CWE-787— Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.— MITRE CWE catalog
13,887 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 90 of 278
- CVE-2020-9929HIGHCVSS 7.1EG 7.12020-10-22
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory.
- CVE-2020-9932HIGHCVSS 8.8EG 8.82020-10-27
A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution.
- CVE-2020-9936HIGHCVSS 7.8EG 7.82020-10-16
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for …
- CVE-2020-9937HIGHCVSS 7.8EG 7.82020-10-22
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for …
- CVE-2020-9955HIGHCVSS 7.8EG 7.82021-04-02
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.0, tvOS 14.0, iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code exec…
- CVE-2020-9958HIGHCVSS 7.8EG 7.82020-10-16
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.0 and iPadOS 14.0. An application may be able to cause unexpected system termination or write kernel memory.
- CVE-2020-9967HIGHCVSS 7.8EG 7.82021-04-02
Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, i…
- CVE-2020-9980HIGHCVSS 7.8EG 7.82020-10-22
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. Processing a maliciously crafted font file may lead to arbitrary…
- CVE-2020-9983HIGHCVSS 8.8EG 8.82020-10-16
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
- CVE-2020-9999HIGHCVSS 7.8EG 7.82020-12-08
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution.
- CVE-2021-0075MEDIUMCVSS 5.5EG 5.52021-11-17
Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and some Killer(TM) WiFi in Windows 10 may allow a privileged user to potentially enable denial of service via local access.
- CVE-2021-0113MEDIUMCVSS 6.5EG 6.52021-06-09
Out of bounds write in the BMC firmware for Intel(R) Server Board M10JNP2SB before version EFI BIOS 7215, BMC 8100.01.08 may allow an unauthenticated user to potentially enable a denial of service via adjacent access.
- CVE-2021-0116HIGHCVSS 7.8EG 7.82022-02-09
Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
- CVE-2021-0153HIGHCVSS 7.8EG 7.82022-05-12
Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.
- CVE-2021-0200MEDIUMCVSS 6.7EG 6.72021-11-17
Out-of-bounds write in the firmware for Intel(R) Ethernet 700 Series Controllers before version 8.2 may allow a privileged user to potentially enable an escalation of privilege via local access.
- CVE-2021-0254CRITICALCVSS 9.8EG 9.82021-04-22
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) conditio…
- CVE-2021-0276CRITICALCVSS 9.8EG 9.82021-07-15
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting w…
- CVE-2021-0301MEDIUMCVSS 6.7EG 6.72021-01-11
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Ver…
- CVE-2021-0308MEDIUMCVSS 6.8EG 6.82021-01-11
In ReadLogicalParts of basicmbr.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for …
- CVE-2021-0311MEDIUMCVSS 6.5EG 6.52021-01-11
In ElementaryStreamQueue::dequeueAccessUnitH264() of ESQueue.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User …
- CVE-2021-0312MEDIUMCVSS 6.5EG 6.52021-01-11
In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exp…
- CVE-2021-0316CRITICALCVSS 9.8EG 9.82021-01-11
In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is …
- CVE-2021-0318HIGHCVSS 7.8EG 7.82021-01-11
In appendEventsToCacheLocked of SensorEventConnection.cpp, there is a possible out of bounds write due to a use-after-free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i…
- CVE-2021-0325HIGHCVSS 8.8EG 8.82021-02-10
In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for…
- CVE-2021-0326HIGHCVSS 7.5EG 7.52021-02-10
In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privil…
- CVE-2021-0329HIGHCVSS 7.8EG 7.82021-02-10
In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges nee…
- CVE-2021-0343MEDIUMCVSS 6.7EG 6.72021-02-04
In kisd, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Ve…
- CVE-2021-0346MEDIUMCVSS 6.7EG 6.72021-02-04
In vpu, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; …
- CVE-2021-0348MEDIUMCVSS 6.7EG 6.72021-02-04
In vpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Ver…
- CVE-2021-0353MEDIUMCVSS 6.7EG 6.72021-02-03
In kisd, there is a possible memory corruption due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Vers…
- CVE-2021-0354MEDIUMCVSS 6.7EG 6.72021-02-03
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versio…
- CVE-2021-0357MEDIUMCVSS 6.7EG 6.72021-02-03
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android;…
- CVE-2021-0359MEDIUMCVSS 6.7EG 6.72021-02-03
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android;…
- CVE-2021-0360MEDIUMCVSS 6.7EG 6.72021-02-03
In netdiag, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Andro…
- CVE-2021-0362MEDIUMCVSS 6.7EG 6.72021-02-03
In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Vers…
- CVE-2021-0370MEDIUMCVSS 6.7EG 6.72021-03-10
In Write of NxpMfcReader.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed …
- CVE-2021-0393HIGHCVSS 7.8EG 7.82021-03-10
In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution…
- CVE-2021-0396CRITICALCVSS 9.8EG 9.82021-03-10
In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no ad…
- CVE-2021-0402MEDIUMCVSS 6.7EG 6.72021-02-26
In jpeg, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android;…
- CVE-2021-0405MEDIUMCVSS 6.7EG 6.72021-02-26
In performance driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Produc…
- CVE-2021-0406MEDIUMCVSS 6.7EG 6.72021-02-26
In cameraisp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Androi…
- CVE-2021-0407MEDIUMCVSS 6.7EG 6.72021-08-18
In clk driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: A…
- CVE-2021-0426HIGHCVSS 7.8EG 7.82021-04-13
In parsePrimaryFieldFirstUidAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interactio…
- CVE-2021-0427HIGHCVSS 7.8EG 7.82021-04-13
In parseExclusiveStateAnnotation of LogEvent.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is n…
- CVE-2021-0430CRITICALCVSS 9.8EG 9.82021-04-13
In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional execution privileges needed. User interact…
- CVE-2021-0439HIGHCVSS 7.8EG 7.82021-04-13
In setPowerModeWithHandle of com_android_server_power_PowerManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges …
- CVE-2021-0454MEDIUMCVSS 6.7EG 6.72021-03-10
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.…
- CVE-2021-0455MEDIUMCVSS 6.7EG 6.72021-03-10
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.…
- CVE-2021-0456MEDIUMCVSS 6.7EG 6.72021-03-10
In the Citadel chip firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.…
- CVE-2021-0457MEDIUMCVSS 6.7EG 6.72021-03-10
In the FingerTipS touch screen driver, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for expl…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →