CWE-787

High likelihood

Out-of-bounds Write

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product writes data past the end, or before the beginning, of the intended buffer.

14,284 vulnerabilities with CWE-787
CVE-2020-12395 CRITICAL
Mozilla Firefox <76 - Memory Corruption
CVSS 9.8
CVE-2020-13440 MEDIUM
ffjpeg <2020-02-24 - Buffer Overflow
CVSS 6.5
CVE-2020-13398 HIGH
FreeRDP < 2.1.1 - Out-of-bounds Write in crypto_rsa_common
CVSS 8.3
CVE-2020-1150 HIGH
Windows 7 and Windows Server 2008 - Memory Corruption in Media Foundation
CVSS 7.8
CVE-2020-1136 HIGH
Windows Media Foundation - Memory Corruption via Improper Object Handling
CVSS 7.8
CVE-2020-1126 HIGH
Windows 10 and Windows Server 2016/2019 - Out-of-bounds Write in Media Foundation
CVSS 8.8
CVE-2020-1093 HIGH
Microsoft Internet Explorer VBScript Engine - Remote Code Execution
CVSS 7.5
CVE-2020-1092 HIGH
Internet Explorer - Memory Corruption
CVSS 7.5
CVE-2020-1065 HIGH
ChakraCore < 1.11.19 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2020-1062 HIGH
Internet Explorer - Memory Corruption
CVSS 7.5
CVE-2020-1061 HIGH
Windows 10 - Remote Code Execution via Microsoft Script Runtime Memory Handling
CVSS 8.8
CVE-2020-1060 HIGH
Microsoft Internet Explorer VBScript Engine - Remote Code Execution
CVSS 7.5
CVE-2020-1058 HIGH
Microsoft Internet Explorer VBScript Engine - Remote Code Execution
CVSS 7.5
CVE-2020-1054 HIGH KEV
Windows - Local Privilege Escalation via Win32k Driver Memory Handling
CVSS 7.8
CVE-2020-1037 HIGH
Microsoft Edge - Remote Code Execution via Chakra Scripting Engine Memory Corruption
CVSS 7.5
CVE-2020-1035 HIGH
Microsoft Internet Explorer VBScript Engine - Remote Code Execution
CVSS 7.5
CVE-2020-1028 HIGH
Windows Media Foundation - Memory Corruption
CVSS 7.8
CVE-2020-6474 HIGH
Google Chrome < 83.0.4103.61 - Use-After-Free in Blink
CVSS 8.8
CVE-2020-6468 HIGH
Google Chrome < 83.0.4103.61 - Remote Code Execution via V8 Type Confusion
CVSS 8.8
CVE-2020-6467 HIGH
Chrome < 83.0.4103.61 - Use-After-Free in WebRTC
CVSS 8.8
CVE-2020-6464 HIGH
Chrome < 81.0.4044.138 - Type Confusion in Blink via Crafted HTML Page
CVSS 8.8
CVE-2020-6463 HIGH
Google Chrome < 81.0.4044.122 - Use-After-Free in ANGLE via Crafted HTML Page
CVSS 8.8
CVE-2020-6459 HIGH
Google Chrome < 81.0.4044.122 - Use-After-Free in Payments
CVSS 8.8
CVE-2020-6458 HIGH
Google Chrome < 81.0.4044.122 - Out-of-bounds Read and Write in PDFium via Crafted PDF File
CVSS 8.8
CVE-2020-12038 MEDIUM
Rockwell Automation EDS Subsystem <= 28.0.1 - Denial of Service via EDS File Parsing
CVSS 5.5
Details
Vulnerabilities 14,284
Exploit Likelihood High