CWE-787

High likelihood

Out-of-bounds Write

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product writes data past the end, or before the beginning, of the intended buffer.

14,280 vulnerabilities with CWE-787
CVE-2020-27823 HIGH
OpenJPEG < 2.4.0 - Denial of Service via Crafted x,y Offset Input
CVSS 7.8
CVE-2020-20267 MEDIUM
Mikrotik RouterOS < 6.47 - Authenticated Denial of Service via /nova/bin/resolver Memory Corruption
CVSS 6.5
CVE-2020-20265 MEDIUM
Mikrotik RouterOS < 6.47 - Authenticated Denial of Service via Crafted Packet
CVSS 6.5
CVE-2020-28600 HIGH
OpenSCAD 2020.12-RC2 - Out-of-Bounds Write via Crafted STL File
CVSS 7.8
CVE-2020-28198 HIGH
IBM Tivoli Storage Manager 5.2 - Stack Buffer Overflow via 'id' Parameter in Interactive Mode
CVSS 7.0
CVE-2020-28024 CRITICAL
Exim 4.00-4.94.1 - Unauthenticated Remote Code Execution via smtp_ungetc Buffer Underwrite
CVSS 9.8
CVE-2020-28022 CRITICAL
Exim 4.00-4.94.1 - Out-of-bounds Write via MAIL FROM and RCPT TO Commands
CVSS 9.8
CVE-2020-28016 HIGH
Exim 4.00-4.94.1 - Out-of-bounds Write via parse_fix_phrase
CVSS 7.8
CVE-2020-28013 HIGH
Exim 4.00-4.94.1 - Heap-based Buffer Overflow via Command Line Argument Parsing
CVSS 7.8
CVE-2020-28011 HIGH
Exim 4.00-4.94.1 - Heap-based Buffer Overflow via Queue Run Sender Options
CVSS 7.8
CVE-2020-28010 HIGH
Exim 4.00-4.94.1 - Out-of-bounds Write via Current Working Directory Pathname
CVSS 7.8
CVE-2020-20247 MEDIUM
Mikrotik RouterOS < 6.46.5 - Authenticated Denial of Service via Traceroute Loop Counter
CVSS 6.5
CVE-2020-20218 MEDIUM
Mikrotik RouterOs 6.44.6 - Authenticated Denial of Service via Traceroute Loop Counter
CVSS 6.5
CVE-2020-27009 HIGH
Nucleus NET < 5.2 - Use-After-Free in DNS Domain Name Record Decompression
CVSS 8.1
CVE-2020-15795 HIGH
Nucleus NET < 5.2 - Out-of-bounds Write in DNS Domain Name Label Parsing
CVSS 8.1
CVE-2020-23907 CRITICAL
Avast RetDec - Out-of-bounds Write in canSplitFunctionOn()
CVSS 9.8
CVE-2020-35979 HIGH
GPAC 0.8.0 and 1.0.1 - Heap-Based Buffer Overflow in gp_rtp_builder_do_avc
CVSS 7.8
CVE-2020-28592 CRITICAL
Cosori CS158-AF Firmware 1.1.0 - Heap-Based Buffer Overflow via Configuration Server
CVSS 9.8
CVE-2020-36317 HIGH
Rust < 1.49.0 - Memory Safety Violation via String::retain() Panic
CVSS 7.5
CVE-2020-11236 HIGH
Qualcomm PMx Firmware - Denial of Service via Invalid KPI Dimension Value
CVSS 8.4
CVE-2020-11210 CRITICAL
Qualcomm AR8035 and Multiple Firmware - Out-of-bounds Write in RPM Region
CVSS 9.3
CVE-2020-9967 HIGH
iPadOS < 14.0 - Out-of-bounds Write
CVSS 7.8
CVE-2020-9955 HIGH
iPadOS < 14.0 - Out-of-bounds Write via Maliciously Crafted Image
CVSS 7.8
CVE-2020-29624 HIGH
iPadOS < 14.3 - Out-of-bounds Write in Font File Processing
CVSS 7.8
CVE-2020-29616 HIGH
macOS 10.14-10.14.5 and 11.0 - Remote Code Execution via Malicious Image Processing
CVSS 7.8
Details
Vulnerabilities 14,280
Exploit Likelihood High