VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 13 of 126
  • CVE-2014-2073CriApr 10, 2018
    risk 0.64cvss 9.8epss 0.05

    Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus."

  • CVE-2017-2869CriApr 5, 2018
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this…

  • CVE-2017-2868CriApr 5, 2018
    risk 0.64cvss 9.8epss 0.03

    An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this…

  • CVE-2017-2867CriApr 5, 2018
    risk 0.64cvss 9.8epss 0.02

    An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this…

  • CVE-2017-2853CriApr 5, 2018
    risk 0.64cvss 9.8epss 0.03

    An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious…

  • CVE-2017-13292CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.02

    In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:…

  • CVE-2017-13285CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.02

    In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed…

  • CVE-2017-13283CriApr 4, 2018
    risk 0.64cvss 9.8epss 0.02

    In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.…

  • CVE-2017-14876CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.01

    In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write.

  • CVE-2018-9143CriMar 30, 2018
    risk 0.64cvss 9.8epss 0.02

    On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

  • CVE-2018-1000140CriMar 23, 2018
    risk 0.64cvss 9.8epss 0.10

    rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack…

  • CVE-2018-1000116CriMar 7, 2018
    risk 0.64cvss 9.8epss 0.07

    NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.

  • CVE-2017-18215CriMar 5, 2018
    risk 0.64cvss 9.8epss 0.02

    xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.

  • CVE-2018-7561CriMar 1, 2018
    risk 0.64cvss 9.8epss 0.02

    Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2018-7553CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.03

    There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

  • CVE-2018-6640CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.04

    A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. Crafted input can modify the next pointer of a linked list. This is fixed in 6.9d.

  • CVE-2018-6639CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.04

    An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. A size used by memmove is read from the input file. This is fixed in 6.9d.

  • CVE-2018-6638CriFeb 28, 2018
    risk 0.64cvss 9.8epss 0.04

    A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d.

  • CVE-2018-5475CriFeb 19, 2018
    risk 0.64cvss 9.8epss 0.04

    A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified, which may allow remote code execution.

  • CVE-2018-5440CriFeb 15, 2018
    risk 0.64cvss 9.8epss 0.03

    A Stack-based Buffer Overflow issue was discovered in 3S-Smart CODESYS Web Server. Specifically: all Microsoft Windows (also WinCE) based CODESYS web servers running stand-alone Version 2.3, or as part of the CODESYS runtime system running prior to Version V1.1.9.19. A crafted…