CWE-787

High likelihood

Out-of-bounds Write

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product writes data past the end, or before the beginning, of the intended buffer.

14,289 vulnerabilities with CWE-787
CVE-2019-11839 CRITICAL
njs < 0.3.1 - Heap-Based Buffer Overflow in Array.prototype.push
CVSS 9.8
CVE-2019-11838 CRITICAL
njs < 0.3.1 - Heap-Based Buffer Overflow in Array.prototype.splice
CVSS 9.8
CVE-2019-11835 CRITICAL
davegamble cJSON < 1.7.11 - Out-of-bounds Read via Multiline Comment Parsing
CVSS 9.8
CVE-2019-11834 CRITICAL
davegamble/cjson < 1.7.11 - Out-of-bounds Read via Null Byte in String Literal
CVSS 9.8
CVE-2019-8285 HIGH
Kaspersky Antivirus Engine < 2019.04.04 - Heap-Based Buffer Overflow
CVSS 8.8
CVE-2019-2049 HIGH
Android - Use-After-Free in avrcp_service.cc SendMediaUpdate and SendFolderUpdate
CVSS 7.8
CVE-2019-2047 CRITICAL
Android 7.0-9 - Remote Code Execution via Type Confusion in UpdateLoadElement
CVSS 9.8
CVE-2019-2046 CRITICAL
Android - Remote Code Execution via Integer Overflow in CalculateInstanceSizeForDerivedClass
CVSS 9.8
CVE-2019-2045 CRITICAL
Android 7.0-9 - Out-of-bounds Write in JSCallTyper
CVSS 9.8
CVE-2019-2044 HIGH
Android - Out-of-bounds Write in APacketSource.cpp
CVSS 8.8
CVE-2019-11560 CRITICAL
Hisilicon HI3516 Firmware - Unauthenticated Remote Code Execution via RTSP over HTTP Packet
CVSS 9.8
CVE-2019-10999 HIGH
D-Link DCS Series Firmware - Authenticated Stack-based Buffer Overflow via WEPEncryption Parameter
CVSS 8.8
CVE-2019-11037 MEDIUM
PHP imagick 3.3.0-3.4.4 - Out-of-bounds Write in ImagickKernel::fromMatrix
CVSS 4.9
CVE-2019-9017 HIGH
SolarWinds DameWare Mini Remote Control 10.0 - Buffer Overflow via Machine Name Size Field
CVSS 7.5
CVE-2019-11683 CRITICAL
Linux kernel <5.0.13 - Memory Corruption
CVSS 9.8
CVE-2019-11682 CRITICAL
MailCarrier 2.51 - Remote Code Execution via Long HELP Command
CVSS 9.8
CVE-2019-10952 CRITICAL
CompactLogix 5370 & GuardLogix 5370 Firmware 20.011-30.014 - RCE via Stack Overflow
CVSS 9.8
CVE-2019-10954 HIGH
Rockwell Automation CompactLogix and GuardLogix 5370 Firmware 20.011-30.014 - Denial of Service via Crafted SMTP Packets
CVSS 7.5
CVE-2019-11640 HIGH
GNU recutils <1.8 - Buffer Overflow
CVSS 8.8
CVE-2019-11639 HIGH
GNU recutils <1.8 - Buffer Overflow
CVSS 8.8
CVE-2019-3930 CRITICAL
Crestron Am-100 Firmware < 2.4.1.19 - Out-of-Bounds Write
CVSS 9.8
CVE-2019-3563 CRITICAL
Wangle < 2019.04.22.00 - Buffer Over-read in LineBasedFrameDecoder
CVSS 9.8
CVE-2019-3705 CRITICAL
Dell EMC iDRAC6 < 2.92, iDRAC7/iDRAC8 < 2.61.60.60, iDRAC9 < 3.20.21.20 - Unauthenticated Stack-Based Buffer Overflow
CVSS 9.8
CVE-2019-9792 CRITICAL
Thunderbird <60.6, Firefox ESR <60.6, Firefox <66 - Memory Corruption
CVSS 9.8
CVE-2019-9789 CRITICAL
Mozilla Firefox <66 - Memory Corruption
CVSS 9.8
Details
Vulnerabilities 14,289
Exploit Likelihood High