CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,853 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 60 of 278
- CVE-2020-0120HIGHCVSS 7.8EG 7.82020-07-17
In notifyErrorForPendingRequests of QCamera3HWI.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i…
- CVE-2020-0123CRITICALCVSS 9.8EG 9.82020-09-17
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374
- CVE-2020-0124MEDIUMCVSS 6.7EG 6.72020-06-11
In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need…
- CVE-2020-0129HIGHCVSS 7.8EG 7.82020-06-11
In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed fo…
- CVE-2020-0131HIGHCVSS 8.8EG 8.82020-06-11
In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for expl…
- CVE-2020-0136HIGHCVSS 7.8EG 7.82020-06-11
In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction…
- CVE-2020-0138CRITICALCVSS 9.8EG 9.82020-06-11
In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which it isn't in typical Android platforms, with no addition…
- CVE-2020-0150HIGHCVSS 7.8EG 7.82020-06-11
In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not …
- CVE-2020-0153MEDIUMCVSS 6.7EG 6.72020-06-11
In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…
- CVE-2020-0155HIGHCVSS 7.8EG 7.82020-06-11
In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not n…
- CVE-2020-0165MEDIUMCVSS 6.7EG 6.72020-06-11
In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege via compromised device firmware with System execution pri…
- CVE-2020-0168HIGHCVSS 8.8EG 8.82020-06-11
In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interac…
- CVE-2020-0186MEDIUMCVSS 6.7EG 6.72020-06-11
In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitatio…
- CVE-2020-0190HIGHCVSS 8.8EG 8.82020-06-11
In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitat…
- CVE-2020-0194HIGHCVSS 8.8EG 8.82020-06-11
In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is n…
- CVE-2020-0213MEDIUMCVSS 6.5EG 6.52020-06-11
In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges neede…
- CVE-2020-0216HIGHCVSS 7.8EG 7.82020-06-11
In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ne…
- CVE-2020-0217CRITICALCVSS 9.8EG 9.82020-06-11
In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploit…
- CVE-2020-0218HIGHCVSS 7.0EG 7.02020-06-11
In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User inte…
- CVE-2020-0220MEDIUMCVSS 6.7EG 6.72020-05-14
In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed …
- CVE-2020-0223CRITICALCVSS 9.8EG 9.82020-06-16
This is an unbounded write into kernel global memory, via a user-controlled buffer size.Product: AndroidVersions: Android kernelAndroid ID: A-135130450
- CVE-2020-0224CRITICALCVSS 9.8EG 9.82020-07-17
In FastKeyAccumulator::GetKeysSlow of keys.cc, there is a possible out of bounds write due to type confusion. This could lead to remote code execution when processing a proxy configuration with no additional execution privileges needed. Us…
- CVE-2020-0225CRITICALCVSS 9.8EG 9.82020-07-17
In a2dp_vendor_ldac_decoder_decode_packet of a2dp_vendor_ldac_decoder.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User …
- CVE-2020-0226HIGHCVSS 7.8EG 7.82020-07-17
In createWithSurfaceParent of Client.cpp, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interacti…
- CVE-2020-0229CRITICALCVSS 9.8EG 9.82020-09-17
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725
- CVE-2020-0230CRITICALCVSS 9.8EG 9.82020-07-17
There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156337262
- CVE-2020-0231CRITICALCVSS 9.8EG 9.82020-07-17
There is a possible out of bounds write due to an incorrect bounds check. Product: AndroidVersions: Android SoCAndroid ID: A-156333727
- CVE-2020-0233HIGHCVSS 7.8EG 7.82020-06-11
In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And…
- CVE-2020-0234HIGHCVSS 7.8EG 7.82020-06-16
In crus_afe_get_param of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not…
- CVE-2020-0235CRITICALCVSS 9.8EG 9.82020-06-16
In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size" variable, and then use that variable as the size parameter for "copy_from_user", ending up overwriting memory following "crus_sp_hdr". "crus_sp_hdr" is a static variab…
- CVE-2020-0240HIGHCVSS 8.8EG 8.82020-08-11
In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.…
- CVE-2020-0241HIGHCVSS 7.8EG 7.82020-08-11
In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not nee…
- CVE-2020-0245HIGHCVSS 8.8EG 8.82020-09-17
In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is …
- CVE-2020-0252CRITICALCVSS 9.8EG 9.82020-08-11
There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803
- CVE-2020-0253CRITICALCVSS 9.8EG 9.82020-08-11
There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365
- CVE-2020-0256MEDIUMCVSS 6.8EG 6.82020-08-11
In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed.…
- CVE-2020-0264HIGHCVSS 8.8EG 8.82020-09-17
In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVer…
- CVE-2020-0273HIGHCVSS 7.8EG 7.82020-09-18
In hwservicemanager, there is a possible out of bounds write due to freeing a wild pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Pr…
- CVE-2020-0278CRITICALCVSS 9.8EG 9.82020-09-17
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574
- CVE-2020-0283CRITICALCVSS 9.1EG 9.12020-10-14
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163008257
- CVE-2020-0309MEDIUMCVSS 6.7EG 6.72020-09-18
In the Bluetooth server, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System privileges and a Firmware compromise needed. User interaction is not needed for explo…
- CVE-2020-0319HIGHCVSS 7.8EG 7.82020-09-18
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is needed for exploitation.…
- CVE-2020-0321HIGHCVSS 8.8EG 8.82020-09-17
In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidV…
- CVE-2020-0326MEDIUMCVSS 6.7EG 6.72020-09-18
In NFC, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: …
- CVE-2020-0330MEDIUMCVSS 6.7EG 6.72020-09-17
In iorap, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege and code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: …
- CVE-2020-0334MEDIUMCVSS 6.7EG 6.72020-09-18
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitat…
- CVE-2020-0335MEDIUMCVSS 6.7EG 6.72020-09-18
In NFC, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges and a Firmware compromise needed. User interaction is not needed for exploitat…
- CVE-2020-0336MEDIUMCVSS 6.7EG 6.72020-09-17
In SurfaceFlinger, there is possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion…
- CVE-2020-0342CRITICALCVSS 9.8EG 9.82020-09-17
There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576
- CVE-2020-0346HIGHCVSS 7.8EG 7.82020-09-17
In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default), with no additional execution privileges…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →