VYPR

CWE-788

Access of Memory Location After End of Buffer

BaseIncomplete

Description

The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.

This typically occurs when a pointer or its index is incremented to a position after the buffer; or when pointer arithmetic results in a position after the buffer.

Hierarchy (View 1000)

CVEs mapped to this weakness (8)

  • CVE-2021-27384CriMay 12, 2021
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels…

  • CVE-2024-27828HigJun 10, 2024
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2, watchOS 10.5. An app may be able to execute arbitrary code with kernel privileges.

  • CVE-2024-27829HigMay 14, 2024
    risk 0.51cvss 7.8epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.5. Processing a file may lead to unexpected app termination or arbitrary code execution.

  • CVE-2021-25661HigMay 12, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels…

  • CVE-2021-25660HigMay 12, 2021
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (incl. SIPLUS variants) (All versions < V16 Update 4), SIMATIC HMI Comfort Panels…

  • CVE-2024-0074HigMar 27, 2024
    risk 0.46cvss 7.1epss 0.00

    NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering.

  • CVE-2023-20585MedApr 16, 2026
    risk 0.36cvss epss 0.00

    Insufficient checks of the RMP on host buffer access in IOMMU may allow an attacker with privileges and a compromised hypervisor to trigger an out of bounds condition without RMP checks, resulting in a potential loss of confidential guest integrity.

  • CVE-2021-32629May 24, 2021
    risk 0.00cvss epss 0.00

    Cranelift is an open-source code generator maintained by Bytecode Alliance. It translates a target-independent intermediate representation into executable machine code. There is a bug in 0.73 of the Cranelift x64 backend that can create a scenario that could result in a…