CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,882 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 74 of 278
- CVE-2020-23886MEDIUMCVSS 5.5EG 5.52021-11-10
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted pict file. Related to a User Mode Write AV starting at ntdll!RtlpLowFragHeapFree.
- CVE-2020-23887MEDIUMCVSS 5.5EG 5.52021-11-10
XnView MP v0.96.4 was discovered to contain a heap overflow which allows attackers to cause a denial of service (DoS) via a crafted ico file. Related to a Read Access Violation starting at USER32!SmartStretchDIBits+0x33.
- CVE-2020-23888MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor!TMethodImplementationIntercept+0x53f6c3 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted psd file.
- CVE-2020-23889MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV starting at Editor!TMethodImplementationIntercept+0x4189c6 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted ico file.
- CVE-2020-23891MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor+0x5cd7 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.
- CVE-2020-23893MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor!TMethodImplementationIntercept+0x3c3682 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.
- CVE-2020-23894MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in ntdll!RtlpCoalesceFreeBlocks+0x268 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.
- CVE-2020-23895MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor+0x76af of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.
- CVE-2020-23896MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor+0x576b of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tiff file.
- CVE-2020-23897MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor!TMethodImplementationIntercept+0x54dcec of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
- CVE-2020-23898MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor+0x5ea2 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
- CVE-2020-23899MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor+0x5f91 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
- CVE-2020-23901MEDIUMCVSS 5.5EG 5.52021-11-10
A User Mode Write AV in Editor+0x5d15 of WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file.
- CVE-2020-23904MEDIUMCVSS 5.5EG 5.52021-11-10
A stack buffer overflow in speexenc.c of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. NOTE: the vendor states "I cannot reproduce it" and it "is a demo program.
- CVE-2020-23907CRITICALCVSS 9.8EG 9.82021-04-21
An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, Memory Disclosure, and Possible Code Ex…
- CVE-2020-23910MEDIUMCVSS 5.5EG 5.52023-07-18
Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genhash.c.
- CVE-2020-24027CRITICALCVSS 9.8EG 9.82021-01-11
In Live Networks, Inc., liblivemedia version 20200625, there is a potential buffer overflow bug in the server handling of a RTSP "PLAY" command, when the command specifies seeking by absolute time.
- CVE-2020-24055CRITICALCVSS 9.8EG 9.82020-08-21
Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack b…
- CVE-2020-24133CRITICALCVSS 9.8EG 9.82021-07-14
A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.
- CVE-2020-24175HIGHCVSS 7.8EG 7.82021-02-22
Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filename handling.
- CVE-2020-24265HIGHCVSS 7.5EG 7.52020-10-19
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
- CVE-2020-24266HIGHCVSS 7.5EG 7.52020-10-19
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
- CVE-2020-24338CRITICALCVSS 9.8EG 9.82020-12-11
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual …
- CVE-2020-24345HIGHCVSS 7.8EG 7.82020-08-13
JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option
- CVE-2020-24352MEDIUMCVSS 5.5EG 5.52020-10-16
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through …
- CVE-2020-24387HIGHCVSS 7.5EG 7.52020-10-19
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write op…
- CVE-2020-24388HIGHCVSS 7.5EG 7.52020-10-19
An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that w…
- CVE-2020-24397HIGHCVSS 7.2EG 7.22020-10-02
An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-bas…
- CVE-2020-24411HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrar…
- CVE-2020-24412HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This …
- CVE-2020-24413HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This …
- CVE-2020-24414HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This …
- CVE-2020-24415HIGHCVSS 7.8EG 7.82020-10-20
Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This …
- CVE-2020-24436HIGHCVSS 7.8EG 7.82020-11-05
Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory struc…
- CVE-2020-24462HIGHCVSS 7.8EG 7.82021-02-17
Out of bounds write in the Intel(R) Graphics Driver before version 15.33.53.5161, 15.36.40.5162, 15.40.47.5166, 15.45.33.5164 and 27.20.100.8336 may allow an authenticated user to potentially enable an escalation of privilege via local acc…
- CVE-2020-24473HIGHCVSS 7.8EG 7.82021-06-09
Out of bounds write in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2020-24480MEDIUMCVSS 4.4EG 4.42021-02-17
Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.
- CVE-2020-24646CRITICALCVSS 9.8EG 9.82020-10-19
A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- CVE-2020-24658HIGHCVSS 7.8EG 7.82020-12-24
Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (abo…
- CVE-2020-24659HIGHCVSS 7.5EG 7.52020-09-04
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens…
- CVE-2020-24753CRITICALCVSS 9.8EG 9.82020-09-17
A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder. An u…
- CVE-2020-24829MEDIUMCVSS 5.5EG 5.52021-08-04
An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.
- CVE-2020-24863MEDIUMCVSS 5.5EG 5.52020-09-03
A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via…
- CVE-2020-24870HIGHCVSS 8.8EG 8.82021-06-02
Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identify_process_dng_fields in identify.cpp.
- CVE-2020-24994HIGHCVSS 8.8EG 8.82021-03-23
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.15.0 allows remote attackers to cause a denial of service or remote code execution via a crafted file.
- CVE-2020-24999HIGHCVSS 7.8EG 7.82020-09-03
There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentati…
- CVE-2020-2501CRITICALCVSS 9.8EG 9.82021-02-17
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability …
- CVE-2020-25014CRITICALCVSS 9.8EG 9.82020-11-27
A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.
- CVE-2020-25021CRITICALCVSS 9.8EG 9.82020-09-04
An issue was discovered in Noise-Java through 2020-08-27. ChaChaPolyCipherState.encryptWithAd() allows out-of-bounds access.
- CVE-2020-25022CRITICALCVSS 9.8EG 9.82020-09-04
An issue was discovered in Noise-Java through 2020-08-27. AESGCMFallbackCipherState.encryptWithAd() allows out-of-bounds access.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →