VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 100 of 126
  • CVE-2016-4429MedJun 10, 2016
    risk 0.39cvss 5.9epss 0.04

    Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.

  • CVE-2026-46690MedJun 12, 2026
    risk 0.38cvss 5.8epss 0.00

    unbounded_spsc is an "unbounded" extension of bounded_spsc_queue. In versions 0.2.0 and prior, sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race. At time of publication, there are no publicly available patches.

  • CVE-2026-24201MedMay 26, 2026
    risk 0.38cvss 5.8epss 0.00

    NVIDIA vGPU software contains a vulnerability in the virtual GPU manager, where an attacker could cause an out-of-bound access. A successful exploit of this vulnerability might lead to data tampering, denial of service, or information disclosure.

  • CVE-2026-27853MedMar 31, 2026
    risk 0.38cvss 5.9epss 0.00

    An attacker might be able to trigger an out-of-bounds write by sending crafted DNS responses to a DNSdist using the DNSQuestion:changeName or DNSResponse:changeName methods in custom Lua code. In some cases the rewritten packet might become larger than the initial response and…

  • CVE-2025-11680MedOct 20, 2025
    risk 0.38cvss epss 0.00

    Out-of-bounds Write in unfilter_scanline in warmcat libwebsockets allows, when the LWS_WITH_UPNG flag is enabled during compilation and the HTML display stack is used, to write past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled…

  • CVE-2025-9903MedSep 29, 2025
    risk 0.38cvss 5.9epss 0.00

    Out-of-bounds write vulnerabilities in print processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / UFRII LT Printer Driver / CARPS2 Printer…

  • CVE-2023-5406MedApr 17, 2024
    risk 0.38cvss 5.9epss 0.01

    Server communication with a controller can lead to remote code execution using a specially crafted message from the controller. See Honeywell Security Notification for recommendations on upgrading and versioning.

  • CVE-2023-5405MedApr 17, 2024
    risk 0.38cvss 5.9epss 0.00

    Server information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message. See Honeywell Security Notification for recommendations on upgrading and versioning.

  • CVE-2022-41854MedNov 11, 2022
    risk 0.38cvss 5.8epss 0.01

    Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect may support a denial of…

  • CVE-2020-36220MedJan 26, 2021
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in the va-ts crate before 0.0.4 for Rust. Because Demuxer omits a required T: Send bound, a data race and memory corruption can occur.

  • CVE-2020-36217MedJan 26, 2021
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in the may_queue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur.

  • CVE-2020-36216MedJan 26, 2021
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in Input in the eventio crate before 0.5.1 for Rust. Because a non-Send type can be sent to a different thread, a data race and memory corruption can occur.

  • CVE-2017-17217MedMar 9, 2018
    risk 0.38cvss 5.9epss 0.01

    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds…

  • CVE-2017-17160MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00,…

  • CVE-2017-17152MedFeb 15, 2018
    risk 0.38cvss 5.9epss 0.01

    IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078,…

  • CVE-2018-5793MedFeb 5, 2018
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.

  • CVE-2018-5792MedFeb 5, 2018
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.

  • CVE-2018-5791MedFeb 5, 2018
    risk 0.38cvss 5.9epss 0.01

    An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Heap Overflow in the HSD Process over the MINT (Media Independent Tunnel) Protocol on the WiNG Access Point via crafted packets.

  • CVE-2017-3630MedJun 22, 2017
    risk 0.38cvss 5.3epss 0.05

    Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to…

  • CVE-2025-59730MedOct 6, 2025
    risk 0.37cvss epss 0.00

    When decoding a frame for a SANM file (ANIM v0 variant), the decoded data can be larger than the buffer allocated for it. Frames encoded with codec 48 can specify their resolution (width x height). A buffer of appropriate size is allocated depending on the resolution. This…