VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 118 of 126
  • CVE-2019-1300Sep 11, 2019
    risk 0.00cvss epss 0.08

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1237,…

  • CVE-2019-1237Sep 11, 2019
    risk 0.00cvss epss 0.08

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1217, CVE-2019-1298,…

  • CVE-2019-1217Sep 11, 2019
    risk 0.00cvss epss 0.08

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1138, CVE-2019-1237, CVE-2019-1298,…

  • CVE-2019-1138Sep 11, 2019
    risk 0.00cvss epss 0.08

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1217, CVE-2019-1237, CVE-2019-1298,…

  • CVE-2019-16224Sep 11, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in py-lmdb 0.97. For certain values of md_flags, mdb_node_add does not properly set up a memcpy destination, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

  • CVE-2019-16225Sep 11, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in py-lmdb 0.97. For certain values of mp_flags, mdb_page_touch does not properly set up mc->mc_pg[mc->top], leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

  • CVE-2019-16226Sep 11, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in py-lmdb 0.97. mdb_node_del does not validate a memmove in the case of an unexpected node->mn_hi, leading to an invalid write operation. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

  • CVE-2019-16227Sep 11, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in py-lmdb 0.97. For certain values of mn_flags, mdb_cursor_set triggers a memcpy with an invalid write operation within mdb_xcursor_init1. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.

  • CVE-2019-16139Sep 9, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the compact_arena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read.

  • CVE-2019-15543Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the slice-deque crate before 0.2.0 for Rust. There is memory corruption in certain allocation cases.

  • CVE-2019-15554Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity.

  • CVE-2019-1196Aug 14, 2019
    risk 0.00cvss epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1197Aug 14, 2019
    risk 0.00cvss epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1195Aug 14, 2019
    risk 0.00cvss epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1140Aug 14, 2019
    risk 0.00cvss epss 0.04

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1141Aug 14, 2019
    risk 0.00cvss epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1139Aug 14, 2019
    risk 0.00cvss epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-1131Aug 14, 2019
    risk 0.00cvss epss 0.02

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current…

  • CVE-2019-14492Aug 1, 2019
    risk 0.00cvss epss 0.03

    An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read/write in the function HaarEvaluator::OptFeature::calc in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.

  • CVE-2019-1107Jul 29, 2019
    risk 0.00cvss epss 0.09

    A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1062, CVE-2019-1092, CVE-2019-1103,…