CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
We have discovered 4,005,210 live websites that are affected by CWE-787.
CVEs
- Count - 25
CWE References
Website Distribution by Country
Number of websites using CWE-787 United States | 1,269,739 websites |
 Russia | 486,946 websites |
 France | 360,532 websites |
 Germany | 260,432 websites |
 China | 174,923 websites |
 Italy | 94,362 websites |
 Netherlands | 91,657 websites |
 GB | 82,443 websites |
 Brazil | 80,721 websites |
 Singapore | 79,062 websites |
Website Distribution by TLD
Number of websites using CWE-787| .com | 1,536,634 websites |
| .ru | 462,396 websites |
| .org | 169,125 websites |
| .de | 132,247 websites |
| .fr | 130,391 websites |
| .net | 128,832 websites |
| .cn | 92,219 websites |
| .it | 80,777 websites |
| .com.br | 71,341 websites |
| .nl | 71,114 websites |
Newest CVEs
List of the most recent CVEs that are part of CWE-787| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Apr, 2025 | CVE-2025-30015 | Memory Corruption vulnerability in SAP NetWeaver and ABAP Platform (Application Server ABAP) | 30 |
| Nov, 2024 | CVE-2024-11236 | Integer overflow in the firebird and dblib quoters causing OOB writes | 325,609 |
| Nov, 2024 | CVE-2024-8932 | OOB access in ldap_escape | 325,609 |
| Nov, 2024 | CVE-2024-49528 | Animate | Out-of-bounds Write (CWE-787) | 212 |
| Jun, 2024 | CVE-2024-37894 | Squid vulnerable to heap corruption in ESI assign | 7,616 |
| May, 2024 | CVE-2024-32760 | NGINX HTTP/3 QUIC vulnerability | 261,463 |
| Mar, 2023 | CVE-2023-25671 | TensorFlow has segmentation fault in tfg-translate | 59 |
| Jan, 2023 | CVE-2006-20001 | Apache HTTP Server: mod_dav out of bounds read, or write of zero byte | 1,156,028 |
| Dec, 2022 | CVE-2022-41902 | Out of bounds write in grappler in Tensorflow | 58 |
| Nov, 2022 | CVE-2022-41900 | FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess in Tensorflow | 58 |
The most widespread CVEs
List of the most common CVEs that are part of CWE-787| Discovered | CVE | Description | Websites |
|---|---|---|---|
| Oct, 2022 | CVE-2022-41741 | NGINX ngx_http_mp4_module vulnerability CVE-2022-41741 | 1,899,430 |
| Oct, 2022 | CVE-2022-41742 | NGINX ngx_http_mp4_module vulnerability CVE-2022-41742 | 1,899,430 |
| Jan, 2023 | CVE-2006-20001 | Apache HTTP Server: mod_dav out of bounds read, or write of zero byte | 1,156,028 |
| Mar, 2022 | CVE-2022-23943 | mod_sed: Read/write beyond bounds | 1,111,470 |
| Dec, 2021 | CVE-2021-44790 | Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier | 978,914 |
| Oct, 2021 | CVE-2021-21703 | PHP-FPM memory access in root process leading to privilege escalation | 467,981 |
| Nov, 2024 | CVE-2024-8932 | OOB access in ldap_escape | 325,609 |
| Nov, 2024 | CVE-2024-11236 | Integer overflow in the firebird and dblib quoters causing OOB writes | 325,609 |
| May, 2024 | CVE-2024-32760 | NGINX HTTP/3 QUIC vulnerability | 261,463 |
| Jun, 2024 | CVE-2024-37894 | Squid vulnerable to heap corruption in ESI assign | 7,616 |
Websites affected by CWE-787
Top websites that are affected by CWE-787. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *******.com | Singapore | *** | |
| ************.org | Singapore | *** | |
| *.me |  British Virgin Islands | *** | |
| ******.de | Germany | *** | |
| ****.******.org | United States | *** | |
| **.*****.com | United States | *** | |
| *************.***.****.****.************.net | United States | *** | |
| ********.me | British Virgin Islands | *** | |
| **********.com | United States | *** | |
| *******.com | United States | *** |