VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 36 of 126
  • CVE-2024-21836HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-21825HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this…

  • CVE-2024-21802HigFeb 26, 2024
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow vulnerability exists in the GGUF library info->ne functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2024-23214HigJan 23, 2024
    risk 0.57cvss 8.8epss 0.01

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3. Processing maliciously crafted web content may lead to arbitrary code execution.

  • CVE-2023-28445CriMar 24, 2023
    risk 0.57cvss 9.9epss 0.01

    Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in…

  • CVE-2023-26489CriMar 8, 2023
    risk 0.57cvss 9.9epss 0.01

    wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate a 35-bit effective address instead of WebAssembly's defined 33-bit effective…

  • CVE-2014-125026CriDec 27, 2022
    risk 0.57cvss 9.8epss 0.01

    LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input.

  • CVE-2022-42920CriNov 7, 2022
    risk 0.57cvss 9.8epss 0.03

    Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass…

  • CVE-2022-27044HigApr 8, 2022
    risk 0.57cvss 8.8epss 0.01

    libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.

  • CVE-2018-25026CriDec 27, 2021
    risk 0.57cvss 9.8epss 0.01

    An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.

  • CVE-2018-25024CriDec 27, 2021
    risk 0.57cvss 9.8epss 0.01

    An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.

  • CVE-2019-8922HigNov 29, 2021
    risk 0.57cvss 8.8epss 0.01

    A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to…

  • CVE-2020-21548HigSep 17, 2021
    risk 0.57cvss 8.8epss 0.01

    Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.

  • CVE-2020-21547HigSep 17, 2021
    risk 0.57cvss 8.8epss 0.01

    Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.

  • CVE-2021-38190CriAug 8, 2021
    risk 0.57cvss 9.8epss 0.01

    An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count.

  • CVE-2021-25289CriMar 19, 2021
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-35654.

  • CVE-2021-25667HigMar 15, 2021
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions…

  • CVE-2021-25900CriJan 26, 2021
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

  • CVE-2020-35895CriDec 31, 2020
    risk 0.57cvss 9.8epss 0.02

    An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion.

  • CVE-2020-35858CriDec 31, 2020
    risk 0.57cvss 9.8epss 0.03

    An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM).