CRITICALCVSS 9.8EG 9.82019-08-26
Buffer Overflow in dactetra in Delta Controls enteliBUS Manager V3.40_B-571848 allows remote unauthenticated users to execute arbitrary code and possibly cause a denial of service via unspecified vectors.
- CVE-2019-9627HIGHCVSS 7.0EG 7.02019-03-08
A buffer overflow in the kernel driver CybKernelTracker.sys in CyberArk Endpoint Privilege Manager versions prior to 10.7 allows an attacker (without Administrator privileges) to escalate privileges or crash the machine by loading an image…
- CVE-2019-9687CRITICALCVSS 9.8EG 9.82019-03-11
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →