VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

Parents

CVEs mapped to this weakness (1,368)

page 10 of 69
  • CVE-2017-7861CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.02

    Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.

  • CVE-2017-7860CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.02

    Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.

  • CVE-2017-7859CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.01

    FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.

  • CVE-2017-7858CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.02

    FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

  • CVE-2017-7857CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.03

    FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

  • CVE-2017-7856CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.02

    LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.

  • CVE-2016-10328CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.01

    FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.

  • CVE-2016-10327CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.01

    LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.

  • CVE-2017-5949CriApr 3, 2017
    risk 0.64cvss 9.8epss 0.02

    JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers access to red-zone memory locations, related to jit/ThunkGenerators.cpp, llint/LowLevelInterpreter32_64.asm, and llint/LowLevelInterpreter64.asm.

  • CVE-2016-9051CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.04

    An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.

  • CVE-2016-6870CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.01

    Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2016-10164CriFeb 1, 2017
    risk 0.64cvss 9.8epss 0.04

    Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow.

  • CVE-2016-4336CriJan 6, 2017
    risk 0.64cvss 9.8epss 0.01

    An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could potentially be leveraged by an attacker to gain arbitrary code execution.

  • CVE-2016-7950CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.01

    The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.

  • CVE-2016-7949CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

  • CVE-2016-7948CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.

  • CVE-2016-7947CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.

  • CVE-2016-7943CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.

  • CVE-2016-7942CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.05

    The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.

  • CVE-2015-3210CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.06

    Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?P<B>c)(?P<B>a(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.