CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,863 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 66 of 278
- CVE-2020-13111HIGHCVSS 7.5EG 7.52020-05-16
NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/driver.c ChunkedDecode function not properly validating the length of a chunk. A remote attacker can craft a chunked-transfer request that will result in a negative value…
- CVE-2020-13361LOWCVSS 3.9EG 3.92020-05-28
In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.
- CVE-2020-13398HIGHCVSS 8.3EG 8.32020-05-22
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
- CVE-2020-13428HIGHCVSS 7.8EG 7.82020-06-08
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute a…
- CVE-2020-13440MEDIUMCVSS 6.5EG 6.52020-05-24
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
- CVE-2020-13493HIGHCVSS 7.8EG 7.82020-12-02
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To…
- CVE-2020-13494MEDIUMCVSS 5.5EG 5.52020-12-02
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which c…
- CVE-2020-13495MEDIUMCVSS 5.5EG 5.52022-04-18
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensi…
- CVE-2020-1350CRITICALCVSS 10.0EG 10.0⚠ KEV2020-07-14
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.
- CVE-2020-13520HIGHCVSS 7.8EG 7.82020-12-11
An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote…
- CVE-2020-13524MEDIUMCVSS 5.5EG 5.52020-12-03
An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in m…
- CVE-2020-13545HIGHCVSS 7.8EG 7.82021-01-06
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length u…
- CVE-2020-13546HIGHCVSS 7.8EG 7.82021-02-10
In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will…
- CVE-2020-13547HIGHCVSS 8.8EG 8.82020-12-22
A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbi…
- CVE-2020-1355HIGHCVSS 7.8EG 7.82020-07-14
A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vul…
- CVE-2020-13556CRITICALCVSS 9.8EG 9.82020-12-11
An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker…
- CVE-2020-13561HIGHCVSS 8.8EG 8.82021-02-10
An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
- CVE-2020-13571HIGHCVSS 8.8EG 8.82021-02-10
An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vuln…
- CVE-2020-13572HIGHCVSS 8.8EG 8.82021-02-10
A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An atta…
- CVE-2020-13579HIGHCVSS 7.8EG 7.82021-02-04
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may…
- CVE-2020-13580HIGHCVSS 7.8EG 7.82021-02-04
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly tru…
- CVE-2020-13581HIGHCVSS 7.8EG 7.82021-02-10
In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy…
- CVE-2020-13585HIGHCVSS 8.8EG 8.82021-02-10
An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vuln…
- CVE-2020-13586HIGHCVSS 7.8EG 8.82021-02-04
A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflo…
- CVE-2020-13598MEDIUMCVSS 6.3EG 6.32021-05-25
FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/se…
- CVE-2020-13600HIGHCVSS 7.0EG 7.02021-05-25
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GH…
- CVE-2020-13656CRITICALCVSS 9.8EG 9.82020-06-12
In Morgan Stanley Hobbes through 2020-05-21, the array implementation lacks bounds checking, allowing exploitation of an out-of-bounds (OOB) read/write vulnerability that leads to both local and remote code (via RPC) execution.
- CVE-2020-13765MEDIUMCVSS 5.6EG 5.62020-06-04
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
- CVE-2020-13768CRITICALCVSS 9.8EG 9.82020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this prod…
- CVE-2020-1378HIGHCVSS 7.5EG 7.82020-08-17
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A local…
- CVE-2020-1379MEDIUMCVSS 5.5EG 5.52020-08-17
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accou…
- CVE-2020-1380HIGHCVSS 7.8EG 9.0⚠ KEV2020-08-17
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the con…
- CVE-2020-13811HIGHCVSS 7.8EG 7.82020-06-04
An issue was discovered in Foxit Studio Photo before 3.6.6.922. It has an out-of-bounds write via a crafted TIFF file.
- CVE-2020-13878CRITICALCVSS 9.8EG 9.82024-01-05
IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write.
- CVE-2020-13879CRITICALCVSS 9.8EG 9.82024-01-05
IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds write.
- CVE-2020-13880CRITICALCVSS 9.8EG 9.82024-01-05
IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write.
- CVE-2020-13901CRITICALCVSS 9.8EG 9.82020-06-10
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow.
- CVE-2020-13916CRITICALCVSS 9.8EG 9.82020-07-28
A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R6…
- CVE-2020-13985HIGHCVSS 7.5EG 7.52020-12-11
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.
- CVE-2020-13995CRITICALCVSS 9.8EG 9.82020-09-25
U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global vari…
- CVE-2020-14074HIGHCVSS 8.8EG 8.82020-06-15
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a …
- CVE-2020-14076HIGHCVSS 8.8EG 8.82020-06-15
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action st_dev_connect, st_dev_disconne…
- CVE-2020-14077HIGHCVSS 8.8EG 8.82020-06-15
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or …
- CVE-2020-14078HIGHCVSS 8.8EG 8.82020-06-15
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wifi_captive_portal_login with …
- CVE-2020-14079HIGHCVSS 8.8EG 8.82020-06-15
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action auto_up_fw (or auto_up_lp) with…
- CVE-2020-14080CRITICALCVSS 9.8EG 9.82020-06-15
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to apply_sec.cgi via the action ping_test with a sufficie…
- CVE-2020-14094CRITICALCVSS 9.8EG 9.82020-06-24
In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution.
- CVE-2020-14095CRITICALCVSS 9.8EG 9.82020-06-24
In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution.
- CVE-2020-14107HIGHCVSS 7.5EG 7.52022-01-18
A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN.
- CVE-2020-14125HIGHCVSS 7.5EG 7.52022-06-08
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by attackers to make denial of service.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →