CWE-787
Out-of-bounds Write
Description
The product writes data past the end, or before the beginning, of the intended buffer.
Hierarchy (View 1000)
CVEs mapped to this weakness (2,513)
page 36 of 126| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-21836 | Hig | 0.57 | 8.8 | 0.01 | Feb 26, 2024 | A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2024-21825 | Hig | 0.57 | 8.8 | 0.01 | Feb 26, 2024 | A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this… | ||
| CVE-2024-21802 | Hig | 0.57 | 8.8 | 0.01 | Feb 26, 2024 | A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2024-23214 | Hig | 0.57 | 8.8 | 0.01 | Jan 23, 2024 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3. Processing maliciously crafted web content may lead to arbitrary code execution. | ||
| CVE-2023-28445 | Cri | 0.57 | 9.9 | 0.01 | Mar 24, 2023 | Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in… | ||
| CVE-2023-26489 | Cri | 0.57 | 9.9 | 0.01 | Mar 8, 2023 | wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective… | ||
| CVE-2014-125026 | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2022 | LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input. | ||
| CVE-2022-42920 | Cri | 0.57 | 9.8 | 0.03 | Nov 7, 2022 | Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass… | ||
| CVE-2022-27044 | Hig | 0.57 | 8.8 | 0.01 | Apr 8, 2022 | libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. | ||
| CVE-2018-25026 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. | |
| CVE-2018-25024 | — | Cri | 0.57 | 9.8 | 0.01 | Dec 27, 2021 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. | |
| CVE-2019-8922 | Hig | 0.57 | 8.8 | 0.01 | Nov 29, 2021 | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to… | ||
| CVE-2020-21548 | Hig | 0.57 | 8.8 | 0.01 | Sep 17, 2021 | Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. | ||
| CVE-2020-21547 | Hig | 0.57 | 8.8 | 0.01 | Sep 17, 2021 | Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. | ||
| CVE-2021-38190 | — | Cri | 0.57 | 9.8 | 0.01 | Aug 8, 2021 | An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count. | |
| CVE-2021-25289 | — | Cri | 0.57 | 9.8 | 0.02 | Mar 19, 2021 | An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654. | |
| CVE-2021-25667 | Hig | 0.57 | 8.8 | 0.01 | Mar 15, 2021 | A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions… | ||
| CVE-2021-25900 | — | Cri | 0.57 | 9.8 | 0.02 | Jan 26, 2021 | An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many. | |
| CVE-2020-35895 | — | Cri | 0.57 | 9.8 | 0.02 | Dec 31, 2020 | An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion. | |
| CVE-2020-35858 | — | Cri | 0.57 | 9.8 | 0.03 | Dec 31, 2020 | An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM). |
- risk 0.57cvss 8.8epss 0.01
A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.01
A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this…
- risk 0.57cvss 8.8epss 0.01
A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.01
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3. Processing maliciously crafted web content may lead to arbitrary code execution.
- risk 0.57cvss 9.9epss 0.01
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in…
- risk 0.57cvss 9.9epss 0.01
wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective…
- risk 0.57cvss 9.8epss 0.01
LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input.
- risk 0.57cvss 9.8epss 0.03
Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass…
- risk 0.57cvss 8.8epss 0.01
libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
- risk 0.57cvss 8.8epss 0.01
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to…
- risk 0.57cvss 8.8epss 0.01
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
- risk 0.57cvss 8.8epss 0.01
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
- risk 0.57cvss 9.8epss 0.01
An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count.
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.
- risk 0.57cvss 8.8epss 0.01
A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions…
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM).