VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 16 of 126
  • CVE-2017-7859CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.02

    FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.

  • CVE-2017-7858CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.03

    FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

  • CVE-2017-7857CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.04

    FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.

  • CVE-2017-7856CriApr 14, 2017
    risk 0.64cvss 9.8epss 0.03

    LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.

  • CVE-2017-5949CriApr 3, 2017
    risk 0.64cvss 9.8epss 0.02

    JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 22, allows remote attackers to cause a denial of service (heap-based out-of-bounds write and application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers…

  • CVE-2016-9051CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.07

    An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution.…

  • CVE-2016-6870CriFeb 17, 2017
    risk 0.64cvss 9.8epss 0.02

    Out-of-bounds write in the (1) mb_detect_encoding, (2) mb_send_mail, and (3) mb_detect_order functions in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors.

  • CVE-2016-10164CriFeb 1, 2017
    risk 0.64cvss 9.8epss 0.08

    Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated…

  • CVE-2016-9054CriJan 26, 2017
    risk 0.64cvss 9.8epss 0.08

    An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_list_by_set_binid resulting in remote code…

  • CVE-2016-9052CriJan 26, 2017
    risk 0.64cvss 9.8epss 0.08

    An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_by_iname resulting in remote code execution.…

  • CVE-2016-4336CriJan 6, 2017
    risk 0.64cvss 9.8epss 0.04

    An exploitable out-of-bounds write exists in the Bzip2 parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted Bzip2 document can lead to a stack-based buffer overflow causing an out-of-bounds write which under the right circumstance could…

  • CVE-2017-5005CriJan 2, 2017
    risk 0.64cvss 9.8epss 0.09

    Stack-based buffer overflow in Quick Heal Internet Security 10.1.0.316 and earlier, Total Security 10.1.0.316 and earlier, and AntiVirus Pro 10.1.0.316 and earlier on OS X allows remote attackers to execute arbitrary code via a crafted LC_UNIXTHREAD.cmdsize field in a Mach-O…

  • CVE-2016-7950CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.03

    The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.

  • CVE-2016-7949CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.

  • CVE-2016-7948CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.

  • CVE-2016-7947CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.

  • CVE-2016-7943CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.

  • CVE-2016-7942CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.04

    The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.

  • CVE-2015-3210CriDec 13, 2016
    risk 0.64cvss 9.8epss 0.09

    Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?Pc)(?Pa(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384.

  • CVE-2016-9540CriNov 22, 2016
    risk 0.64cvss 9.8epss 0.04

    tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."