CWE-787— Out-of-bounds Write
13,440 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-787page 7 of 269
- CVE-2017-13313MEDIUMCVSS 6.5EG 7.52024-11-15
In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional executi…
- CVE-2017-13323HIGHCVSS 7.8EG 8.42024-11-27
In String16 of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in an unprivileged process with no additional execution privileges needed. User interactio…
- CVE-2017-14440HIGHCVSS 8.8EG 8.82018-04-24
An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially cr…
- CVE-2017-14446CRITICALCVSS 9.9EG 9.92018-08-02
An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An …
- CVE-2017-14448HIGHCVSS 8.8EG 8.82018-04-24
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially craft…
- CVE-2017-14876CRITICALCVSS 9.8EG 9.82018-03-30
In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-…
- CVE-2017-15118HIGHCVSS 8.3EG 9.82018-07-27
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bo…
- CVE-2017-15401HIGHCVSS 8.8EG 8.82019-01-09
A memory corruption bug in WebAssembly could lead to out of bounds read and write through V8 in WebAssembly in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- CVE-2017-15407HIGHCVSS 8.8EG 8.82018-08-28
Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.
- CVE-2017-15428HIGHCVSS 8.8EG 8.82019-01-09
Insufficient data validation in V8 builtins string generator could lead to out of bounds read and write access in V8 in Google Chrome prior to 62.0.3202.94 and allowed a remote attacker to execute arbitrary code inside a sandbox via a craf…
- CVE-2017-15710HIGHCVSS 7.5EG 7.52018-03-26
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credent…
- CVE-2017-15832HIGHCVSS 8.4EG 8.42024-11-26
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
- CVE-2017-15859HIGHCVSS 7.5EG 7.52018-03-30
While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android befo…
- CVE-2017-16252HIGHCVSS 8.1EG 6.52018-08-06
Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trig…
- CVE-2017-16253HIGHCVSS 8.1EG 6.52019-03-21
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the Pub…
- CVE-2017-16254HIGHCVSS 8.1EG 6.52019-03-21
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting …
- CVE-2017-16256CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16257CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16258CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16259CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16260CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16261HIGHCVSS 8.8EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16262CRITICALCVSS 9.9EG 8.12023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16263CRITICALCVSS 9.9EG 8.12023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16264CRITICALCVSS 9.9EG 6.52023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16265CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16266CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16267CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16268CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16269CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16270CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16273CRITICALCVSS 9.9EG 9.92023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16281CRITICALCVSS 9.9EG 9.92023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16292CRITICALCVSS 9.9EG 9.92023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16301CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16302CRITICALCVSS 9.9EG 8.82023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16318CRITICALCVSS 9.9EG 9.92023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16326CRITICALCVSS 9.9EG 9.92023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16329CRITICALCVSS 9.9EG 9.92023-01-11
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based …
- CVE-2017-16549HIGHCVSS 7.8EG 7.82018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
- CVE-2017-16551HIGHCVSS 7.0EG 7.02018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
- CVE-2017-16552HIGHCVSS 7.8EG 7.82018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
- CVE-2017-16553HIGHCVSS 7.0EG 7.02018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
- CVE-2017-16554HIGHCVSS 7.8EG 7.82018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.
- CVE-2017-16555HIGHCVSS 7.0EG 7.02018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
- CVE-2017-16557HIGHCVSS 7.0EG 7.02018-01-16
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
- CVE-2017-16747HIGHCVSS 7.8EG 7.82018-03-15
An Out-of-bounds Write issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files may cause the system to write outside the intended buffer area.
- CVE-2017-17137MEDIUMCVSS 5.5EG 5.52018-03-05
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200…
- CVE-2017-17152MEDIUMCVSS 5.9EG 5.92018-02-15
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001…
- CVE-2017-17155HIGHCVSS 7.5EG 7.52018-02-15
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001…
Map vulnerabilities like CWE-787 to your infrastructure
EchelonGraph correlates every CVE — across CWE-787 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →