VYPR

CWE-787

Out-of-bounds Write

BaseDraftLikelihood: High

Description

The product writes data past the end, or before the beginning, of the intended buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (2,513)

page 8 of 126
  • CVE-2025-54957CriOct 20, 2025
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in Dolby UDC 4.5 through 4.13. A crash of the DD+ decoder process can occur when a malformed DD+ bitstream is processed. When Evolution data is processed by evo_priv.c from the DD+ bitstream, the decoder writes that data into a buffer. The length…

  • CVE-2025-11709CriOct 14, 2025
    risk 0.64cvss 9.8epss 0.00

    A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4.

  • CVE-2025-43209CriJul 30, 2025
    risk 0.64cvss 9.8epss 0.01

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web…

  • CVE-2025-49709CriJun 11, 2025
    risk 0.64cvss 9.8epss 0.01

    Certain canvas operations could have lead to memory corruption. This vulnerability was fixed in Firefox 139.0.4.

  • CVE-2025-4918CriMay 17, 2025
    risk 0.64cvss 9.8epss 0.09

    An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability was fixed in Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1, Thunderbird 128.10.2, and Thunderbird 138.0.2.

  • CVE-2025-24273CriMar 31, 2025
    risk 0.64cvss 9.8epss 0.01

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory.

  • CVE-2025-24231CriMar 31, 2025
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.

  • CVE-2025-1020CriFeb 4, 2025
    risk 0.64cvss 9.8epss 0.01

    Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 135 and…

  • CVE-2025-1017CriFeb 4, 2025
    risk 0.64cvss 9.8epss 0.01

    Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability…

  • CVE-2025-1016CriFeb 4, 2025
    risk 0.64cvss 9.8epss 0.01

    Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to…

  • CVE-2024-12248CriJan 30, 2025
    risk 0.64cvss 9.8epss 0.01

    Contec Health CMS8000 Patient Monitor is vulnerable to an out-of-bounds write, which could allow an attacker to send specially formatted UDP requests in order to write arbitrary data. This could result in remote code execution.

  • CVE-2024-54534CriDec 12, 2024
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 and iPadOS 18.2, iPadOS 17.7.6, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing maliciously crafted web content may lead to memory corruption.

  • CVE-2024-44242CriDec 12, 2024
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware.

  • CVE-2024-49195CriOct 15, 2024
    risk 0.64cvss 9.8epss 0.01

    Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair

  • CVE-2024-2184CriMar 11, 2024
    risk 0.64cvss 9.8epss 0.01

    Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C…

  • CVE-2023-47359CriNov 7, 2023
    risk 0.64cvss 9.8epss 0.01

    Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.

  • CVE-2022-46393CriDec 15, 2022
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

  • CVE-2022-34835CriJun 30, 2022
    risk 0.64cvss 9.8epss 0.02

    In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.

  • CVE-2021-33485CriAug 3, 2021
    risk 0.64cvss 9.8epss 0.01

    CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

  • CVE-2019-19638CriDec 8, 2019
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.