目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-788 在缓冲区结束位置之后访问内存 类漏洞列表 140

CWE-788 在缓冲区结束位置之后访问内存 类弱点 140 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-788是缓冲区后访问漏洞,指程序通过索引或指针访问缓冲区末尾之外的内存区域。攻击者常利用此缺陷读取敏感数据或执行任意代码,导致信息泄露或系统崩溃。开发者应避免此类问题,需严格验证指针算术运算和索引边界,确保访问范围始终在缓冲区合法界限内,并采用安全编码规范进行内存管理。

MITRE CWE 官方描述
CWE:CWE-788 缓冲区结束后的内存位置访问(Access of Memory Location After End of Buffer) 英文:产品使用引用缓冲区结束之后内存位置的索引或指针来读取或写入缓冲区。 这通常发生在指针或其索引被递增到缓冲区之后的位置时;或者当指针算术运算导致位置处于缓冲区之后时。
常见影响 (3)
ConfidentialityRead Memory
For an out-of-bounds read, the attacker may have access to sensitive information. If the sensitive information contains system details, such as the current buffer's position in memory, this knowledge can be used to craft further attacks, possibly with more severe consequences.
Integrity, AvailabilityModify Memory, DoS: Crash, Exit, or Restart
Out of bounds memory access will very likely result in the corruption of relevant memory, and perhaps instructions, possibly leading to a crash. Other attacks leading to lack of availability are possible, including putting the program into an infinite loop.
IntegrityModify Memory, Execute Unauthorized Code or Commands
If the memory accessible by the attacker can be effectively controlled, it may be possible to execute arbitrary code, as with a standard buffer overflow. If the attacker can overwrite a pointer's worth of memory (usually 32 or 64 bits), they can redirect a function pointer to their own malicious cod…
代码示例 (2)
This example takes an IP address from a user, verifies that it is well formed and then looks up the hostname and copies it into a buffer.
void host_lookup(char *user_supplied_addr){ struct hostent *hp; in_addr_t *addr; char hostname[64]; in_addr_t inet_addr(const char *cp); /*routine that ensures user_supplied_addr is in the right format for conversion */ validate_addr_form(user_supplied_addr); addr = inet_addr(user_supplied_addr); hp = gethostbyaddr( addr, sizeof(struct in_addr), AF_INET); strcpy(hostname, hp->h_name); }
Bad · C
In the following example, it is possible to request that memcpy move a much larger segment of memory than assumed:
int returnChunkSize(void *) { /* if chunk info is valid, return the size of usable memory, * else, return -1 to indicate an error */ ... } int main() { ... memcpy(destBuf, srcBuf, (returnChunkSize(destBuf)-1)); ... }
Bad · C
CVE ID标题CVSS风险等级Published
CVE-2023-20585 Microsoft Input-Output Memory Management Unit 安全漏洞 — AMD EPYC™ 7003 Series Processors 4.6 -2026-04-16
CVE-2026-20052 Cisco Secure Firewall Threat Defense 安全漏洞 — Cisco Secure Firewall Threat Defense (FTD) Software 5.8 Medium2026-03-04
CVE-2026-21316 Adobe Audition 安全漏洞 — Audition 5.5 Medium2026-02-10
CVE-2025-36581 Dell PowerEdge Platform 14G AMD BIOS 安全漏洞 — PowerEdge 3.8 Low2025-08-14
CVE-2025-43580 Adobe Audition 安全漏洞 — Audition 5.5 Medium2025-07-08
CVE-2024-20402 Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 8.6 High2024-10-23
CVE-2024-20330 Cisco Firepower Threat Defense 安全漏洞 — Cisco Firepower Threat Defense Software 8.6 High2024-10-23
CVE-2024-42425 Dell Precision Rack BIOS 安全漏洞 — Dell Precision Rack BIOS 3.8 Low2024-09-10
CVE-2024-38304 Dell PowerEdge Platform 安全漏洞 — PowerEdge Platform 3.8 Low2024-08-29
CVE-2024-21618 Juniper Networks Junos OS 安全漏洞 — Junos OS 6.5 Medium2024-04-12
CVE-2024-0074 NVIDIA GPU Display Driver 安全漏洞 — GPU Display driver, vGPU driver, Cloud Gaming driver 7.1 High2024-03-27
CVE-2024-0173 Dell PowerEdge Server BIOS 和 Dell Precision Rack BIOS 安全漏洞 — PowerEdge Platform 3.8 Low2024-03-13
CVE-2024-0154 Dell PowerEdge Server BIOS 和 Dell Precision Rack BIOS 安全漏洞 — PowerEdge Platform 3.8 Low2024-03-13
CVE-2023-20169 Cisco 多款产品输入验证错误漏洞 — Cisco NX-OS Software 7.4 High2023-08-23
CVE-2023-25506 NVIDIA DGX-1 缓冲区错误漏洞 — NVIDIA DGX servers 7.5 High2023-04-22
CVE-2023-0200 NVIDIA DGX-2 缓冲区错误漏洞 — NVIDIA DGX servers 7.5 High2023-04-22
CVE-2023-0103 LS ELECTRIC XBC-DN32U 安全漏洞 — XBC-DN32U 7.5 High2023-02-15
CVE-2021-42735 Adobe Photoshop 缓冲区错误漏洞 — Photoshop 7.8 High2022-06-15
CVE-2021-42732 Adobe InDesign 缓冲区错误漏洞 — InDesign 7.8 High2022-06-15
CVE-2021-40727 Adobe InDesign 安全漏洞 — InDesign 7.8 High2022-06-15
CVE-2022-1451 radare2 缓冲区错误漏洞 — radareorg/radare2 7.1 -2022-04-24
CVE-2021-40735 Adobe Audition 缓冲区错误漏洞 — Audition 7.8 -2022-03-16
CVE-2021-40738 Adobe Audition 缓冲区错误漏洞 — Audition 7.8 High2022-03-16
CVE-2021-40734 Adobe Audition 缓冲区错误漏洞 — Audition 7.8 -2022-03-16
CVE-2021-40740 Adobe Audition 缓冲区错误漏洞 — Audition 7.8 High2022-03-16
CVE-2021-40741 Adobe Audition 安全漏洞 — Audition 5.5 -2022-03-16
CVE-2021-40739 Adobe Audition 缓冲区错误漏洞 — Audition 7.8 High2022-03-16
CVE-2021-40736 Adobe Audition 缓冲区错误漏洞 — Audition 7.8 -2022-03-16
CVE-2021-40793 Adobe Premiere Pro 缓冲区错误漏洞 — Premiere 7.8 High2022-03-16
CVE-2021-40765 Adobe Character Animator 缓冲区错误漏洞 — Character Animator (Preview 4) 7.8 High2022-03-16

CWE-788(在缓冲区结束位置之后访问内存) 是常见的弱点类别,本平台收录该类弱点关联的 140 条 CVE 漏洞。