← Back
CWE-787

14,113 CVEs • Abstraction: Base • Likelihood of Exploit: High

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

JSON object

Loading...

CVEs (14,113)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-10525
1Eclipse
1Mosquitto
Nov 3, 2025
Oct 30, 2024
7.2 HIGH· v4
9.8 CRITICAL· v3
N/A· v2
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_su...Show more
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on_subscribe callback. This affects the mosquitto_sub and mosquitto_rr clients.Show less
CVE-2024-9997
1Autodesk
10Autocad
Autocad Advance SteelAutocad Architecture+7 more
Apr 4, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or...Show more
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-9996
1Autodesk
10Autocad
Autocad Advance SteelAutocad Architecture+7 more
Feb 10, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruptio...Show more
A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2024-9489
1Autodesk
10Autocad
Autocad Advance SteelAutocad Architecture+7 more
Nov 1, 2024
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or ex...Show more
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8600
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive da...Show more
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8599
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive da...Show more
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8598
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive da...Show more
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8597
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive dat...Show more
A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8596
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corr...Show more
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8594
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive da...Show more
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8593
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data...Show more
A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8592
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Nov 1, 2024
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensiti...Show more
A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-8591
1Autodesk
8Autocad
Autocad Advance SteelAutocad Architecture+5 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write se...Show more
A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-7992
1Autodesk
10Autocad
Autocad Advance SteelAutocad Architecture+7 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read s...Show more
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-7991
1Autodesk
10Autocad
Autocad Advance SteelAutocad Architecture+7 more
Apr 11, 2025
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash,...Show more
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.Show less
CVE-2024-10487
1Google
1Chrome
Jan 2, 2025
Oct 29, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
CVE-2024-8587
1Autodesk
8Advance Steel
AutocadAutocad Architecture+5 more
Dec 16, 2024
Oct 29, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sen...Show more
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.Show less
CVE-2024-10467
1Mozilla
2Firefox
Thunderbird
Nov 3, 2025
Oct 29, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited...Show more
Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.Show less
CVE-2024-44237
1Apple
1Macos
Apr 2, 2026
Oct 28, 2024
N/A· v4
5.5 MEDIUM· v3
N/A· v2
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Processing a maliciously crafted file may lead to unexpecte...Show more
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Processing a maliciously crafted file may lead to unexpected app termination.Show less
CVE-2024-44284
1Apple
1Macos
Apr 2, 2026
Oct 28, 2024
N/A· v4
5.5 MEDIUM· v3
N/A· v2
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a maliciously crafted file may lead to an unexpecte...Show more
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination.Show less