CWE-787
Out-of-bounds Write
Description
The product writes data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
CVEs mapped to this weakness (2,513)
page 112 of 126| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-23560 | 0.00 | — | 0.01 | Feb 4, 2022 | Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in… | |||
| CVE-2022-23574 | 0.00 | — | 0.01 | Feb 4, 2022 | Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign… | |||
| CVE-2022-23566 | 0.00 | — | 0.01 | Feb 4, 2022 | Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow… | |||
| CVE-2022-21740 | 0.00 | — | 0.01 | Feb 3, 2022 | Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow… | |||
| CVE-2022-24197 | — | 0.00 | — | 0.01 | Feb 1, 2022 | iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||
| CVE-2021-45958 | — | 0.00 | — | 0.02 | Dec 31, 2021 | UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation. | ||
| CVE-2018-25024 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. | ||
| CVE-2018-25025 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption. | ||
| CVE-2018-25026 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. | ||
| CVE-2021-45680 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption. | ||
| CVE-2021-45681 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference (and memory corruption) can occur because AddRef might not be called before returning a pointer. | ||
| CVE-2021-45704 | — | 0.00 | — | 0.01 | Dec 26, 2021 | An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket unconditionally implements the Send and Sync traits. | ||
| CVE-2021-45707 | — | 0.00 | — | 0.02 | Dec 26, 2021 | An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups. | ||
| CVE-2021-42279 | 0.00 | — | 0.02 | Nov 10, 2021 | Chakra Scripting Engine Memory Corruption Vulnerability | |||
| CVE-2021-43174 | — | 0.00 | — | 0.01 | Nov 9, 2021 | NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows… | ||
| CVE-2021-41221 | 0.00 | — | 0.00 | Nov 5, 2021 | TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the `input`, `input_h`… | |||
| CVE-2021-41216 | 0.00 | — | 0.00 | Nov 5, 2021 | TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the… | |||
| CVE-2021-32297 | — | 0.00 | — | 0.01 | Sep 20, 2021 | An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pe_reader.c. It allows an attacker to cause code Execution. | ||
| CVE-2021-39218 | 0.00 | — | 0.00 | Sep 17, 2021 | Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in… | |||
| CVE-2021-3761 | 0.00 | — | 0.01 | Sep 9, 2021 | Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a… |
- CVE-2022-23560Feb 4, 2022risk 0.00cvss —epss 0.01
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in…
- CVE-2022-23574Feb 4, 2022risk 0.00cvss —epss 0.01
Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign…
- CVE-2022-23566Feb 4, 2022risk 0.00cvss —epss 0.01
Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow…
- CVE-2022-21740Feb 3, 2022risk 0.00cvss —epss 0.01
Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow…
- CVE-2022-24197Feb 1, 2022risk 0.00cvss —epss 0.01
iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
- CVE-2021-45958Dec 31, 2021risk 0.00cvss —epss 0.02
UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.
- CVE-2018-25024Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
- CVE-2018-25025Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
- CVE-2018-25026Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
- CVE-2021-45680Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption.
- CVE-2021-45681Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference (and memory corruption) can occur because AddRef might not be called before returning a pointer.
- CVE-2021-45704Dec 26, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the metrics-util crate before 0.7.0 for Rust. There is a data race and memory corruption because AtomicBucket unconditionally implements the Send and Sync traits.
- CVE-2021-45707Dec 26, 2021risk 0.00cvss —epss 0.02
An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups.
- CVE-2021-42279Nov 10, 2021risk 0.00cvss —epss 0.02
Chakra Scripting Engine Memory Corruption Vulnerability
- CVE-2021-43174Nov 9, 2021risk 0.00cvss —epss 0.01
NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows…
- CVE-2021-41221Nov 5, 2021risk 0.00cvss —epss 0.00
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a heap buffer overflow. This occurs because the ranks of the `input`, `input_h`…
- CVE-2021-41216Nov 5, 2021risk 0.00cvss —epss 0.00
TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the…
- CVE-2021-32297Sep 20, 2021risk 0.00cvss —epss 0.01
An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pe_reader.c. It allows an attacker to cause code Execution.
- CVE-2021-39218Sep 17, 2021risk 0.00cvss —epss 0.00
Wasmtime is an open source runtime for WebAssembly & WASI. In Wasmtime from version 0.26.0 and before version 0.30.0 is affected by a memory unsoundness vulnerability. There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in…
- CVE-2021-3761Sep 9, 2021risk 0.00cvss —epss 0.01
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a…