CWE-787

High likelihood

Out-of-bounds Write

Parent: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

The product writes data past the end, or before the beginning, of the intended buffer.

14,325 vulnerabilities with CWE-787
CVE-2018-6462 HIGH
PDF-XChange Viewer and Viewer AX SDK < 2.5.322.8 - Remote Code Execution via YCC to RGB Color Space Conversion
CVSS 7.8
CVE-2018-1000001 HIGH
glibc < 2.26 - Buffer Underflow and Potential Code Execution via realpath()
CVSS 7.8
CVE-2018-3835 HIGH
PTEX 2.2 - Out-of-bounds Write via File Parameter Handling
CVSS 8.8
CVE-2018-6358 HIGH
libming < 0.4.8 - Heap-Based Buffer Overflow via Crafted FDB File
CVSS 8.8
CVE-2018-6187 MEDIUM
Artifex MuPDF <1.12.0 - Buffer Overflow
CVSS 5.5
CVE-2018-5721 HIGH
ASUSWRT-Merlin < 382.1_2 - Stack-based Buffer Overflow
CVSS 8.8
CVE-2018-5299 CRITICAL
Pulse Secure PCS <8.3R4-PPS <5.4R4 - Buffer Overflow
CVSS 9.8
CVE-2018-5703 CRITICAL
Linux Kernel 4.13-4.14.86 - Out-of-bounds Write in tcp_v6_syn_recv_sock
CVSS 9.8
CVE-2018-5262 CRITICAL
Flexense DiskBoss <8.8.16 - Buffer Overflow
CVSS 9.8
CVE-2018-5345 HIGH
GNOME gcab <0.7.4 - Buffer Overflow
CVSS 7.8
CVE-2018-5332 HIGH
Linux kernel <3.2 - Memory Corruption
CVSS 7.8
CVE-2018-0812 HIGH
Microsoft Office Equation Editor - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2018-0802 HIGH KEV
Microsoft Office Equation Editor - Remote Code Execution via Memory Corruption
CVSS 7.8
CVE-2018-0798 HIGH KEV
Microsoft Office Equation Editor - Remote Code Execution via Memory Corruption
CVSS 8.8
CVE-2018-0797 HIGH
Microsoft Office 2010-2016 - Remote Code Execution via RTF Content Handling
CVSS 7.8
CVE-2018-0792 HIGH
Microsoft Word 2016 - Remote Code Execution via Memory Object Handling
CVSS 8.8
CVE-2018-5282 HIGH
Kentico Xperience 9.0-11.0 - Stack-based Buffer Overflow via SilentInstall XML Field
CVSS 7.8
CVE-2018-5268 MEDIUM
OpenCV 3.3.1 - Heap-Based Buffer Overflow in JPEG2000 Image Parser
CVSS 5.5
CVE-2018-0781 HIGH
ChakraCore < 1.7.6 - Memory Corruption via Scripting Engine Object Handling
CVSS 7.5
CVE-2018-0778 HIGH
ChakraCore < 1.7.6 - Memory Corruption via Scripting Engine Object Handling
CVSS 7.5
CVE-2018-0777 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2018-0776 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2018-0775 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2018-0774 HIGH
Microsoft Edge - Remote Code Execution via Scripting Engine Memory Corruption
CVSS 7.5
CVE-2018-0773 HIGH
ChakraCore < 1.7.6 - Memory Corruption via Scripting Engine
CVSS 7.5
Details
Vulnerabilities 14,325
Exploit Likelihood High