VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 6 of 126
  • CVE-2018-7183CriMar 8, 2018
    risk 0.65cvss 9.8epss 0.11

    Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

  • CVE-2018-4895CriFeb 27, 2018
    risk 0.65cvss 9.8epss 0.14

    An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is…

  • CVE-2017-10984CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.18

    An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

  • CVE-2017-10979CriJul 17, 2017
    risk 0.65cvss 9.8epss 0.22

    An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write overflow in rad_coalesce()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.

  • CVE-2016-8339CriOct 28, 2016
    risk 0.65cvss 9.8epss 0.15

    A buffer overflow in Redis 3.2.x prior to 3.2.4 causes arbitrary code execution when a crafted command is sent. An out of bounds write vulnerability exists in the handling of the client-output-buffer-limit option during the CONFIG SET command for the Redis data structure store.…

  • CVE-2015-8668CriJan 8, 2016
    risk 0.65cvss 9.8epss 0.14

    Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.

  • CVE-2011-4372CriJan 10, 2012
    risk 0.65cvss 9.8epss 0.13

    Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.

  • CVE-2009-1862HigKEVJul 23, 2009
    risk 0.65cvss 7.8epss 0.25

    Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash…

  • CVE-2026-41157CriJun 12, 2026
    risk 0.64cvss 9.8epss 0.00

    A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger an out-of-bound write in the GPU user-space driver, leading to memory corruption and possible browser/GPU process crash. The software computes a required memory size from…

  • CVE-2026-48689CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.01

    FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five methods (append_dynamic_buffer, append_data_as_pointer, append_data_as_object_ptr, memcpy_from_ptr,…

  • CVE-2026-48686CriMay 26, 2026
    risk 0.64cvss 9.8epss 0.01

    FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() in src/bgp_protocol.cpp reads prefix_bit_length directly from the BGP packet…

  • CVE-2026-42484CriMay 1, 2026
    risk 0.64cvss 9.8epss 0.00

    A heap-based buffer overflow in hex_to_binary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash file. The issue affects modules 17200, 17210, 17220, 17225, and 17230. When…

  • CVE-2026-42483CriMay 1, 2026
    risk 0.64cvss 9.8epss 0.00

    A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The issue affects module_hash_decode in multiple Kerberos-related modules because…

  • CVE-2026-42482CriMay 1, 2026
    risk 0.64cvss 9.8epss 0.00

    A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted rule file, or via the -j or -k rule options used with password…

  • CVE-2026-5450CriApr 20, 2026
    risk 0.64cvss 9.8epss 0.00

    Calling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow.

  • CVE-2026-5443CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.01

    A heap buffer overflow vulnerability exists during the decoding of `PALETTE COLOR` DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to…

  • CVE-2026-5442CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.01

    A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US), which allows extremely large dimensions to be processed. This causes an…

  • CVE-2025-52221CriApr 8, 2026
    risk 0.64cvss 9.8epss 0.00

    Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters.

  • CVE-2025-62818CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. An out-of-bounds write occurs due to a mismatch…

  • CVE-2026-5735CriApr 7, 2026
    risk 0.64cvss 9.8epss 0.00

    Memory safety bugs present in Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2…