Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-788 (在缓冲区结束位置之后访问内存) — Vulnerability Class 140

140 vulnerabilities classified as CWE-788 (在缓冲区结束位置之后访问内存). AI Chinese analysis included.

CWE-788 represents a critical memory safety vulnerability where software accesses memory locations beyond the allocated boundaries of a buffer. This weakness typically arises from improper pointer arithmetic or off-by-one errors during index manipulation, allowing attackers to read sensitive data or write malicious payloads into adjacent memory regions. Exploitation often leads to information disclosure, application crashes, or arbitrary code execution, depending on the memory layout and attacker control. Developers can prevent this by implementing rigorous bounds checking before any memory access, utilizing safe string handling libraries that enforce length limits, and adopting static analysis tools to detect out-of-bounds references during the coding phase. Furthermore, employing memory-safe programming languages or compiler protections like Address Sanitizers helps identify these errors early, ensuring that buffer indices remain strictly within valid limits throughout the application’s lifecycle.

MITRE CWE Description
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer. This typically occurs when a pointer or its index is incremented to a position after the buffer; or when pointer arithmetic results in a position after the buffer.
Common Consequences (3)
ConfidentialityRead Memory
For an out-of-bounds read, the attacker may have access to sensitive information. If the sensitive information contains system details, such as the current buffer's position in memory, this knowledge can be used to craft further attacks, possibly with more severe consequences.
Integrity, AvailabilityModify Memory, DoS: Crash, Exit, or Restart
Out of bounds memory access will very likely result in the corruption of relevant memory, and perhaps instructions, possibly leading to a crash. Other attacks leading to lack of availability are possible, including putting the program into an infinite loop.
IntegrityModify Memory, Execute Unauthorized Code or Commands
If the memory accessible by the attacker can be effectively controlled, it may be possible to execute arbitrary code, as with a standard buffer overflow. If the attacker can overwrite a pointer's worth of memory (usually 32 or 64 bits), they can redirect a function pointer to their own malicious cod…
Examples (2)
This example takes an IP address from a user, verifies that it is well formed and then looks up the hostname and copies it into a buffer.
void host_lookup(char *user_supplied_addr){ struct hostent *hp; in_addr_t *addr; char hostname[64]; in_addr_t inet_addr(const char *cp); /*routine that ensures user_supplied_addr is in the right format for conversion */ validate_addr_form(user_supplied_addr); addr = inet_addr(user_supplied_addr); hp = gethostbyaddr( addr, sizeof(struct in_addr), AF_INET); strcpy(hostname, hp->h_name); }
Bad · C
In the following example, it is possible to request that memcpy move a much larger segment of memory than assumed:
int returnChunkSize(void *) { /* if chunk info is valid, return the size of usable memory, * else, return -1 to indicate an error */ ... } int main() { ... memcpy(destBuf, srcBuf, (returnChunkSize(destBuf)-1)); ... }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2023-20585 Microsoft Input-Output Memory Management Unit 安全漏洞 — AMD EPYC™ 7003 Series Processors 4.6 -2026-04-16
CVE-2026-20052 Cisco Secure Firewall Threat Defense Software Snort 3 Memory Management Denial of Service Vulnerability — Cisco Secure Firewall Threat Defense (FTD) Software 5.8 Medium2026-03-04
CVE-2026-21316 Audition | Access of Memory Location After End of Buffer (CWE-788) — Audition 5.5 Medium2026-02-10
CVE-2025-36581 Dell PowerEdge Platform 14G AMD BIOS 安全漏洞 — PowerEdge 3.8 Low2025-08-14
CVE-2025-43580 Audition | Access of Memory Location After End of Buffer (CWE-788) — Audition 5.5 Medium2025-07-08
CVE-2024-20402 Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 8.6 High2024-10-23
CVE-2024-20330 Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series TCP UDP Snort 2 and Snort 2 Denial of Service Vulnerability — Cisco Firepower Threat Defense Software 8.6 High2024-10-23
CVE-2024-42425 Dell Precision Rack BIOS 安全漏洞 — Dell Precision Rack BIOS 3.8 Low2024-09-10
CVE-2024-38304 Dell PowerEdge Platform 安全漏洞 — PowerEdge Platform 3.8 Low2024-08-29
CVE-2024-21618 Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes — Junos OS 6.5 Medium2024-04-12
CVE-2024-0074 CVE — GPU Display driver, vGPU driver, Cloud Gaming driver 7.1 High2024-03-27
CVE-2024-0173 Dell PowerEdge Server BIOS 和 Dell Precision Rack BIOS 安全漏洞 — PowerEdge Platform 3.8 Low2024-03-13
CVE-2024-0154 Dell PowerEdge Server BIOS 和 Dell Precision Rack BIOS 安全漏洞 — PowerEdge Platform 3.8 Low2024-03-13
CVE-2023-20169 Cisco 多款产品输入验证错误漏洞 — Cisco NX-OS Software 7.4 High2023-08-23
CVE-2023-25506 NVIDIA DGX-1 缓冲区错误漏洞 — NVIDIA DGX servers 7.5 High2023-04-22
CVE-2023-0200 NVIDIA DGX-2 缓冲区错误漏洞 — NVIDIA DGX servers 7.5 High2023-04-22
CVE-2023-0103 CVE-2023-0103 — XBC-DN32U 7.5 High2023-02-15
CVE-2021-42735 Adobe Photoshop Memory Corruption could lead to Arbitrary code execution — Photoshop 7.8 High2022-06-15
CVE-2021-42732 Adobe InDesign crashes when parsing the GIF file — InDesign 7.8 High2022-06-15
CVE-2021-40727 Adobe InDesign crashes when parsing the TIF file — InDesign 7.8 High2022-06-15
CVE-2022-1451 Out-of-bounds Read in r_bin_java_constant_value_attr_new function in radareorg/radare2 — radareorg/radare2 7.1 -2022-04-24
CVE-2021-40735 Adobe Audition Memory Corruption could lead to Arbitrary code execution — Audition 7.8 -2022-03-16
CVE-2021-40738 Adobe Audition WAV file Memory corruption could lead to Arbitrary code execution — Audition 7.8 High2022-03-16
CVE-2021-40734 Adobe Audition Memory Corruption could lead to Arbitrary code execution — Audition 7.8 -2022-03-16
CVE-2021-40740 Adobe Audition Memory Corruption could lead to Arbitrary code execution — Audition 7.8 High2022-03-16
CVE-2021-40741 Adobe Audition Memory Corruption could lead to Application denial-of-service — Audition 5.5 -2022-03-16
CVE-2021-40739 Adobe Audition Memory Corruption could lead to Arbitrary code execution — Audition 7.8 High2022-03-16
CVE-2021-40736 Adobe Audition Memory Corruption could lead to Arbitrary code execution — Audition 7.8 -2022-03-16
CVE-2021-40793 Adobe Premiere Pro WAV file memory corruption vulnerability could lead to arbitrary code execution — Premiere 7.8 High2022-03-16
CVE-2021-40765 Adobe Character Animator Memory Corruption could lead to Arbitrary code execution — Character Animator (Preview 4) 7.8 High2022-03-16

Vulnerabilities classified as CWE-788 (在缓冲区结束位置之后访问内存) represent 140 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.