CWE-787
Out-of-bounds Write
Description
The product writes data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
CVEs mapped to this weakness (2,513)
page 20 of 126| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-4901 | Hig | 0.59 | 8.8 | 0.17 | Feb 27, 2018 | An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is… | ||
| CVE-2018-0852 | Hig | 0.59 | 8.8 | 0.20 | Feb 15, 2018 | Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office… | ||
| CVE-2018-0851 | Hig | 0.59 | 8.8 | 0.20 | Feb 15, 2018 | Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory,… | ||
| CVE-2018-0792 | Hig | 0.59 | 8.8 | 0.28 | Jan 10, 2018 | Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794. | ||
| CVE-2017-2984 | Hig | 0.59 | 8.8 | 0.18 | Feb 15, 2017 | Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2025-55118 | Hig | 0.58 | 8.9 | 0.00 | Sep 16, 2025 | Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n"; * Control-M/Agent… | ||
| CVE-2024-42479 | Cri | 0.58 | 10.0 | 0.03 | Aug 12, 2024 | llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561. | ||
| CVE-2024-2961 | Hig | 0.58 | 7.3 | 0.88 | Apr 17, 2024 | The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. | ||
| CVE-2018-8531 | Hig | 0.58 | 8.8 | 0.15 | Oct 10, 2018 | A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge. | ||
| CVE-2018-8500 | Cri | 0.58 | 9.8 | 0.18 | Oct 10, 2018 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. | ||
| CVE-2018-11778 | — | Hig | 0.58 | 8.8 | 0.04 | Oct 5, 2018 | UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0 | |
| CVE-2018-17795 | Hig | 0.58 | 8.8 | 0.04 | Sep 30, 2018 | The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935. | ||
| CVE-2018-17095 | Hig | 0.58 | 8.8 | 0.05 | Sep 16, 2018 | An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert. | ||
| CVE-2017-11564 | Hig | 0.58 | 8.8 | 0.04 | Aug 24, 2018 | The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack. | ||
| CVE-2018-1156 | Hig | 0.58 | 8.8 | 0.07 | Aug 23, 2018 | Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system. | ||
| CVE-2018-10636 | Hig | 0.58 | 8.8 | 0.10 | Aug 13, 2018 | CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an… | ||
| CVE-2018-15209 | Hig | 0.58 | 8.8 | 0.04 | Aug 8, 2018 | ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. | ||
| CVE-2017-15118 | Hig | 0.58 | 8.3 | 0.12 | Jul 27, 2018 | A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If… | ||
| CVE-2018-5067 | Hig | 0.58 | 8.8 | 0.14 | Jul 20, 2018 | Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | ||
| CVE-2018-5059 | Hig | 0.58 | 8.8 | 0.08 | Jul 20, 2018 | Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. |
- risk 0.59cvss 8.8epss 0.17
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is…
- risk 0.59cvss 8.8epss 0.20
Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka "Microsoft Office…
- risk 0.59cvss 8.8epss 0.20
Microsoft Office 2007 SP2, Microsoft Office Word Viewer, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Office handles objects in memory,…
- risk 0.59cvss 8.8epss 0.28
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.
- risk 0.59cvss 8.8epss 0.18
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution.
- risk 0.58cvss 8.9epss 0.00
Memory corruptions can be remotely triggered in the Control-M/Agent when SSL/TLS communication is configured. The issue occurs in the following cases: * Control-M/Agent 9.0.20: SSL/TLS configuration is set to the non-default setting "use_openssl=n"; * Control-M/Agent…
- risk 0.58cvss 10.0epss 0.03
llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address writing. This vulnerability is fixed in b3561.
- risk 0.58cvss 7.3epss 0.88
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
- risk 0.58cvss 8.8epss 0.15
A remote code execution vulnerability exists in the way that Azure IoT Hub Device Client SDK using MQTT protocol accesses objects in memory, aka "Azure IoT Device Client SDK Memory Corruption Vulnerability." This affects Hub Device Client SDK, Azure IoT Edge.
- risk 0.58cvss 9.8epss 0.18
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.
- risk 0.58cvss 8.8epss 0.04
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0
- risk 0.58cvss 8.8epss 0.04
The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.
- risk 0.58cvss 8.8epss 0.05
An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. A heap-based buffer overflow in Expand3To4Module::run has occurred when running sfconvert.
- risk 0.58cvss 8.8epss 0.04
The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack.
- risk 0.58cvss 8.8epss 0.07
Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. This vulnerability could theoretically allow a remote authenticated attacker execute arbitrary code on the system.
- risk 0.58cvss 8.8epss 0.10
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an…
- risk 0.58cvss 8.8epss 0.04
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.
- risk 0.58cvss 8.3epss 0.12
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If…
- risk 0.58cvss 8.8epss 0.14
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
- risk 0.58cvss 8.8epss 0.08
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.