CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,886 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 79 of 278
- CVE-2020-3293HIGHCVSS 7.2EG 7.22020-06-18
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrativ…
- CVE-2020-3294HIGHCVSS 7.2EG 7.22020-06-18
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrativ…
- CVE-2020-3295HIGHCVSS 7.2EG 7.22020-06-18
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrativ…
- CVE-2020-3296HIGHCVSS 7.2EG 7.22020-06-18
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrativ…
- CVE-2020-3309HIGHCVSS 7.2EG 7.22020-05-06
A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improp…
- CVE-2020-3415HIGHCVSS 8.8EG 8.82020-08-27
A vulnerability in the Data Management Engine (DME) of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges or cause a denial of service (DoS) condition on an affec…
- CVE-2020-35113HIGHCVSS 8.8EG 8.82021-01-07
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitr…
- CVE-2020-35114HIGHCVSS 8.8EG 8.82021-01-07
Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulner…
- CVE-2020-35376HIGHCVSS 7.5EG 7.52020-12-26
Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.
- CVE-2020-35448LOWCVSS 3.3EG 3.32020-12-27
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_…
- CVE-2020-3545MEDIUMCVSS 6.0EG 6.72020-09-04
A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition. The vulnerability is due to incorrect bounds checking of values that are parsed from …
- CVE-2020-35452HIGHCVSS 7.3EG 7.32021-06-10
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though som…
- CVE-2020-35457HIGHCVSS 7.8EG 7.82020-12-14
GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to …
- CVE-2020-35492HIGHCVSS 7.8EG 7.82021-03-18
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an applicati…
- CVE-2020-35524HIGHCVSS 7.8EG 7.82021-03-09
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confiden…
- CVE-2020-35530MEDIUMCVSS 5.5EG 5.52022-09-01
In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
- CVE-2020-35654HIGHCVSS 8.8EG 8.82021-01-12
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
- CVE-2020-35702HIGHCVSS 7.8EG 7.82020-12-25
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 r…
- CVE-2020-35738MEDIUMCVSS 6.1EG 6.12020-12-28
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also aff…
- CVE-2020-35799HIGHCVSS 8.8EG 8.82020-12-30
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 be…
- CVE-2020-35843MEDIUMCVSS 5.5EG 5.52021-01-26
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e.
- CVE-2020-35844HIGHCVSS 7.8EG 7.82021-01-26
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.
- CVE-2020-35845HIGHCVSS 7.8EG 7.82021-01-26
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.
- CVE-2020-35858CRITICALCVSS 9.8EG 9.82020-12-31
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM).
- CVE-2020-35859CRITICALCVSS 9.1EG 9.12020-12-31
An issue was discovered in the lucet-runtime-internals crate before 0.5.1 for Rust. It mishandles sigstack allocation. Guest programs may be able to obtain sensitive information, or guest programs can experience memory corruption.
- CVE-2020-35881CRITICALCVSS 9.8EG 9.82020-12-31
An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x.
- CVE-2020-35895CRITICALCVSS 9.8EG 9.82020-12-31
An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion.
- CVE-2020-35924MEDIUMCVSS 5.5EG 5.52020-12-31
An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type.
- CVE-2020-35963HIGHCVSS 7.8EG 7.82021-01-03
flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion.
- CVE-2020-35964MEDIUMCVSS 6.5EG 6.52021-01-03
track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.
- CVE-2020-35965HIGHCVSS 7.5EG 7.52021-01-04
decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.
- CVE-2020-35979HIGHCVSS 7.8EG 7.82021-04-21
An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c.
- CVE-2020-3603HIGHCVSS 7.8EG 7.82020-11-06
Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation…
- CVE-2020-3604HIGHCVSS 7.8EG 7.82020-11-06
Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation…
- CVE-2020-36129HIGHCVSS 8.8EG 8.82021-12-02
AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c.
- CVE-2020-36131HIGHCVSS 8.8EG 8.82021-12-02
AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c.
- CVE-2020-36150MEDIUMCVSS 6.5EG 6.52021-02-08
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
- CVE-2020-36151MEDIUMCVSS 6.5EG 6.52021-02-08
Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
- CVE-2020-36177CRITICALCVSS 9.8EG 9.82021-01-06
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
- CVE-2020-3619HIGHCVSS 7.0EG 7.02020-09-08
u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon…
- CVE-2020-36203MEDIUMCVSS 4.7EG 4.72021-01-26
An issue was discovered in the reffers crate through 2020-12-01 for Rust. ARefss can contain a !Send,!Sync object, leading to a data race and memory corruption.
- CVE-2020-36206HIGHCVSS 7.0EG 7.02021-01-26
An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur.
- CVE-2020-36207HIGHCVSS 7.0EG 7.02021-01-26
An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec<T> does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.
- CVE-2020-36208HIGHCVSS 7.8EG 7.82021-01-26
An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption.
- CVE-2020-3621MEDIUMCVSS 5.5EG 5.52020-09-08
u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdr…
- CVE-2020-36210HIGHCVSS 7.8EG 7.82021-01-26
An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption.
- CVE-2020-36211HIGHCVSS 7.0EG 7.02021-01-26
An issue was discovered in the gfwx crate before 0.3.0 for Rust. Because ImageChunkMut does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.
- CVE-2020-36215HIGHCVSS 7.5EG 7.52021-01-26
An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur.
- CVE-2020-36216MEDIUMCVSS 5.9EG 5.92021-01-26
An issue was discovered in Input<R> in the eventio crate before 0.5.1 for Rust. Because a non-Send type can be sent to a different thread, a data race and memory corruption can occur.
- CVE-2020-36217MEDIUMCVSS 5.9EG 5.92021-01-26
An issue was discovered in the may_queue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur.
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →