目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-124 缓冲区下溢 类漏洞列表 29

CWE-124 缓冲区下溢 类弱点 29 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-124 缓冲区下溢是一种内存破坏漏洞,指程序通过索引或指针向缓冲区起始地址之前的内存位置写入数据。攻击者利用此缺陷可覆盖关键数据结构或控制流信息,从而引发程序崩溃或执行任意代码。开发者应避免使用未经验证的负索引,实施严格的边界检查,并采用支持自动内存安全检测的现代编程语言或库,以从根本上防止此类越界写入行为。

MITRE CWE 官方描述
CWE:CWE-124 缓冲区下溢(Buffer Underwrite ('Buffer Underflow')) 英文:产品使用引用缓冲区起始位置之前内存位置的索引或指针向缓冲区写入数据。
常见影响 (3)
Integrity, AvailabilityModify Memory, DoS: Crash, Exit, or Restart
Out of bounds memory access will very likely result in the corruption of relevant memory, and perhaps instructions, possibly leading to a crash.
Integrity, Confidentiality, Availability, Access Control, OtherExecute Unauthorized Code or Commands, Modify Memory, Bypass Protection Mechanism, Other
If the corrupted memory can be effectively controlled, it may be possible to execute arbitrary code. If the corrupted memory is data rather than instructions, the system will continue to function with improper changes, possibly in violation of an implicit or explicit policy. The consequences would o…
Access Control, OtherBypass Protection Mechanism, Other
When the consequence is arbitrary code execution, this can often be used to subvert any other security service.
缓解措施 (2)
RequirementsChoose a language that is not susceptible to these issues.
ImplementationAll calculated values that are used as index or for pointer arithmetic should be validated to ensure that they are within an expected range.
代码示例 (2)
In the following C/C++ example, a utility function is used to trim trailing whitespace from a character string. The function copies the input string to a local character string and uses a while statement to remove the trailing whitespace by moving backward through the string and overwriting whitespace with a NUL character.
char* trimTrailingWhitespace(char *strMessage, int length) { char *retMessage; char *message = malloc(sizeof(char)*(length+1)); // copy input string to a temporary string char message[length+1]; int index; for (index = 0; index < length; index++) { message[index] = strMessage[index]; } message[index] = '\0'; // trim trailing whitespace int len = index-1; while (isspace(message[len])) { message[len] = '\0'; len--; } // return string without trailing whitespace retMessage = message; return retMessage; }
Bad · C
The following is an example of code that may result in a buffer underwrite. This code is attempting to replace the substring "Replace Me" in destBuf with the string stored in srcBuf. It does so by using the function strstr(), which returns a pointer to the found substring in destBuf. Using pointer arithmetic, the starting index of the substring is found.
int main() { ... char *result = strstr(destBuf, "Replace Me"); int idx = result - destBuf; strcpy(&destBuf[idx], srcBuf); ... }
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2026-41499 Wazuh 安全漏洞 — wazuh 6.5 Medium2026-04-29
CVE-2026-26204 Wazuh 安全漏洞 — wazuh 4.4 Medium2026-04-29
CVE-2026-0966 libssh 安全漏洞 — Red Hat Hardened Images 7.5AIHighAI2026-03-26
CVE-2026-20104 Cisco多款产品 安全漏洞 — Cisco IOS XE Software 6.1 Medium2026-03-25
CVE-2026-28419 Vim 安全漏洞 — vim 5.3 Medium2026-02-27
CVE-2024-36310 AMD多款产品 安全漏洞 — AMD EPYC™ 9004 Series Processors 6.7AIMediumAI2026-02-10
CVE-2026-1485 glib 缓冲区错误漏洞 — Red Hat Enterprise Linux 10 2.8 Low2026-01-27
CVE-2025-68114 Capstone 安全漏洞 — capstone 4.8 Medium2025-12-17
CVE-2025-62786 Wazuh 安全漏洞 — wazuh 9.8AICriticalAI2025-10-29
CVE-2025-61690 KEYENCE KV STUDIO 安全漏洞 — KV STUDIO 7.8 High2025-10-02
CVE-2025-53101 ImageMagick 安全漏洞 — ImageMagick 7.4 High2025-07-14
CVE-2025-20695 MediaTek Chipsets 安全漏洞 — MT6639, MT6653, MT6985, MT6989, MT6990, MT6991, MT7925, MT7927, MT8196, MT8678, MT8796 6.5AIMediumAI2025-07-08
CVE-2025-20694 MediaTek Chipsets 安全漏洞 — MT2718, MT6639, MT6653, MT6985, MT6989, MT6990, MT6991, MT7925, MT7927, MT8113, MT8115, MT8127, MT8163, MT8168, MT8169, MT8173, MT8183, MT8186, MT8188, MT8195, MT8196, MT8370, MT8390, MT8391, MT8395, MT8512, MT8516, MT8519, MT8676, MT8678, MT8695, MT8696, MT8698, MT8786, MT8792, MT8796, MT8893 6.5 -2025-07-08
CVE-2025-4373 glib 安全漏洞 4.8 Medium2025-05-06
CVE-2023-25610 Fortinet FortiOS和FortiProxy 安全漏洞 — FortiSwitchManager 9.3 Critical2025-03-24
CVE-2025-27440 Zoom Workplace 安全漏洞 — Zoom Workplace Apps 8.5 High2025-03-11
CVE-2025-27439 Zoom Workplace 安全漏洞 — Zoom Workplace Apps 8.5 High2025-03-11
CVE-2020-9086 Huawei 4G Router B612安全漏洞 — HUAWEI 4G Router B612 4.3 Medium2024-12-27
CVE-2024-52990 Adobe Animate 安全漏洞 — Animate 7.8 High2024-12-10
CVE-2023-48230 capnproto 安全漏洞 — capnproto 5.9 Medium2023-11-21
CVE-2023-32614 Accusoft ImageGear 缓冲区错误漏洞 — ImageGear 7.0 High2023-09-25
CVE-2023-31130 c-ares 缓冲区错误漏洞 — c-ares 4.1 Medium2023-05-25
CVE-2022-33896 Hancom Office 安全漏洞 — Hancom Office 2020 7.8 -2022-10-07
CVE-2022-20683 Cisco IOS XE Software缓冲区错误漏洞 — Cisco IOS XE Software 8.6 High2022-04-15
CVE-2021-38578 Tianocore Edk2 缓冲区错误漏洞 — EDK II 7.4 High2022-03-03
CVE-2021-38575 Tianocore Edk2 缓冲区错误漏洞 — EDK II 8.1 -2021-12-01
CVE-2021-36064 Adobe XMP Toolkit SDK 安全漏洞 — XMP Toolkit 7.8 High2021-09-01
CVE-2018-15361 UltraVNC 缓冲区错误漏洞 — UltraVNC 9.8 -2019-03-05
CVE-2018-5388 strongSwan 缓冲区错误漏洞 — strongSwan 6.5 -2018-05-31

CWE-124(缓冲区下溢) 是常见的弱点类别,本平台收录该类弱点关联的 29 条 CVE 漏洞。