VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 38 of 126
  • CVE-2018-6973HigAug 15, 2018
    risk 0.57cvss 8.8epss 0.00

    VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.

  • CVE-2018-3847HigAug 1, 2018
    risk 0.57cvss 8.8epss 0.03

    Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT…

  • CVE-2018-11622HigJul 31, 2018
    risk 0.57cvss 8.8epss 0.03

    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw…

  • CVE-2018-14459HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.

  • CVE-2018-14458HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h.

  • CVE-2018-14457HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp.

  • CVE-2018-14456HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp.

  • CVE-2018-14455HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h.

  • CVE-2018-14453HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.

  • CVE-2018-14451HigJul 20, 2018
    risk 0.57cvss 8.8epss 0.01

    An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.

  • CVE-2018-14360CriJul 17, 2018
    risk 0.57cvss 9.8epss 0.03

    An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.

  • CVE-2018-14358CriJul 17, 2018
    risk 0.57cvss 9.8epss 0.04

    An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.

  • CVE-2018-14352CriJul 17, 2018
    risk 0.57cvss 9.8epss 0.04

    An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap_quote_string in imap/util.c does not leave room for quote characters, leading to a stack-based buffer overflow.

  • CVE-2018-14350CriJul 17, 2018
    risk 0.57cvss 9.8epss 0.05

    An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long INTERNALDATE field.

  • CVE-2018-14346HigJul 17, 2018
    risk 0.57cvss 8.8epss 0.02

    GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).

  • CVE-2018-3936HigJul 11, 2018
    risk 0.57cvss 8.8epss 0.02

    In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution.

  • CVE-2018-3933HigJul 11, 2018
    risk 0.57cvss 8.8epss 0.02

    An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to an out-of-bounds write,…

  • CVE-2018-3932HigJul 11, 2018
    risk 0.57cvss 8.8epss 0.03

    An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to a stack-based…

  • CVE-2018-5874HigJul 6, 2018
    risk 0.57cvss 8.8epss 0.01

    While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.

  • CVE-2018-13139HigJul 4, 2018
    risk 0.57cvss 8.8epss 0.04

    A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable…