CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,938 vulnerabilities with CWE-119
CVE-2026-12222 HIGH
Yealink SIP-T46U Web FastCGI Service bttest mod_webd.BlueToothTest stack-based overflow
CVSS 8.0
CVE-2026-12221 HIGH
Yealink SIP-T46U Firmware Chunk Upload upgrade sprintf stack-based overflow
CVSS 8.0
CVE-2026-12220 HIGH
Yealink SIP-T46U Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload stack-based overflow
CVSS 8.0
CVE-2026-12218 HIGH
Yealink SIP-T46U Web FastCGI Service beforewifitest StartReportInformation stack-based overflow
CVSS 8.0
CVE-2026-12216 MEDIUM
svaarala duktape duk_api_bytecode.c memory corruption
CVSS 5.3
CVE-2026-12200 HIGH
Ritlabs TinyWeb Server Header libeay32.dll.html stack-based overflow
CVSS 7.3
CVE-2026-12193 HIGH
VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow
CVSS 7.8
CVE-2026-12192 HIGH
GALAYOU Y4 Web Server buffer overflow
CVSS 8.8
CVE-2026-12174 HIGH
D-Link DCS-935L HTTP rhea snprintf format string
CVSS 8.8
CVE-2026-0409 MEDIUM
Netgear Orbi 370 Series Remote Code Execution vulnerability
CVE-2026-11623 MEDIUM
tmux image.c image_free use after free
CVSS 4.5
CVE-2026-11557 HIGH
Tenda F451 Web Management Natlimit fromNatlimit stack-based overflow
CVSS 8.8
CVE-2026-11553 HIGH
Tenda HG7HG9/HG10 formPPPEdit stack-based overflow
CVSS 8.8
CVE-2026-11528 HIGH
Tenda AC18 Web Management getRebootStatus sub_45304 stack-based overflow
CVSS 8.8
CVE-2026-11524 HIGH
Tenda W20E Web Management modifyWifiFilterRules stack-based overflow
CVSS 8.8
CVE-2026-11523 HIGH
Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow
CVSS 8.8
CVE-2026-11522 HIGH
Tenda W20E setPortMirror formSetPortMirror stack-based overflow
CVSS 8.8
CVE-2026-11517 HIGH
UTT HiPER 2610G formConfigDnsFilterGlobal strcpy buffer overflow
CVSS 8.8
CVE-2026-11516 MEDIUM
UTT HiPER 2610G formNatStaticMap strcpy buffer overflow
CVSS 5.5
CVE-2026-11504 HIGH
Tenda CX12L Wi-Fi Schedule Configuration Endpoint openSchedWifi setSchedWifi stack-based overflow
CVSS 8.8
CVE-2026-11503 HIGH
Tenda CX12L Wi-Fi Configuration Endpoint fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow
CVSS 8.8
CVE-2026-11499 CRITICAL
Tenda HG7HG9/HG10 formDOMAINBLK stack-based overflow
CVSS 9.8
CVE-2026-11498 HIGH
Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow
CVSS 8.8
CVE-2026-11413 HIGH
JingDong JD Cloud Box AX6600 jdcweb_rpc set_macfilter stack-based overflow
CVSS 8.8
CVE-2026-10904 HIGH
Google Chrome - Arbitrary Code Execution
CVSS 8.8
Details
Vulnerabilities 13,938
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits