CWE · MITRE source
CWE-788Access of Memory Location After End of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location after the end of the buffer.
This typically occurs when a pointer or its index is incremented to a position after the buffer; or when pointer arithmetic results in a position after the buffer.
Last updated: 09 May 2026 03:25 UTC
NIST 800-53 r5 controls that address this weakness (0)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
| No NIST controls proposed yet. | |||
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2019-8264 | 2.1 | 9.8 | 0.0164 | 2019-03-08 |
CVE-2019-8265 | 2.1 | 9.8 | 0.0164 | 2019-03-08 |
CVE-2019-8280 | 2.1 | 9.8 | 0.0164 | 2019-03-08 |
CVE-2021-42725 | 2.1 | 7.8 | 0.0865 | 2021-11-16 |
CVE-2019-8266 | 2.0 | 9.8 | 0.0126 | 2019-03-08 |
CVE-2020-24412 | 2.0 | 7.8 | 0.0665 | 2020-10-20 |
CVE-2020-24413 | 2.0 | 7.8 | 0.0665 | 2020-10-20 |
CVE-2020-24414 | 2.0 | 7.8 | 0.0665 | 2020-10-20 |
CVE-2020-24415 | 2.0 | 7.8 | 0.0665 | 2020-10-20 |
CVE-2021-27384 | 2.0 | 9.8 | 0.0143 | 2021-05-12 |
CVE-2021-21104 | 2.0 | 8.8 | 0.0382 | 2021-09-08 |
CVE-2021-21105 | 2.0 | 8.8 | 0.0442 | 2021-09-08 |
CVE-2021-40783 | 2.0 | 7.8 | 0.0656 | 2021-12-20 |
CVE-2021-40784 | 2.0 | 7.8 | 0.0656 | 2021-12-20 |
CVE-2021-39830 | 1.9 | 7.8 | 0.0505 | 2021-09-29 |
CVE-2021-39832 | 1.9 | 7.8 | 0.0505 | 2021-09-29 |
CVE-2021-40770 | 1.9 | 7.8 | 0.0494 | 2021-11-22 |
CVE-2021-40771 | 1.9 | 7.8 | 0.0494 | 2021-11-22 |
CVE-2021-40772 | 1.9 | 7.8 | 0.0494 | 2021-11-22 |
CVE-2021-40775 | 1.9 | 7.8 | 0.0494 | 2021-11-22 |
CVE-2021-42724 | 1.9 | 7.8 | 0.0508 | 2022-03-16 |
CVE-2021-42729 | 1.9 | 7.8 | 0.0508 | 2022-03-16 |
CVE-2021-42730 | 1.9 | 7.8 | 0.0508 | 2022-03-16 |
CVE-2020-9727 | 1.8 | 7.8 | 0.0388 | 2020-09-10 |
CVE-2020-9728 | 1.8 | 7.8 | 0.0388 | 2020-09-10 |