VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 5 of 126
  • CVE-2025-0247CriJan 7, 2025
    risk 0.65cvss 9.8epss 0.09

    Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 134 and…

  • CVE-2018-3867CriAug 23, 2018
    risk 0.65cvss 9.9epss 0.02

    An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received…

  • CVE-2018-6692CriAug 21, 2018
    risk 0.65cvss 10.0epss 0.04

    Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet.

  • CVE-2018-5924CriAug 13, 2018
    risk 0.65cvss 9.8epss 0.12

    A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution.

  • CVE-2018-12798CriJul 20, 2018
    risk 0.65cvss 9.8epss 0.13

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-12785CriJul 20, 2018
    risk 0.65cvss 9.8epss 0.11

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-5002HigKEVJul 9, 2018
    risk 0.65cvss 7.8epss 0.25

    Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4984CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4978CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4968CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4966CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4950CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.11

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4948CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4947CriJul 9, 2018
    risk 0.65cvss 9.8epss 0.16

    Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4918CriMay 19, 2018
    risk 0.65cvss 9.8epss 0.12

    Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-4917CriMay 19, 2018
    risk 0.65cvss 9.8epss 0.18

    Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

  • CVE-2018-8154CriMay 9, 2018
    risk 0.65cvss 9.8epss 0.22

    A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. This CVE ID is unique from CVE-2018-8151.

  • CVE-2018-6913CriApr 17, 2018
    risk 0.65cvss 9.8epss 0.11

    Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

  • CVE-2018-0986HigApr 4, 2018
    risk 0.65cvss 8.8epss 0.61

    A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender,…

  • CVE-2018-1000120CriMar 14, 2018
    risk 0.65cvss 9.8epss 0.12

    A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.