CWE-119

High likelihood

Improper Restriction of Operations within the Bounds of a Memory Buffer

Parent: CWE-118 - Incorrect Access of Indexable Resource ('Range Error')

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

13,986 vulnerabilities with CWE-119
CVE-2019-8195 CRITICAL
Adobe Acrobat and Reader DC < 15.006.30504, 15.008.20082-19.021.20047 - Untrusted Pointer Dereference
CVSS 9.8
CVE-2019-8174 HIGH
Adobe Acrobat and Reader DC < 15.006.30504, 15.008.20082-19.021.20047 - Arbitrary Code Execution
CVSS 8.8
CVE-2019-15252 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15251 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15250 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15249 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15248 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15247 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15246 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15245 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15244 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15243 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15242 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15241 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-15240 HIGH
Cisco SPA100 Series Firmware - Authenticated Remote Code Execution via Web Management Interface
CVSS 8.0
CVE-2019-14569 HIGH
Intel(R) NUC - Privilege Escalation
CVSS 7.8
CVE-2019-17320 CRITICAL
NetSarang XFTP Client < 6.0149 - Buffer Overflow via Crafted FTP Filename
CVSS 9.8
CVE-2019-5699 HIGH
NVIDIA Shield Experience < 8.0.1 - Buffer Overflow in Tegra Bootloader
CVSS 7.8
CVE-2019-12688 HIGH
Cisco Firepower Management Center - Authenticated Remote Code Execution via Web UI Input
CVSS 8.8
CVE-2019-12687 HIGH
Cisco Secure Firewall Management Center - Authenticated Remote Code Execution via Web UI Input
CVSS 8.8
CVE-2019-12673 HIGH
Cisco ASA <9.6.4.34, >=9.7 <9.8.4.10 & FTD <6.3.0.5 - DoS via FTP Inspection
CVSS 7.5
CVE-2019-11929 CRITICAL
HHVM <3.30.10, <4.8.5, <4.18.2, <4.19.0-4.20.2 - RCE
CVSS 9.8
CVE-2019-2191 MEDIUM
Android - Local Information Disclosure via LG LAF Component
CVSS 4.3
CVE-2019-2190 MEDIUM
Android - Local Information Disclosure via LG LAF Component Bounds Check Bypass
CVSS 4.3
CVE-2019-10978 HIGH
Red Lion Crimson < 3.0 and 3.1 < 3112.00 - Memory Corruption via Malicious Input File
CVSS 7.8
Details
Vulnerabilities 13,986
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits