CWE-787

High likelihood

Out-of-bounds Write

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product writes data past the end, or before the beginning, of the intended buffer.

14,284 vulnerabilities with CWE-787
CVE-2020-1020 HIGH KEV
Microsoft Windows - Remote Code Execution via Adobe Type Manager Library Font Parsing
CVSS 8.8
CVE-2020-0970 HIGH
ChakraCore < 1.11.18 - Remote Code Execution via Memory Corruption
CVSS 7.5
CVE-2020-0969 HIGH
Microsoft Edge - Remote Code Execution via Chakra Scripting Engine Memory Corruption
CVSS 7.5
CVE-2020-0968 HIGH KEV
Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2020-0967 HIGH
Internet Explorer - Remote Code Execution via VBScript Engine Memory Handling
CVSS 8.8
CVE-2020-0950 HIGH
Windows 10 and Windows Server 2016/2019 - Out-of-bounds Write in Media Foundation
CVSS 8.8
CVE-2020-0949 HIGH
Windows 10 and Windows Server 2016/2019 - Memory Corruption in Media Foundation
CVSS 8.8
CVE-2020-0948 HIGH
Windows 10 and Windows Server 2016/2019 - Out-of-bounds Write in Media Foundation
CVSS 8.8
CVE-2020-0938 HIGH KEV
Microsoft Windows - Remote Code Execution via Adobe Type Manager Library Font Parsing
CVSS 7.8
CVE-2020-2908 HIGH
Oracle VM VirtualBox <5.2.40-6.1.6 - Privilege Escalation
CVSS 8.2
CVE-2020-2902 HIGH
Oracle VM VirtualBox <5.2.40-6.1.6 - Privilege Escalation
CVSS 8.8
CVE-2020-11764 MEDIUM
OpenEXR < 2.4.1 - Out-of-bounds Write in copyIntoFrameBuffer
CVSS 5.5
CVE-2020-11763 MEDIUM
OpenEXR < 2.4.1 - Out-of-bounds Read and Write in ImfTileOffsets
CVSS 5.5
CVE-2020-11762 MEDIUM
OpenEXR < 2.4.1 - Out-of-bounds Read and Write in DwaCompressor
CVSS 5.5
CVE-2020-10646 HIGH
Fuji Electric V-Server Lite <4.0.9.0 - Buffer Overflow
CVSS 7.8
CVE-2020-6452 HIGH
Chrome < 80.0.3987.162 - Heap Buffer Overflow in Media via Crafted HTML Page
CVSS 8.8
CVE-2020-6447 HIGH
Google Chrome < 81.0.4044.92 - Out-of-bounds Read via Developer Tools
CVSS 8.8
CVE-2020-5303 LOW
Tendermint < 0.31.12, 0.33.0-0.33.3 - Denial of Service via P2P Connection Request Flood
CVSS 3.1
CVE-2020-1990 HIGH
PAN-OS 8.1.0-8.1.12 - Authenticated Stack-based Buffer Overflow via Corrupted Configuration Upload
CVSS 7.2
CVE-2020-11600 CRITICAL
Android - Remote Code Execution via Fingerprint Trustlet Memory Overwrite
CVSS 9.8
CVE-2020-5735 HIGH KEV
Amcrest Cameras and NVR - Authenticated Stack-based Buffer Overflow via Port 37777
CVSS 8.8
CVE-2020-11102 MEDIUM
QEMU 4.2.0 - Out-of-bounds Write in Tulip Network Driver
CVSS 5.6
CVE-2020-11565 MEDIUM
Linux Kernel < 5.6.2 - Stack-based Out-of-bounds Write in mpol_parse_str
CVSS 6.0
CVE-2020-11528 HIGH
bit2spr 1992-06-07 - Stack-Based Buffer Overflow in conv_bitmap
CVSS 7.5
CVE-2020-8835 HIGH
Linux kernel <5.6.1, <5.5.14, <5.4.29 - Memory Corruption
CVSS 7.8
Details
Vulnerabilities 14,284
Exploit Likelihood High